RISK: The Consensus Security Vulnerability Alert Vol. 9 No. 14

From: The SANS Institute (ConsensusSecurityVulnerabilityAlertsans.org)
Date: Thu Apr 01 2010 - 21:32:56 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************
      RISK: The Consensus Security Vulnerability Alert
Apr 1st, 2010 Vol. 9. Week 14
******************************************************************

RISK is the SANS community's consensus bulletin summarizing the most
important vulnerabilities and exploits identified during the past week
and providing guidance on appropriate actions to protect your systems
(PART I). It also includes a comprehensive list of all new
vulnerabilities discovered in the past week (PART II).

Summary of Updates and Vulnerabilities in this Consensus

Platform Number of Updates and Vulnerabilities
- ------------------------ -------------------------------------
Other Microsoft Products 9 (#1)
Mac Os 1 (#2)
Linux 5
HP-UX 2
Solaris 1
AIX 1
Novell 1
Cross Platform 32 (#3, #4, #5)
Web Application - Cross Site Scripting 9
Web Application - SQL Injection 14
Web Application 16
Network Device 12

*************** Sponsored By St. Bernard Software ****************

Is your IT organization struggling to keep your enterprise servers in
compliance with security policy? Could your organization pass a surprise
security audit today? Security Blanket performs fast, consistent, and
repeatable operating system lock down to industry or custom security
settings in minutes, not days. Audit ready, all the time! Try Security
Blanket for FREE.

http://www.sans.org/info/57453
******************************************************************
TRAINING UPDATE
- -- SANS Northern Virginia Bootcamp 2010, April 6-13
Bonus evening presentations include Safe Surfing: How to Surf the Net
Without Getting PWND
http://www.sans.org/reston-2010/
- -- SANS Security West 2010, San Diego, May 7-15, 2010
23 courses. Bonus evening presentations include Killer Bee:
Exploiting ZigBee and the Kinetic World
http://www.sans.org/security-west-2010/
- -- SANSFIRE 2010, Baltimore, June 6-14, 2010
38 courses. Bonus evening presentations include Software Security
Street Fighting Style and The Verizon Data Breach Investigations
Report
http://www.sans.org/sansfire-2010/
- -- SANSFIRE Rocky Mountain 2010, Denver, July 12-17, 2010
8 courses. Bonus evening presentations include Hiding in Plain Sight:
Forensic techniques to Counter the Advanced Persistent Threat
http://www.sans.org/rocky-mountain-2010/
- -- SANS Boston 2010, June 6-14, 2010
11 courses
http://www.sans.org/boston-2010/
Looking for training in your own community? http://sans.org/community/
Save on On-Demand training (30 full courses) - See samples at
http://www.sans.org/ondemand/spring09.php
Plus Dubai, Geneva, Toronto, Singapore and Amsterdam all in the next 90 days.
For a list of all upcoming events, on-line and live: www.sans.org
******************************************************************

Table Of Contents
Part I -- Critical Vulnerabilities from TippingPoint (www.tippingpoint.com)
Widely Deployed Software
(1) CRITICAL: Microsoft Internet Explorer Multiple Vulnerabilities
(2) CRITICAL: Apple Mac OS X Multiple Vulnerabilities
(3) HIGH: Mozilla Products Multiple Vulnerabilities
(4) HIGH: Sun Java Runtime Environment Multiple Vulnerabilities
(5) MODERATE: Apple QuickTime Multiple Vulnerabilities

************************** Sponsored Link ************************

1) Get real-world forensic techniques from industry-recognized experts
at the 2010 European Community Digital Forensics & Incident Response
Summit April 19-20 in London.
http://www.sans.org/info/57458
******************************************************************

Part II -- Comprehensive List of Newly Discovered Vulnerabilities from
Qualys (www.qualys.com)

