Vulnerability Summary for the Week of January 31, 2011

Released
Feb 07, 2011
Document ID
SB11-038

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 



High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublished CVSS ScoreSource & Patch Info
automatedsolutions -- modbus/tcp_master_opc_serverHeap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.2011-01-287.6CVE-2010-4709
CERT-VN
VUPEN
MISC
BID
EXPLOIT-DB
SECUNIA
CONFIRM
cisco -- iosUnspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different vulnerability than CVE-2011-0350.2011-01-287.8CVE-2011-0349
XF
VUPEN
BID
CISCO
SECTRACK
SECUNIA
OSVDB
cisco -- iosUnspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth41891, a different vulnerability than CVE-2011-0349.2011-01-287.8CVE-2011-0350
XF
VUPEN
BID
CISCO
SECTRACK
SECUNIA
OSVDB
cisco -- webex_advanced_recording_format_playerMultiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044.2011-02-029.3CVE-2010-3041
XF
BID
MISC
CISCO
CONFIRM
SECTRACK
cisco -- webex_advanced_recording_format_playerMultiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044.2011-02-029.3CVE-2010-3042
CISCO
CONFIRM
XF
BID
SECTRACK
cisco -- webex_advanced_recording_format_playerMultiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044.2011-02-029.3CVE-2010-3043
XF
BID
CISCO
CONFIRM
SECTRACK
cisco -- webex_advanced_recording_format_playerMultiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043.2011-02-029.3CVE-2010-3044
CISCO
CONFIRM
XF
BID
MISC
SECTRACK
cisco -- webex_advanced_recording_format_playerMultiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism.2011-02-029.3CVE-2010-3269
MISC
CISCO
CONFIRM
XF
VUPEN
BID
BUGTRAQ
SECTRACK
cisco -- tandberg_endpointThe default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method.2011-02-0310.0CVE-2011-0354
CERT-VN
BID
EXPLOIT-DB
CISCO
CONFIRM
SECTRACK
SECUNIA
harmistechnology -- com_jeautoSQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page.2011-02-017.5CVE-2010-4720
BID
CONFIRM
SECUNIA
OSVDB
hp -- openview_storage_data_protectorUnspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors.2011-01-287.1CVE-2011-0275
XF
VUPEN
BID
SECTRACK
SECUNIA
OSVDB
HP
HP
hp -- openview_performance_insightHP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.2011-02-0110.0CVE-2011-0276
XF
MISC
VUPEN
SECTRACK
BID
BUGTRAQ
SECUNIA
HP
HP
ibm -- db2Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors.2011-02-017.5CVE-2011-0731
BID
OSVDB
AIXAPAR
AIXAPAR
AIXAPAR
SECUNIA
ibm -- tivoli_common_reportingMultiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal defects and APARs."2011-02-0110.0CVE-2011-0732
AIXAPAR
SECUNIA
icon-labs -- iconfidant_ssl_serverBuffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value.2011-01-287.5CVE-2011-0651
XF
MISC
BID
SECUNIA
OSVDB
isc -- dhcpThe DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.2011-01-317.8CVE-2011-0413
CERT-VN
XF
VUPEN
VUPEN
BID
OSVDB
CONFIRM
SECTRACK
SECUNIA
SECUNIA
SECUNIA
FEDORA
maradns -- maradnsThe compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow.2011-01-287.5CVE-2011-0520
XF
BID
MLIST
MLIST
SECUNIA
OSVDB
CONFIRM
mediawiki -- mediawikiMultiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly Novell Netware, allow remote attackers to include and execute arbitrary local PHP files via vectors related to a crafted language file and the Language::factory function.2011-02-037.5CVE-2011-0537
MLIST
MISC
CONFIRM
VUPEN
MLIST
MLIST
mhproducts -- immo_maklerSQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter.2011-02-017.5CVE-2010-4721
OSVDB
EXPLOIT-DB
SECUNIA
modxcms -- evolutionSQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch.2011-02-017.5CVE-2010-3929
XF
CONFIRM
JVNDB
JVN
mozilla -- bugzillaBugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to arbitrary accounts via unspecified vectors, related to an insufficient number of calls to the srand function.2011-01-287.5CVE-2010-4568
CONFIRM
CONFIRM
CONFIRM
XF
VUPEN
BID
CONFIRM
SECUNIA
OSVDB
novell -- groupwiseBuffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.2011-01-2810.0CVE-2010-4325