 -- Other Microsoft Products
10.14.1 - Microsoft Internet Explorer Unspecified Remote Code Execution
10.14.2 - Microsoft Internet Explorer Uninitialized Memory (CVE-2010-0267) Memory Corruption
10.14.3 - Microsoft Internet Explorer HTML Rendering Uninitialized Memory Remote Code Execution
10.14.4 - Microsoft Internet Explorer (CVE-2010-0805) Uninitialized Memory Remote Code Execution
10.14.5 - Microsoft Internet Explorer Race Condition (CVE-2010-0489) Remote Code Execution
10.14.6 - Microsoft Internet Explorer (CVE-2010-0491) Memory Corruption Remote Code Execution
10.14.7 - Microsoft Internet Explorer Post Encoding Information Disclosure
10.14.8 - Microsoft Internet Explorer Uninitialized Memory (CVE-2010-0490) Memory Corruption
10.14.9 - Microsoft Internet Explorer (CVE-2010-0494) Cross-Domain Information Disclosure
 -- Mac Os
10.14.10 - Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
 -- Linux
10.14.11 - Deliver Local Privilege Escalation and Denial of Service Vulnerabilities
10.14.12 - Linux Kernel "l2cap_config_rsp()" Remote Denial of Service
10.14.13 - Linux Kernel "tcp_rcv_state_process()" Remote Denial of Service
10.14.14 - Linux Kernel USB interface Local Information Disclosure
10.14.15 - Linux Kernel NFS Automount "symlinks" Denial of Service
 -- HP-UX
10.14.16 - HP-UX ONCplus NFS Configuration Security Bypass
10.14.17 - HP-UX AudFilter Rule Local Denial of Service
 -- Solaris
10.14.18 - Sun Connection Update Manager for Solaris Multiple Insecure Temporary File Creation Vulnerabilities
 -- AIX
10.14.19 - IBM AIX "getaddrinfo()" Remote Denial of Service
 -- Novell
10.14.20 - Novell Netware FTP Server Multiple Commands Remote Buffer Overflow Vulnerabilities
 -- Cross Platform
10.14.21 - EASY ENTERPRISE Multiple Vulnerabilities
10.14.22 - Smart PC Recorder MP3 File Remote Denial of Service
10.14.23 - JINAIS IRC Message Remote Denial of Service
10.14.24 - Interchange HTTP Response Splitting
10.14.25 - Mozilla Firefox Image Preloading Content Policy Check Security Bypass
10.14.26 - Mozilla Firefox "TraceRecorder::traverseScopeChain()" Remote Memory Corruption
10.14.27 - Mozilla Firefox "gfxTextRun::SanitizeGlyphRuns()" Remote Memory Corruption
10.14.28 - Mozilla Firefox/Thunderbird/Seamonkey CVE-2010-0167 Multiple Memory Corruption Vulnerabilities
10.14.29 - Mozilla Firefox Unspecified Remote Code Execution
10.14.30 - Apple Safari 4 Unspecified Remote Code Execution
10.14.31 - Apple iPhone Safari Unspecified Remote Code Execution
10.14.32 - GnuTLS X.509 Certificate Serial Number Decoding Remote Security
10.14.33 - uHTTP Server GET Request Directory Traversal
10.14.34 - Apple iPhone/iPod Touch Safari Malformed Image Remote Code Execution
10.14.35 - Apple iPhone Malformed VML Data Remote Code Execution
10.14.36 - Apple Safari for iPhone/iPod touch Malformed "Throw" Exception Remote Code Execution
10.14.37 - Apple Safari iPhone/iPod touch Malformed Webpage Remote Code Execution
10.14.38 - OpenSSL "ssl3_get_record()" Remote Denial of Service
10.14.39 - GNU Emacs Email Helper Insecure File Creation
10.14.40 - Trac Ticket Validation Security Bypass
10.14.41 - Aircrack-ng EAPOL Packet Processing Buffer Overflow
10.14.42 - HP Insight Control for Linux Unspecified Local Privilege Escalation
10.14.43 - IBM WebSphere Application Server Orb Client Remote Denial of Service
10.14.44 - HP SOA Registry Foundation Unspecified Information Disclosure
10.14.45 - HP SOA Registry Foundation Unspecified Cross-Site Scripting
10.14.46 - HP SOA Registry Foundation Unspecified Privilege Escalation
10.14.47 - Oracle Java SE and Java for Business CVE-2010-0846 Remote ImageIO
10.14.48 - Oracle Java SE and Java for Business CVE-2010-0840 Remote Java Runtime Environment
10.14.49 - Oracle Java SE and Java for Business CVE-2010-0841 Remote ImageIO
10.14.50 - Oracle Java SE and Java for Business CVE-2010-0838 Remote Java 2D
10.14.51 - Oracle Java SE and Java for Business CVE-2010-0842 Remote Vulnerability
10.14.52 - Oracle Java SE and Java for Business CVE-2010-0843 Remote Vulnerability
 -- Web Application - Cross Site Scripting
10.14.53 - HP Project and Portfolio Management Center Unspecified Cross-Site Scripting Vulnerabilities
10.14.54 - vBulletin 4.0.2 Search Cross-Site Scripting
10.14.55 - Mozilla Firefox/Thunderbird/SeaMonkey Multiple Cross Domain Scripting Vulnerabilities
10.14.56 - vBulletin Multiple Unspecified Cross-Site Scripting Vulnerabilities
10.14.57 - IBM WEBi Multiple Unspecified Cross-Site Scripting Vulnerabilities
10.14.58 - Todoo Forum "todooforum.php" Cross-Site Scripting
10.14.59 - IBM WebSphere Application Server Administration Console Cross-Site Scripting
10.14.60 - Simple PHP Guestbook "guestbook.php" Cross-Site Scripting
10.14.61 - ViewVC Regular Expression Search Cross-Site Scripting
 -- Web Application - SQL Injection
10.14.62 - Eros Erotik Webkatalog "start.php" SQL Injection
10.14.63 - Joomla! "com_xmap" Component "Itemid" Parameter SQL Injection
10.14.64 - Joomla! "com_software" Component "software_id" Parameter SQL Injection
10.14.65 - E-Php Scripts CMS "event_desc.php" SQL Injection
10.14.66 - SiteX "photo.php" SQL Injection
10.14.67 - Joomla! dcsFlashGames Component "catid" Parameter SQL Injection
10.14.68 - SuperNews "index.php" SQL Injection
10.14.69 - Kasseler CMS Jokes Module "id" Parameter SQL Injection
10.14.70 - Joomla! multiple SQL Injection Vulnerabilities
10.14.71 - eSmile "index.php" SQL Injection
10.14.72 - (nv2) Awards "index.php" SQL Injection
10.14.73 - Fuctweb CapCC Plugin for WordPress "plugins.php" SQL Injection
10.14.74 - PhotoPost vBGallery "profile.php" Multiple SQL Injection Vulnerabilities
10.14.75 - phppool media Domain Verkaufs und Auktions Portal SQL Injection
 -- Web Application
10.14.76 - WeBAM Denial of Service Vulnerability and CAPTCHA Bypass
10.14.77 - justVisual "p" Parameter Local File Include
10.14.78 - New-CMS "pg" Parameter Local File Include
10.14.79 - Direct News Multiple Remote File Include Vulnerabilities
10.14.80 - Drupal Menu Block Partial Menu Tree Block Title Module HTML Injection
10.14.81 - OpenCMS OAMP Comments Module Add Comment HTML Injection
10.14.82 - Pulse CMS "delete.php" Arbitrary File Deletion
10.14.83 - Drupal Mime Mail Module PHP Code Execution
10.14.84 - vBulletin Post Title HTML Injection
10.14.85 - Pulse CMS Multiple PHP Code Injection Vulnerabilities
10.14.86 - eZ Publish SQL Injection and HTML Injection Vulnerabilities
10.14.87 - WebMaid CMS Multiple Remote and Local File Include Vulnerabilities
10.14.88 - CMS Faethon "mainpath" Parameter Multiple File Include Vulnerabilities
10.14.89 - AdaptCMS Lite "admin.php" Security Bypass
10.14.90 - Simple Machines Forum Avatar Upload Arbitrary File Upload
10.14.91 - N-13 News "default_login_language" Parameter Local File Include
 -- Network Device
10.14.92 - Cisco TFTP Server Remote Denial of Service
10.14.93 - Cisco IOS SIP Message (CVE-2010-0580) Denial of Service
10.14.94 - Cisco IOS Software Crafted TCP Packet Denial of Service
10.14.95 - Cisco IOS H.323 Interface Queue Resource Exhaustion Denial of Service
10.14.96 - Cisco IOS IPsec Internet Key Exchange (IKE) Malformed Packet Denial of Service
10.14.97 - Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution
10.14.98 - Cisco IOS H.323 Interface Memory Leak Remote Denial of Service
10.14.99 - Cisco IOS SIP Message (CVE-2010-0579) Remote Code Execution
10.14.100 - Cisco IOS For Communication Manager Express SCCP (CVE-2010-0585) Denial of Service
10.14.101 - Cisco IOS NAT SCCP Fragmentation Support Denial of Service
10.14.102 - Cisco IOS Multiprotocol Label Switching (MPLS) Malformed Packet Denial of Service
10.14.103 - Cisco IOS For Communication Manager Express SCCP (CVE-2010-0586) Denial of Service