CONFIRM
XF
MISC
VUPEN
BID
BUGTRAQ
CONFIRM
SECUNIA
OSVDB
novell -- groupwiseMultiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message.2011-01-2810.0CVE-2010-4326
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
MISC
XF
MISC
VUPEN
BID
CONFIRM
CONFIRM
novell -- groupwiseStack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command.2011-01-289.0CVE-2010-2777
CONFIRM
MISC
CONFIRM
novell -- groupwiseDouble free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.2011-01-317.5CVE-2010-4711
CONFIRM
MISC
CONFIRM
CONFIRM
novell -- groupwiseMultiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data.2011-01-3110.0CVE-2010-4712
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
CONFIRM
CONFIRM
novell -- groupwiseInteger signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.2011-01-3110.0CVE-2010-4713
CONFIRM
MISC
CONFIRM
CONFIRM
novell -- groupwiseMultiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.2011-01-3110.0CVE-2010-4714
CONFIRM
MISC
CONFIRM
CONFIRM
novell -- zenworks_handheld_managementBuffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400.2011-02-0110.0CVE-2011-0742
XF
MISC
VUPEN
SECTRACK
BID
BUGTRAQ
CONFIRM
MISC
SECUNIA
OSVDB
openvas -- openvas_managerThe email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA).2011-01-289.0CVE-2011-0018
CONFIRM
XF
VUPEN
BID
BUGTRAQ
EXPLOIT-DB
SECUNIA
OSVDB
opera -- opera_browserThe downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file.2011-01-317.6CVE-2011-0450
CONFIRM
CONFIRM
OSVDB
JVNDB
JVN
opera -- opera_browserOpera before 11.01 does not properly handle large form inputs, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.2011-01-319.3CVE-2011-0682
CONFIRM
CONFIRM
CONFIRM
CONFIRM
opera -- opera_browserOpera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient access to local files to use these files as page resources, and consequently obtain potentially sensitive information from the contents of the files, via an unknown response manipulation.2011-01-317.8CVE-2011-0684
CONFIRM
CONFIRM
CONFIRM
CONFIRM
OSVDB
plone -- ploneUnspecified vulnerability in Plone 2.5 through 4.0 allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.2011-02-037.5CVE-2011-0720
XF
BID
SECUNIA
CONFIRM
OSVDB
realnetworks -- realplayerHeap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.2011-01-319.3CVE-2010-4393
XF
MISC
VUPEN
BID
CONFIRM
SECTRACK
SECUNIA
OSVDB
smarty -- smartyMultiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 have unknown impact and attack vectors.2011-02-0310.0CVE-2009-5052
CONFIRM
smarty -- smartyUnspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file.2011-02-037.5CVE-2009-5053
CONFIRM
smarty -- smartySmarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations.2011-02-037.5CVE-2009-5054
CONFIRM
smarty -- smartyUnspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors.2011-02-0310.0CVE-2010-4722
CONFIRM
smarty -- smartySmarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors.2011-02-039.3CVE-2010-4723
CONFIRM
smarty -- smartyMultiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack vectors.2011-02-0310.0CVE-2010-4724
CONFIRM
smarty -- smartySmarty before 3.0.0 RC3 does not properly handle an on value of the asp_tags option in the php.ini file, which has unspecified impact and remote attack vectors.2011-02-0310.0CVE-2010-4725
CONFIRM
smarty -- smartyUnspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors. NOTE: this might overlap CVE-2009-1669.2011-02-0310.0CVE-2010-4726
CONFIRM
smarty -- smartySmarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors.2011-02-0310.0CVE-2010-4727
CONFIRM
sun -- openoffice.orgMultiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files.2011-01-289.3CVE-2010-3450
CONFIRM
VUPEN
VUPEN
SECTRACK
BID
REDHAT
REDHAT
CONFIRM
DEBIAN
UBUNTU
SECUNIA
SECUNIA
SECUNIA
SECUNIA
OSVDB
sun -- openoffice.orgUse-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document.2011-01-289.3CVE-2010-3451
CONFIRM
XF
VUPEN
VUPEN
SECTRACK
BID
REDHAT
REDHAT
CONFIRM
DEBIAN
MISC
UBUNTU
SECUNIA
SECUNIA
SECUNIA
SECUNIA
OSVDB
sun -- openoffice.orgUse-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document.2011-01-289.3CVE-2010-3452
CONFIRM
XF
VUPEN
VUPEN
SECTRACK
BID
REDHAT
REDHAT
CONFIRM
DEBIAN
MISC
UBUNTU
SECUNIA
SECUNIA
SECUNIA
SECUNIA
OSVDB
sun -- openoffice.orgThe WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write.2011-01-289.3CVE-2010-3453
CONFIRM
VUPEN
VUPEN
SECTRACK
BID
REDHAT
REDHAT
CONFIRM
DEBIAN
MISC
UBUNTU
SECUNIA
SECUNIA
SECUNIA
SECUNIA
OSVDB
sun -- openoffice.orgMultiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.2011-01-289.3CVE-2010-3454
CONFIRM
VUPEN
VUPEN
SECTRACK
BID
REDHAT
REDHAT
CONFIRM
DEBIAN
MISC
UBUNTU
SECUNIA
SECUNIA
SECUNIA
SECUNIA
OSVDB
sun -- openoffice.orgHeap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document.2011-01-289.3CVE-2010-4253
CONFIRM
VUPEN
VUPEN
SECTRACK
BID
REDHAT
CONFIRM
DEBIAN
UBUNTU
SECUNIA
SECUNIA
SECUNIA
OSVDB
sun -- openoffice.orgHeap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document.2011-01-289.3CVE-2010-4643
CONFIRM
VUPEN
VUPEN
SECTRACK
BID
REDHAT
REDHAT
CONFIRM
DEBIAN
UBUNTU
SECUNIA
SECUNIA
SECUNIA
SECUNIA
symantec -- antivirusMultiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.2011-01-319.3CVE-2010-0110
XF
MISC
MISC
MISC
MISC
VUPEN
CONFIRM
BID
SECTRACK
SECUNIA
SECUNIA
symantec -- antivirusHDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.2011-01-319.3CVE-2010-0111
XF
XF
MISC
VUPEN
CONFIRM
BID
SECTRACK
SECUNIA
SECUNIA
symantec -- antivirusIntel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.2011-01-319.3CVE-2011-0688
XF
VUPEN
CONFIRM
BID
SECTRACK
SECUNIA
symantec -- im_managerEval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.2011-02-018.5CVE-2010-3719
XF
MISC
VUPEN
CONFIRM
BID
BUGTRAQ
SECUNIA
tibco -- enterprise_message_serviceMultiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), and (3) Rendezvous Secure Routing Daemon (rvsrd).2011-02-037.2CVE-2011-0649
CONFIRM
BID
SECUNIA
SECUNIA

Back to top


Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublished CVSS ScoreSource & Patch Info
adobe -- coldfusionCross-site scripting (XSS) vulnerability in Adobe ColdFusion, possibly before 9.0.1 CHF1, allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file.2011-02-014.3CVE-2011-0733
MISC
SECTRACK
FULLDISC
adobe -- coldfusionCross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body" attack.2011-02-014.3CVE-2011-0734
MISC
SECTRACK
FULLDISC
adobe -- coldfusionCross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a "tag script."2011-02-014.3CVE-2011-0735
MISC
FULLDISC
adobe -- coldfusionAdobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file.2011-02-014.3CVE-2011-0736
MISC
FULLDISC
adobe -- coldfusionAdobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message.2011-02-015.0CVE-2011-0737
MISC
FULLDISC
apache -- couchdbMultiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.2011-02-014.3CVE-2010-3854
XF
VUPEN
SECTRACK
BID
BUGTRAQ
SECUNIA
OSVDB
MLIST
balabit -- syslog-ngBalabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.2011-01-286.9CVE-2011-0343
CONFIRM
BUGTRAQ
cisco -- iosCisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917.2011-01-286.4CVE-2011-0348
XF
VUPEN
BID
CISCO
SECTRACK
SECUNIA
OSVDB
cisco -- webex_meeting_centerStack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed.2011-02-026.8CVE-2010-3270
VUPEN
BID
BUGTRAQ
MISC
CONFIRM
SECTRACK
emc -- networkerlibrpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.2011-02-016.4CVE-2011-0321
XF
VUPEN
BID
OSVDB
SECTRACK
SECUNIA
CONFIRM
BUGTRAQ
exim -- eximThe open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.2011-02-016.9CVE-2011-0017
MLIST
XF
VUPEN
VUPEN
BID
DEBIAN
SECUNIA
SECUNIA
OSVDB
CONFIRM
fxwebdesign -- com_jradioDirectory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.2011-02-015.0CVE-2010-4719
XF
BID
CONFIRM
EXPLOIT-DB
SECUNIA
MISC
globus -- globus_toolkitMyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote attackers to spoof the server and conduct man-in-the-middle (MITM) attacks via a crafted certificate when executing (a) myproxy-logon or (b) myproxy-get-delegation.2011-02-014.3CVE-2011-0738