______________________________________________________________________

PART I Critical Vulnerabilities
Part I for this issue has been compiled by Joshua Bronson at
TippingPoint, a division of 3Com, as a by-product of that company's
continuous effort to ensure that its intrusion prevention products
effectively block exploits using known vulnerabilities. TippingPoint's
analysis is complemented by input from a council of security managers
from twelve large organizations who confidentially share with SANS the
specific actions they have taken to protect their systems. A detailed
description of the process may be found at
http://www.sans.org/newsletters/cva/#process

*****************************
Widely Deployed Software
*****************************

(1) CRITICAL: Microsoft Internet Explorer Multiple Vulnerabilities
Affected:
Internet Explorer version 5.01
Internet Explorer version 6
Internet Explorer version 7
Internet Explorer version 8

Description: Several remote code execution vulnerabilities have been
reported in Microsoft Internet Explorer, the most widely-used web
browser. Six vulnerabilities are due to an uninitialized memory
corruption, one is due to a race condition, and one is due to a buffer
overflow. All of these vulnerabilities require the user to navigate to
a maliciously crafted web page. Successful exploitation might allow an
attacker to execute arbitrary code with the permissions of the current
user. There is also an unspecified vulnerability that was disclosed at
a recent Pwn2Own contest. It is not known to have been patched or
confirmed by the vendor. Various other vulnerabilities in Internet
Explorer have also been reported and patched.

Status: vendor confirmed, updates available

References:
Microsoft Security Bulletin MS10-018
http://www.microsoft.com/technet/security/bulletin/ms10-018.mspx
Vendor Home Page
http://www.microsoft.com
SecurityFocus BID's
http://www.securityfocus.com/bid/38951
http://www.securityfocus.com/bid/39023
http://www.securityfocus.com/bid/39024
http://www.securityfocus.com/bid/39025
http://www.securityfocus.com/bid/39027
http://www.securityfocus.com/bid/39028
http://www.securityfocus.com/bid/39030
http://www.securityfocus.com/bid/39031

*************************************************************

(2) CRITICAL: Apple Mac OS X Multiple Vulnerabilities
Affected:
Apple Mac OS X
  
Description: Multiple vulnerabilities have been reported in Apple's
Macintosh OS X, an operating system widely deployed on Apple computers.
Successfully exploiting one of these vulnerabilities would allow an
attacker to create a variety of exploit conditions. The vulnerabilities
range from buffer overflows, bypass of security restrictions, privilege
escalation, memory corruption, to denial of services. The
vulnerabilities affect a number of Mac OS X applications. Some of these
vulnerabilities may be used by attackers to execute arbitrary code on
the vulnerable machine.

Status: vendor confirmed, updates available

References:
Apple Knowledge Base Article
http://support.apple.com/kb/HT4077
Vendor Home Page
http://www.apple.com
SecurityFocus BID
http://www.securityfocus.com/bid/39020

*************************************************************

(3) HIGH: Mozilla Products Multiple Vulnerabilities
Affected:
Mozilla Firefox prior to 3.6.2
Mozilla Firefox prior to 3.5.9
Mozilla Firefox prior to 3.0.19
Mozilla Thunderbird prior to 3.0.4
Mozilla SeaMonkey prior to 2.0.4

Description: Multiple vulnerabilities have been reported in Mozilla
Foundation products, including Firefox, the second most widely-used web
browser. Three of these vulnerabilities could result in remote code
execution. The first involves recently discovered bugs that crash
Firefox. In the process of reproducing these bugs, evidence of memory
corruption was discovered. It is possible, therefore, that an attacker
may be able to exploit some of these vulnerabilities for code execution.
Two other use-after-free vulnerabilities may also be exploitable for
code execution. There is also an unspecified vulnerability that was
disclosed at a recent Pwn2Own contest. It is not known to have been
patched or confirmed by the vendor.

Status: vendor confirmed, updates available

References:
Mozilla Foundation Security Advisories
http://www.mozilla.org/security/announce/2010/mfsa2010-16.html
http://www.mozilla.org/security/announce/2010/mfsa2010-17.html
http://www.mozilla.org/security/announce/2010/mfsa2010-18.html
http://www.mozilla.org/security/announce/2010/mfsa2010-19.html
http://www.mozilla.org/security/announce/2010/mfsa2010-20.html
http://www.mozilla.org/security/announce/2010/mfsa2010-21.html
Vendor Home Page
http://www.mozilla.org
SecurityFocus BID
http://www.securityfocus.com/bid/38952
Secunia Advisories
http://secunia.com/advisories/39240/
http://secunia.com/advisories/39136/
http://secunia.com/advisories/39242/
http://secunia.com/advisories/39243/

*************************************************************

(4) HIGH: Sun Java Runtime Environment Multiple Vulnerabilities
Affected:
Sun Java JDK 1.6.x
Sun Java JRE 1.4.x
Sun Java JRE 1.5.x / 5.x
Sun Java JRE 1.6.x / 6.x
Sun Java SDK 1.4.x

Description: Sun's Java Runtime Environment, a virtual machine
environment that operates on many platforms, is prone to multiple remote
code-execution vulnerabilities. Two buffer overflow vulnerabilities
exist in Java's handling of MIDI soundbanks. In addition, an input
validation error exists in the processing of certain image files. All
of these vulnerabilities can be exploited by enticing the user to visit
a web page containing a malicious applet and accompanying data files.
Various other vulnerabilities in the JRE have also been reported and
patched. Some technical details for these vulnerabilities are publicly
available.