MLIST
XF
BID
SECUNIA
SECUNIA
OSVDB
FEDORA
FEDORA
MISC
google -- androiddata/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service.2011-01-315.0CVE-2011-0680
MISC
CONFIRM
CONFIRM
MISC
CONFIRM
BID
MISC
MISC
MISC
MISC
MISC
greenbone -- security_assistantCross-site request forgery (CSRF) vulnerability in Greenbone Security Assistant (GSA) allows remote attackers to hijack the authentication of users for requests that send email via an OMP request to OpenVAS Manager. NOTE: this issue can be leveraged to bypass authentication requirements for exploiting CVE-2011-0018.2011-01-286.8CVE-2011-0650
XF
BUGTRAQ
ibm -- websphere_portalIBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."2011-01-285.0CVE-2011-0679
VUPEN
BID
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR
AIXAPAR
SECUNIA
OSVDB
ibm -- db2IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority.2011-02-026.5CVE-2011-0757
XF
BID
CONFIRM
AIXAPAR
AIXAPAR
AIXAPAR
CONFIRM
CONFIRM
CONFIRM
SECUNIA
janrain -- janrain_engage_moduleJanrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks and possibly execute arbitrary PHP code by causing a crafted avatar to be downloaded from an external login provider site.2011-02-036.8CVE-2011-0771
BID
CONFIRM
XF
XF
SECUNIA
OSVDB
linux -- kernelThe dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value.2011-02-026.9CVE-2011-0521
MLIST
MLIST
CONFIRM
XF
BID
CONFIRM
SECUNIA
lockon -- ec-cubeMultiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl and (2) data/Smarty/templates/default/campaign/bloc/cart_tag.tpl in EC-CUBE before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.2011-02-034.3CVE-2011-0451
CONFIRM
XF
BID
CONFIRM
SECUNIA
JVNDB
JVN
lomtec -- activewebUnrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm.2011-01-286.8CVE-2011-0678
CERT-VN
VUPEN
BID
MISC
SECUNIA
OSVDB
lyften -- com_lyftenbloggieMultiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php.2011-02-014.3CVE-2010-4718
BID
SECUNIA
MISC
mediawiki -- mediawikiCross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."2011-02-034.3CVE-2011-0047
MLIST
CONFIRM
VUPEN
BID
SECUNIA
microsoft -- windows_2003_serverThe MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer.2011-01-314.3CVE-2011-0096
CERT-VN
XF
VUPEN
SECTRACK
CONFIRM
EXPLOIT-DB
MISC
SECUNIA
OSVDB
CONFIRM
CONFIRM
mikel_lindsaar -- mailThe deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address.2011-02-016.8CVE-2011-0739
MISC
CONFIRM
XF
VUPEN
BID
SECUNIA
OSVDB
mj2 -- majordomo_2Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface.2011-02-035.0CVE-2011-0049
CONFIRM
CONFIRM
CONFIRM
MISC
XF
BID
BUGTRAQ
EXPLOIT-DB
SECUNIA
modxcms -- evolutionDirectory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE-2010-1427.2011-02-015.0CVE-2010-3930
CONFIRM
JVNDB
JVN
modxcms -- evolutionMultiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) installer or (2) image editor.2011-02-014.3CVE-2011-0741
CONFIRM
mozilla -- bugzillaBugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the URL (aka bug_file_loc) field.2011-01-284.3CVE-2010-4567
CONFIRM
XF
VUPEN
BID
CONFIRM
SECUNIA
OSVDB
mozilla -- bugzillaCross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI.2011-01-284.3CVE-2010-4569
CONFIRM
MISC
MISC
VUPEN
BID
CONFIRM
OSVDB
mozilla -- bugzillaCross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI.2011-01-284.3CVE-2010-4570
CONFIRM
MISC
MISC
VUPEN
BID
CONFIRM
mozilla -- bugzillaCRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the query string, a different vulnerability than CVE-2010-2761 and CVE-2010-4411.2011-01-284.3CVE-2010-4572
CONFIRM
VUPEN
BID
CONFIRM
SECUNIA
mozilla -- bugzillaMultiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi.2011-01-286.8CVE-2011-0046
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
XF
VUPEN
BID
CONFIRM
SECUNIA
OSVDB
OSVDB
OSVDB
OSVDB
OSVDB
OSVDB
mozilla -- bugzillaBugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: URI in the URL (aka bug_file_loc) field, which allows remote attackers to conduct cross-site scripting (XSS) attacks against logged-out users via a crafted URI.2011-01-284.3CVE-2011-0048
CONFIRM
XF
VUPEN
BID
CONFIRM
SECUNIA
OSVDB
novell -- groupwiseCross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."2011-01-284.3CVE-2010-2778
CONFIRM
MISC
CONFIRM
novell -- groupwiseCross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."2011-01-284.3CVE-2010-2779
CONFIRM
MISC
CONFIRM
novell -- groupwiseMultiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information.2011-01-315.0CVE-2010-4715
CONFIRM
CONFIRM
CONFIRM
CONFIRM
SECUNIA
novell -- groupwiseCross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2011-01-314.3CVE-2010-4716
CONFIRM
CONFIRM
CONFIRM
novell -- groupwiseMultiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command.2011-01-316.5CVE-2010-4717
CONFIRM
MISC
CONFIRM
CONFIRM
opera -- opera_browserThe Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL.2011-01-314.3CVE-2011-0681
CONFIRM
CONFIRM
CONFIRM
OSVDB
opera -- opera_browserOpera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.2011-01-314.3CVE-2011-0683
CONFIRM
CONFIRM
CONFIRM
CONFIRM
OSVDB
opera -- opera_browserUnspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by vkontakte.ru.2011-01-315.0CVE-2011-0686
CONFIRM
CONFIRM
CONFIRM
OSVDB
opera -- opera_browserOpera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document.2011-01-314.3CVE-2011-0687
CONFIRM
CONFIRM
CONFIRM
OSVDB
php -- phpThe extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758.2011-02-025.0CVE-2011-0752
CONFIRM
CONFIRM
CONFIRM
MLIST
php -- phpRace condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals.2011-02-024.3CVE-2011-0753
CONFIRM
CONFIRM
php -- phpThe SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check.2011-02-024.4CVE-2011-0754
CONFIRM
CONFIRM
php -- phpInteger overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.2011-02-025.0CVE-2011-0755
CONFIRM
CONFIRM
pivotx -- pivotxMultiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.php.2011-02-034.3CVE-2011-0772
CONFIRM
XF
BID
BUGTRAQ
BUGTRAQ
OSVDB
OSVDB
MISC
MISC
SECUNIA
pivotx -- pivotxCross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX 2.2.2 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the image parameter.2011-02-034.3CVE-2011-0773
CONFIRM
XF
BID
MISC
CONFIRM
SECUNIA
MISC
OSVDB
pivotx -- pivotxPivotX 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message.2011-02-035.0CVE-2011-0774
CONFIRM
MISC
pivotx -- pivotxpivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.2011-02-035.0CVE-2011-0775
XF
SECUNIA
OSVDB
pleer -- rss_feed_readerCross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.2011-02-014.3CVE-2011-0740
XF
BID
MISC
SECUNIA
OSVDB
postgresql -- postgresqlBuffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.2011-02-016.5CVE-2010-4015
CONFIRM
XF
VUPEN
BID
CONFIRM
CONFIRM
SECUNIA
OSVDB
proftpd -- proftpdHeap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query.2011-02-016.8CVE-2010-4652
CONFIRM
MISC
VUPEN
BID
CONFIRM
MISC
FEDORA
FEDORA
sun -- openoffice.orgsoffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.2011-01-286.9CVE-2010-3689
CONFIRM
VUPEN
VUPEN
SECTRACK
BID
REDHAT
CONFIRM
DEBIAN
UBUNTU
SECUNIA
SECUNIA
SECUNIA
OSVDB
tsugio_okamoto -- lhaBuffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.2011-02-036.8CVE-2004-0694
REDHAT
REDHAT
yahoo -- yuiCross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a similar issue to CVE-2010-4569 and CVE-2010-4570.2011-01-284.3CVE-2010-4710
CONFIRM
MISC
MISC

Back to top


Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublished CVSS ScoreSource & Patch Info
looknstop -- look_'n'_stop_firewalllnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a denial of service (crash) via a crafted 0x80000064 IOCTL request that triggers an assertion failure. NOTE: some of these details are obtained from third party information.2011-01-282.1CVE-2011-0652
XF
BID
EXPLOIT-DB
SECUNIA
OSVDB
opera -- opera_browserThe Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation.2011-01-313.6CVE-2011-0685
XF
CONFIRM
CONFIRM
CONFIRM
CONFIRM
OSVDB

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.