Status: vendor confirmed, updates available

References:
Oracle Java Critical Patch Update Advisory - March 2010
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
Vendor Home Page
http://www.oracle.com
Secunia Advisory
http://secunia.com/advisories/37255/
SecurityFocus BID's
http://www.securityfocus.com/bid/39062
http://www.securityfocus.com/bid/39065
http://www.securityfocus.com/bid/39067
http://www.securityfocus.com/bid/39068
http://www.securityfocus.com/bid/39069
http://www.securityfocus.com/bid/39070
http://www.securityfocus.com/bid/39071
http://www.securityfocus.com/bid/39072
http://www.securityfocus.com/bid/39073
http://www.securityfocus.com/bid/39075
http://www.securityfocus.com/bid/39077
http://www.securityfocus.com/bid/39078
http://www.securityfocus.com/bid/39081
http://www.securityfocus.com/bid/39083
http://www.securityfocus.com/bid/39084
http://www.securityfocus.com/bid/39085
http://www.securityfocus.com/bid/39086
http://www.securityfocus.com/bid/39088
http://www.securityfocus.com/bid/39089
http://www.securityfocus.com/bid/39090
http://www.securityfocus.com/bid/39091
http://www.securityfocus.com/bid/39093
http://www.securityfocus.com/bid/39094
http://www.securityfocus.com/bid/39095
http://www.securityfocus.com/bid/39096

*************************************************************

(5) MODERATE: Apple QuickTime Multiple Vulnerabilities
Affected:
Apple QuickTime Player prior to 7.6.6 on Windows 7, Vista, and XP SP 2

Description: Multiple code execution vulnerabilities have been
discovered in QuickTime, a popular media player developed by Apple. The
vulnerabilities involve insufficient validation of user input and might
lead to memory corruption and buffer overflows. A specially crafted PICT
or BMP image or malicious video file can be used to trigger this
vulnerability. Successful exploitation might allow an attacker to
execute arbitrary code in the context of the affected application.

Status: vendor confirmed, updates available

References:
Apple Knowledge Base Article
http://support.apple.com/kb/HT4104
Vendor Home Page
http://www.apple.com
SecurityFocus BID's
http://www.securityfocus.com/bid/39136
http://www.securityfocus.com/bid/39139
http://www.securityfocus.com/bid/39140

*************************************************************

Part II -- Comprehensive List of Newly Discovered Vulnerabilities from
Qualys (www.qualys.com)

Week 14, 2010
This list is compiled by Qualys ( www.qualys.com ) as part of that
company's ongoing effort to ensure its vulnerability management web
service tests for all known vulnerabilities that can be scanned. As of
this week Qualys scans for 8652 unique vulnerabilities. For this special
SANS community listing, Qualys also includes vulnerabilities that cannot
be scanned remotely.
______________________________________________________________________

10.14.1 CVE: Not Available
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer Unspecified Remote Code Execution
Description: Microsoft Internet Explorer is a browser for the Windows
operating system. Internet Explorer is exposed to an unspecified
remote code execution issue that arises when a user visits a malicious
site.
Ref:
http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf
______________________________________________________________________

10.14.2 CVE: Not Available
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer Uninitialized Memory
(CVE-2010-0267) Memory Corruption
Description: Microsoft Internet Explorer is a browser for the Windows
operating system. Microsoft Internet Explorer is exposed to a memory
corruption issue. This issue occurs when the application attempts to
access an object that is uninitialized or deleted.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.3 CVE: CVE-2010-0807
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer HTML Rendering Uninitialized Memory
Remote Code Execution
Description: Microsoft Internet Explorer is a browser for the Windows
operating system. Internet Explorer is exposed to a remote code
execution issue that arises when the browser displays a malicious
webpage. This issue occurs because of an error when accessing an
object that has been incorrectly initialized or deleted.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.4 CVE: CVE-2010-0805
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer (CVE-2010-0805) Uninitialized
Memory Remote Code Execution
Description: Microsoft Internet Explorer is a browser for the Windows
operating system. Internet Explorer is exposed to a remote code
execution issue that arises when the browser displays a malicious
webpage. This issue occurs because of an error when accessing an
object that has been incorrectly initialized or deleted.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.5 CVE: CVE-2010-0489
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer Race Condition (CVE-2010-0489)
Remote Code Execution
Description: Microsoft Internet Explorer is a browser for the Windows
operating system. Microsoft Internet Explorer is exposed to a remote
code execution issue that occurs when the application attempts to
access an object that has been corrupted by a race condition.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.6 CVE: CVE-2010-0491
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer (CVE-2010-0491) Memory Corruption
Remote Code Execution
Description: Microsoft Internet Explorer is a browser for the Windows
operating system. Internet Explorer is exposed to a remote code
execution issue that arises when the browser opens a malicious
webpage. This issue occurs because of an error when accessing an
object that has been incorrectly initialized or deleted.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.7 CVE: Not Available
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer Post Encoding Information
Disclosure
Description: Microsoft Internet Explorer is a web browser available
for Microsoft Windows. Internet Explorer is exposed to an information
disclosure issue that arises when the browser displays a malicious
webpage. This issue occurs because it fails to properly handle content
using specific encoded strings when submitting data.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.8 CVE: CVE-2010-0490
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer Uninitialized Memory
(CVE-2010-0490) Memory Corruption
Description: Microsoft Internet Explorer is a browser for the Windows
operating system. Microsoft Internet Explorer is prone to a
memory corruption vulnerability. This issue occurs when the
application attempts to access an object that is uninitialized or
deleted.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.9 CVE: CVE-2010-0494
Platform: Other Microsoft Products
Title: Microsoft Internet Explorer (CVE-2010-0494) Cross-Domain
Information Disclosure
Description: Microsoft Internet Explorer is a web browser available
for Microsoft Windows. The browser is exposed to a cross-domain
information disclosure issue because it fails to properly enforce the
same-origin policy.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
______________________________________________________________________

10.14.10 CVE: CVE-2009-2801, CVE-2010-0056, CVE-2010-0057,
CVE-2010-0533, CVE-2010-0058, CVE-2010-0059, CVE-2010-0060,
CVE-2010-0062, CVE-2010-0063, CVE-2010-0064, CVE-2010-0537,
CVE-2010-0065, CVE-2010-0497, CVE-2010-0498, CVE-2010-0535,
CVE-2010-0500, CVE-2010-0524, CVE-2010-0501, CVE-2010-0502,
CVE-2010-0503, CVE-2010-0504, CVE-2010-0505, CVE-2010-0506,
CVE-2010-0507, CVE-2010-0508, CVE-2010-0525, CVE-2010-0509,
CVE-2010-0510, CVE-2010-0511, CVE-2010-0512, CVE-2010-0513,
CVE-2010-0514, CVE-2010-0515, CVE-2010-0516, CVE-2010-0517,
CVE-2010-0518, CVE-2010-0519, CVE-2010-0520, CVE-2010-0526,
CVE-2010-0521, CVE-2010-0522, CVE-2010-0523, CVE-2010-0534,
CVE-2010-0055
Platform: Mac Os
Title: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security
Vulnerabilities
Description: Apple Mac OS X is exposed to multiple security issues
that have been addressed in Security Update APPLE-SA-2010-03-29-1. The
update addresses new vulnerabilities that affect AppKit, Application
Firewall, AFP Server, ClamAV, CoreAudio, CoreMedia, CoreTypes,
DesktopServices, Disk Images, Directory Services, Dovecot, Event
Monitor, FreeRADIUS, FTP Server, iChat Server, ImageIO, Image RAW,
Mail, OS Services, Password Server, Podcast Producer, Preferences, PS
Normalizer, QuickTime, Wiki Server, and xar.
Ref: http://www.securityfocus.com/bid/39020
______________________________________________________________________

10.14.11 CVE: CVE-2010-0439
Platform: Linux
Title: Deliver Local Privilege Escalation and Denial of Service
Vulnerabilities
Description: Deliver is a mail delivery application available for Unix,
Linux and other Unix like operating systems. Deliver is exposed to
multiple local issues including: Multiple local privilege escalation
vulnerabilities due to race conditions, which can be exploited
by using symbolic links, and a denial of service issue that may
allow attackers to create lock files and prevent users from accessing
their mail.
Ref: http://www.securityfocus.com/archive/1/510306
______________________________________________________________________

10.14.12 CVE: Not Available
Platform: Linux
Title: Linux Kernel "l2cap_config_rsp()" Remote Denial of Service
Description: The Linux kernel is exposed to a remote denial of service
issue because it fails to properly handle user-supplied input. This
issue occurs when the "l2cap_config_rsp()" function of the
"net/bluetooth/l2cap.c" file processes malformed network data. Linux
kernel versions 2.6.x are affected.
Ref:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=c2c77ec83bdad17fb688557b5b3fdc36661dd1c6
______________________________________________________________________

10.14.13 CVE: Not Available
Platform: Linux
Title: Linux Kernel "tcp_rcv_state_process()" Remote Denial of Service
Description: The Linux kernel is exposed to a remote denial of service
issue in the "tcp_rcv_state_process()" function of the
"net/ipv4/tcp_input.c" source file. This issue is triggered when a
listening socket is set to "IPV6_RECVPKTINFO" and receives a SYN
packet. Linux kernel versions prior to 2.6.19.3 are affected.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=577711
______________________________________________________________________

10.14.14 CVE: CVE-2010-1083
Platform: Linux
Title: Linux Kernel USB interface Local Information Disclosure
Description: The Linux kernel is exposed to a local information
disclosure issue. Specifically the issue occurs when USB commands fail
while trying to read from a USB device. This may return recently freed
data of the kernel to the user space.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1083
______________________________________________________________________

10.14.15 CVE: CVE-2010-1088
Platform: Linux
Title: Linux Kernel NFS Automount "symlinks" Denial of Service
Description: The Linux kernel is exposed to a denial of service issue
that affects NFS. Specifically the issue occurs because automount
"symlinks" are followed regardless of "LOOKUP_FOLLOW" check in the
"fs/namei.c" file.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-1088
______________________________________________________________________

10.14.16 CVE: CVE-2010-0451
Platform: HP-UX
Title: HP-UX ONCplus NFS Configuration Security Bypass
Description: HP-UX is a UNIX based operating system. HP-UX is exposed
to a security bypass issue because the ONCplus package can provide an
unintended configuration for NFS. Specifically, "NFS_SERVER" may be
set to "1" in the "/etc/rc.config.d/nsconf" configuration file. HP-UX
versions B.11.31.08 and prior are affected.
Ref: http://www.securityfocus.com/bid/38982
______________________________________________________________________

10.14.17 CVE: CVE-2009-1030
Platform: HP-UX
Title: HP-UX AudFilter Rule Local Denial of Service
Description: HP-UX is exposed to a local denial of service issue that
occurs when AudFilter rules are enabled. An attacker can exploit this
issue to crash the affected computer, denying service to legitimate
user.
Ref: http://www.securityfocus.com/bid/39046
______________________________________________________________________

10.14.18 CVE: Not Available
Platform: Solaris
Title: Sun Connection Update Manager for Solaris Multiple Insecure
Temporary File Creation Vulnerabilities
Description: Sun Connection Update Manager for Solaris is an
application for managing vendor patches. Sun Connection Update Manager
for Solaris creates temporary files in an insecure manner.
Ref: http://www.securityfocus.com/archive/1/510305
______________________________________________________________________

10.14.19 CVE: Not Available
Platform: Aix
Title: IBM AIX "getaddrinfo()" Remote Denial of Service
Description: IBM AIX is a UNIX based operating system. AIX is exposed
to a remote denial of service issue affecting the "getaddrinfo()"
function. Applications that depend on this function may crash; in
particular, IBM DB2 is affected. AIX version 5.3 is affected.
Ref: http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710
______________________________________________________________________

10.14.20 CVE: CVE-2010-0625
Platform: Novell
Title: Novell Netware FTP Server Multiple Commands Remote Buffer
Overflow Vulnerabilities
Description: Netware FTP Server is an FTP server for Novell platform.
The server is exposed to multiple remote buffer overflow issues
because it fails to perform adequate boundary checks on user-supplied
data passed to "rmdir" and "mkdir" commands. Netware FTP Server
version 5.09.03 is affected.
Ref:
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5071250.html
______________________________________________________________________

10.14.21 CVE: Not Available
Platform: Cross Platform
Title: EASY ENTERPRISE Multiple Vulnerabilities
Description: EASY ENTERPRISE is a document management application. The
application is exposed to multiple issues. EASY ENTERPRISE versions
prior to 1754 are vulnerable.
Ref: http://www.securityfocus.com/bid/38966
______________________________________________________________________

10.14.22 CVE: Not Available
Platform: Cross Platform
Title: Smart PC Recorder MP3 File Remote Denial of Service
Description: Smart PC Recorder is a voice recorder application. Smart
PC Recorder is exposed to a denial of service issue when handling
malformed ".mp3" files. Successfully exploiting this issue allows
remote attackers to deny service to legitimate users.
Ref: http://www.voiceemotion.com/smartrecorder.htm
______________________________________________________________________

10.14.23 CVE: Not Available
Platform: Cross Platform
Title: JINAIS IRC Message Remote Denial of Service
Description: JINAIS IRC Server is an IRC server application. The
application is exposed to a denial of service issue that occurs when
handling a message containing a malicious "topic" value. JINAIS
version 0.1.8 is affected.
Ref: http://www.securityfocus.com/bid/38972
______________________________________________________________________

10.14.24 CVE: Not Available
Platform: Cross Platform
Title: Interchange HTTP Response Splitting
Description: Interchange is an ecommerce application implemented in
Perl. The application is exposed to an HTTP response splitting issue
that affects unspecified parameters. The issue arises when the
"BounceReferrals" or "BounceRobotSessionURL" directives are enabled.
Interchange versions prior to 5.6.3 and 5.4.5 are affected.
Ref: http://www.icdevgroup.org/i/dev/news?mv_arg=00042
______________________________________________________________________

10.14.25 CVE: CVE-2010-0168
Platform: Cross Platform
Title: Mozilla Firefox Image Preloading Content Policy Check Security
Bypass
Description: Mozilla Firefox is a web browser available for multiple
platforms. Firefox is exposed to a security bypass issue because the
content loading policies aren't properly checked before preloading
images referenced in HTML documents. Mozilla Firefox version 3.6 is
affected.
Ref: http://www.mozilla.org/security/announce/2010/mfsa2010-13.html
______________________________________________________________________

10.14.26 CVE: CVE-2010-0165
Platform: Cross Platform
Title: Mozilla Firefox "TraceRecorder::traverseScopeChain()" Remote
Memory Corruption
Description: Mozilla Firefox is a browser available for various
platforms. The application is exposed to a remote memory corruption
issue that stems from an error in the
"TraceRecorder::traverseScopeChain()" function of the "jstracer.cpp"
source code file. Firefox version 3.6 is affected.
Ref: http://www.mozilla.org/security/announce/2010/mfsa2010-11.html
______________________________________________________________________

10.14.27 CVE: CVE-2010-0166
Platform: Cross Platform
Title: Mozilla Firefox "gfxTextRun::SanitizeGlyphRuns()" Remote Memory
Corruption
Description: Mozilla Firefox is a browser available for various
platforms. The application is exposed to a remote memory corruption
issue that stems from an error in the
"gfxTextRun::SanitizeGlyphRuns()" function of the
"gfx/thebes/src/gfxFont.cpp" source code file and is triggered when
processing crafted Unicode character data. Firefox version 3.6 for
Apple Mac OS X is affected.
Ref: http://www.mozilla.org/security/announce/2010/mfsa2010-11.html
______________________________________________________________________

10.14.28 CVE: CVE-2010-0167
Platform: Cross Platform
Title: Mozilla Firefox/Thunderbird/Seamonkey CVE-2010-0167 Multiple
Memory Corruption Vulnerabilities
Description: Mozilla Firefox, Thunderbird, and Seamonkey are
browsers available for various platforms. The applications are exposed
to multiple remote memory corruption issues.
Ref: http://www.mozilla.org/security/announce/2010/mfsa2010-11.html
______________________________________________________________________

10.14.29 CVE: Not Available
Platform: Cross Platform
Title: Mozilla Firefox Unspecified Remote Code Execution
Description: Mozilla Firefox is a browser for the various operating
systems. Firefox is exposed to an unspecified remote code execution
issue that arises when a user visits a malicious site. Mozilla Firefox
3.x versions running on the Windows platform are affected.
Ref:
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1506830,00.html?track=sy160&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+techtarget%2FSearchsecurity%2FSecurityWire+%2
______________________________________________________________________

10.14.30 CVE: Not Available
Platform: Cross Platform
Title: Apple Safari 4 Unspecified Remote Code Execution
Description: Apple Safari is a browser for the various operating
systems. Safari is exposed to an unspecified remote code execution
issue that arises when a user visits a malicious site.
Ref: http://www.securityfocus.com/bid/38955
______________________________________________________________________

10.14.31 CVE: Not Available
Platform: Cross Platform
Title: Apple iPhone Safari Unspecified Remote Code Execution
Description: Apple Safari is a browser for the various operating
systems. Safari running in the iPhone is exposed to an unspecified
remote code execution issue that arises when a user visits a malicious
site.
Ref: http://www.securityfocus.com/bid/38957/references
______________________________________________________________________

10.14.32 CVE: CVE-2010-0731
Platform: Cross Platform
Title: GnuTLS X.509 Certificate Serial Number Decoding Remote Security
Description: GNU Transport Layer Security Library (GnuTLS) is a
library that implements the TLS 1.0 and SSL 3.0 protocols. It is
maintained by GNU and is available for UNIX and Linux variants. The
application is exposed to a security issue due to an unspecified error
when decoding serial numbers from X.509 certificates on 64-bit big
endian platforms.
Ref: http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4230
______________________________________________________________________

10.14.33 CVE: Not Available
Platform: Cross Platform
Title: uHTTP Server GET Request Directory Traversal
Description: uHTTP Server is an HTTP server. uHTTP Server is exposed
to a directory traversal issue because it fails to sufficiently
sanitize user-supplied input. Specifically, the application fails to
sanitize directory traversal strings ("../") from HTTP GET requests.
uHTTP Server version 0.1.0-alpha is affected.
Ref:
http://www.salvatorefresta.net/files/adv/uhttp%20Server%200.1.0%20alpha%20Path%20Traversal%20Vulnerability-10032010.txt
______________________________________________________________________

10.14.34 CVE: Not Available
Platform: Cross Platform
Title: Apple iPhone/iPod Touch Safari Malformed Image Remote Code
Execution
Description: Apple Safari is a browser for the various operating
systems. Apple Safari running on iPhone and iPod touch is prone to an
unspecified remote code execution vulnerability. This issue occurs
when viewing a webpage containing a malicious image. Safari on Apple
iPhone and iPod touch versions 3.1.3 and prior are affected.
Ref: http://nishantdaspatnaik.yolasite.com/ipodpoc2.php
______________________________________________________________________

10.14.35 CVE: Not Available
Platform: Cross Platform
Title: Apple iPhone Malformed VML Data Remote Code Execution
Description: Apple Safari is a browser for the various operating
systems. Safari running on the iPhone is exposed to an unspecified
remote code execution issue when viewing a malicious webpage
containing specially crafted Vector Markup Language (VML). Apple
Safari versions included on iPhone 3.1.3 and earlier are affected.
Ref: http://www.securityfocus.com/bid/38990
______________________________________________________________________

10.14.36 CVE: Not Available
Platform: Cross Platform
Title: Apple Safari for iPhone/iPod touch Malformed "Throw" Exception
Remote Code Execution
Description: Apple Safari is a browser for various operating systems.
Safari on Apple iPhone and iPod touch is exposed to a remote code
execution issue that occurs when processing a webpage containing a
malformed "throw" exception. Safari on Apple iPhone and iPod touch
version 3.1.3 is affected.
Ref: http://nishantdaspatnaik.yolasite.com/ipodpoc5.php
______________________________________________________________________

10.14.37 CVE: Not Available
Platform: Cross Platform
Title: Apple Safari iPhone/iPod touch Malformed Webpage Remote Code
Execution
Description: Apple Safari is a browser for the various operating
systems. Safari running on the iPhone and iPod touch is exposed to a
remote code execution issue that occurs when viewing a malicious
webpage. Safari on Apple iPhone and iPod touch versions 3.1.3 and prior
are affected.
Ref: http://nishantdaspatnaik.yolasite.com/ipodpoc2.php
______________________________________________________________________

10.14.38 CVE: CVE-2010-0740
Platform: Cross Platform
Title: OpenSSL "ssl3_get_record()" Remote Denial of Service
Description: OpenSSL is an open-source implementation of the SSL
protocol that is used by a number of other projects, including but not
limited to Apache, Sendmail, and Bind. It is commonly found on Linux
and UNIX systems. OpenSSL is exposed to a denial of service issue
caused by a NULL pointer dereference. OpenSSL versions 0.9.8f through
0.9.8m are affected.
Ref: http://openssl.org/news/secadv_20100324.txt
______________________________________________________________________

10.14.39 CVE: CVE-2010-0825
Platform: Cross Platform
Title: GNU Emacs Email Helper Insecure File Creation
Description: GNU Emacs is an open source text editor. GNU Emacs is
exposed to an insecure file creation issue. This issue occurs because
the email helper application creates files without verifying their
permissions properly.
Ref: http://www.securityfocus.com/bid/39039
______________________________________________________________________

10.14.40 CVE: Not Available
Platform: Cross Platform
Title: Trac Ticket Validation Security Bypass
Description: Trac is a wiki and issue tracking system. The application
is exposed to a security bypass issue that can be exploited by
unauthorized users to modify the status and resolution of a ticket.
Trac versions prior to 0.11.7 are affected.
Ref: http://trac.edgewall.org/wiki/ChangeLog#a0.11.7
______________________________________________________________________

10.14.41 CVE: Not Available
Platform: Cross Platform
Title: Aircrack-ng EAPOL Packet Processing Buffer Overflow
Description: Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking
program; it is available for Microsoft Windows and Linux operating
systems. Aircrack-ng is exposed to a buffer overflow issue. An
attacker can exploit this issue by supplying a malicious capture file
or data through a network where an instance of Aircrack-ng is being
used to monitor traffic.
Ref: http://www.securityfocus.com/bid/39045
______________________________________________________________________

10.14.42 CVE: CVE-2010-1031
Platform: Cross Platform
Title: HP Insight Control for Linux Unspecified Local Privilege
Escalation
Description: HP Insight Control Suite for Linux is a management
interface for Linux-based servers. Insight Control Suite for Linux is
exposed to an unspecified local privilege escalation issue. HP Insight
Control for Linux versions 2.11 and earlier are affected.
Ref: http://www.securityfocus.com/archive/1/510406
______________________________________________________________________

10.14.43 CVE: CVE-2010-0770
Platform: Cross Platform
Title: IBM WebSphere Application Server Orb Client Remote Denial of Service
Description: IBM WebSphere Application Server (WAS) is a
service-oriented architecture. IBM WebSphere Application Server (WAS)
is exposed to a remote denial of service issue due to a design error
when handling SSL handshakes for ORB clients. WAS versions prior to
7.0.0.9, 6.1.0.31 and 6.0.2.41 are affected.
Ref: http://xforce.iss.net/xforce/xfdb/57182
______________________________________________________________________

10.14.44 CVE: CVE-2010-0448
Platform: Cross Platform
Title: HP SOA Registry Foundation Unspecified Information Disclosure
Description: SOA Registry Foundation is a UDDI (Universal Description,
Discovery and Integration) registry available for multiple platforms.
The device is exposed to an unspecified remote information disclosure
issue. SOA Registry Foundation 6.63 and 6.64 running on AIX, HP-UX,
Linux, Solaris, and Windows are affected.
Ref: http://www.securityfocus.com/bid/39059
______________________________________________________________________

10.14.45 CVE: CVE-2010-0449
Platform: Cross Platform
Title: HP SOA Registry Foundation Unspecified Cross-Site Scripting
Description: SOA Registry Foundation is a Universal Description,
Discovery and Integration (UDDI) registry available for multiple
platforms. The application is exposed to an unspecified cross-site
scripting issue because it fails to sanitize user-supplied input. SOA
Registry Foundation 6.63 and 6.64 running on AIX, HP-UX, Linux,
Solaris, and Windows are affected.
Ref: http://www.securityfocus.com/bid/39060
______________________________________________________________________

10.14.46 CVE: CVE-2010-0450
Platform: Cross Platform
Title: HP SOA Registry Foundation Unspecified Privilege Escalation
Description: SOA Registry Foundation is a UDDI (Universal Description,
Discovery and Integration) registry available for multiple platforms.
The application is exposed to an unspecified privilege escalation
issue. SOA Registry Foundation 6.63 and 6.64 running on AIX, HP-UX,
Linux, Solaris, and Windows are affected.
Ref: http://www.securityfocus.com/bid/39061
______________________________________________________________________

10.14.47 CVE: CVE-2010-0846
Platform: Cross Platform
Title: Oracle Java SE and Java for Business CVE-2010-0846 Remote ImageIO
Description: Oracle Java SE and Java for Business are prone to a
remote vulnerability in ImageIO. The issue can be exploited over
multiple protocols. Oracle Java SE and Java for Business versions 6
Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 are affected.
Ref:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
______________________________________________________________________

10.14.48 CVE: CVE-2010-0840, CVE-2010-0839, CVE-2010-0087
Platform: Cross Platform
Title: Oracle Java SE and Java for Business CVE-2010-0840 Remote Java Runtime Environment
Description: Oracle Java SE and Java for Business are prone to a remote
vulnerability in Java Runtime Environment. The vulnerability can be
exploited over multiple protocols. Oracle Java SE and Java for Business
versions 6 Update 18, 5.0 Update 23, and 1.4.2_25 are affected.
Ref:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
______________________________________________________________________

10.14.49 CVE: CVE-2010-0841
Platform: Cross Platform
Title: Oracle Java SE and Java for Business CVE-2010-0841 Remote ImageIO
Description: Oracle Java SE and Java for Business are prone to a
remote vulnerability in ImageIO. The issue can be exploited over the
"Multiple" protocol. An attacker does not require privileges to
exploit this vulnerability. Oracle Java SE and Java for Business
versions 6 Update 18, 5.0 Update 23, and 1.4.2_25 are affected.
Ref:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
______________________________________________________________________

10.14.50 CVE: CVE-2010-0838, CVE-2010-0847
Platform: Cross Platform
Title: Oracle Java SE and Java for Business CVE-2010-0838 Remote Java 2D
Description: Oracle Java SE and Java for Business are prone to a
remote vulnerability in Java 2D. The issue can be exploited over
multiple protocols.
Ref:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
______________________________________________________________________

10.14.51 CVE: CVE-2010-0842
Platform: Cross Platform
Title: Oracle Java SE and Java for Business CVE-2010-0842 Remote Vulnerability
Description: Oracle Java SE and Java for Business are exposed to a
remote issue affecting the Sound component. The vulnerability can be
exploited over multiple protocols. This vulnerability affects the following
supported versions: 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27.
Ref:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
______________________________________________________________________

10.14.52 CVE: CVE-2010-0843
Platform: Cross Platform
Title: Oracle Java SE and Java for Business CVE-2010-0843 Remote Vulnerability
Description: Oracle Java SE and Java for Business are exposed to a
remote issue affecting the Sound component. The vulnerability can be
exploited over multiple protocols. Oracle Java SE and Java for
Business versions 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 are
affected.
Ref:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
______________________________________________________________________

10.14.53 CVE: CVE-2010-0452
Platform: Web Application - Cross Site Scripting
Title: HP Project and Portfolio Management Center Unspecified Cross-
Site Scripting Vulnerabilities
Description: HP Project and Portfolio Management Center (PPMC) is a
project management application. The application is exposed to multiple
unspecified cross-site scripting issues because it fails to sanitize
user-supplied input. HP Project and Portfolio Management Center
versions 7.5 SP3 and earlier, and 7.1 SP10 and earlier are affected.
Ref:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01762443
______________________________________________________________________

10.14.54 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: vBulletin 4.0.2 Search Cross-Site Scripting
Description: vBulletin is a web-based forum application implemented in
PHP. The application is prone to a cross-site scripting issue because
it fails to sufficiently sanitize user-supplied input to the "query"
parameter of the search pages. vBulletin version 4.0.2 is affected.
Ref:
http://www.vbulletin.com/forum/showthread.php?346486-Security-Fix-Releases-3.7.7-and-4.0.2-PL-2
______________________________________________________________________

10.14.55 CVE: CVE-2010-0171
Platform: Web Application - Cross Site Scripting
Title: Mozilla Firefox/Thunderbird/SeaMonkey Multiple Cross Domain
Scripting Vulnerabilities
Description: Firefox is a browser. SeaMonkey is a suite of applications
that includes a browser and an email client. Firefox, Thunderbird, and
SeaMonkey are exposed to multiple cross-domain scripting issues that
occur when a wrapped object is accessed by the "addEventListener()" and
"setTimeout()" functions. Firefox versions prior to 3.6.2, 3.5.8, and
3.0.18 are affected. Thunderbird versions prior to 3.0.2 are affected.
SeaMonkey versions prior to 2.0.3 are affected.
Ref: http://www.mozilla.org/security/announce/2010/mfsa2010-12.html
______________________________________________________________________

10.14.56 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: vBulletin Multiple Unspecified Cross-Site Scripting
Vulnerabilities
Description: vBulletin is a web-based forum application implemented in
PHP. The application is exposed to multiple issues because it fails to
sufficiently sanitize user-supplied input. vBulletin versions prior to
4.0.2 PL4 are affected.
Ref: http://www.exploit-db.com/exploits/11887
______________________________________________________________________

10.14.57 CVE: Not Available
Platform: Web Application - Cross Site Scripting
Title: IBM WEBi Multiple Unspecified Cross-Site Scripting
Vulnerabilities
Description: IBM WEBi is a web interface for content management. The
application is exposed to multiple cross-site scripting issues because
it fails to sufficiently sanitize user-supplied input. IBM WEBi
versions prior to 1.0.4 are affected.
Ref: http://www-01.ibm.com/support/docview.wss?uid=swg24025662
______________________________________________________________________

10.14.58 CVE: CVE-2010-0938
Platform: Web Application - Cross Site Scripting
Title: Todoo Forum "todooforum.php" Cross-Site Scripting
Description: Todoo Forum is a web-based bulletin board implemented in
PHP. The application is exposed to a cross-site scripting issue
because it fails to sufficiently sanitize user-supplied data in the
"id_forum" parameter of the "todooforum.php" script. Todoo Forum
version 2.0 is affected.
Ref: http://www.todoomasters.com/
______________________________________________________________________

10.14.59 CVE: CVE-2010-0768
Platform: Web Application - Cross Site Scripting
Title: IBM WebSphere Application Server Administration Console Cross-
Site Scripting
Description: IBM WebSphere Application Server (WAS) is an application
server used for service-oriented architecture. WAS is exposed to a
cross-site scripting issue because it fails to properly sanitize
user-supplied input. This issue affects the Administration Console.
WAS versions prior to 7.0.0.9, 6.1.0.31, and 6.0.2.4 are affected.
Ref: http://xforce.iss.net/xforce/xfdb/57164
______________________________________________________________________

10.14.60 CVE: CVE-2010-0940
Platform: Web Application - Cross Site Scripting
Title: Simple PHP Guestbook "guestbook.php" Cross-Site Scripting
Description: Simple PHP Guestbook is a web application implemented in
PHP. The application is exposed to a cross-site scripting issue
because it fails to sufficiently sanitize user-supplied data to the
"action" parameter of the "guestbook.php" script. Simple PHP Guestbook
version 1.0 is affected.
Ref: http://www.securityfocus.com/bid/39049
______________________________________________________________________

10.14.61 CVE: CVE-2010-0132
Platform: Web Application - Cross Site Scripting
Title: ViewVC Regular Expression Search Cross-Site Scripting
Description: ViewVC is a web-based interface for CVS and Subversion
version control repositories. It's implemented in Python. ViewVC is
exposed to a cross-site scripting vulnerability because the application
fails to sufficiently sanitize user-supplied data. This issue affects
the "regular expression search" feature. ViewVC versions prior to 1.1.5
and 1.0.11 are affected.
Ref: http://secunia.com/secunia_research/2010-26/
______________________________________________________________________

10.14.62 CVE: CVE-2010-0964
Platform: Web Application - SQL Injection
Title: Eros Erotik Webkatalog "start.php" SQL Injection
Description: Eros Webkatalog is a web application implemented in PHP.
The application is exposed to an SQL injection issue because it fails
to sufficiently sanitize user-supplied input to the "id" parameter of
the "start.php" script before using it in an SQL query.
Ref: http://www.securityfocus.com/bid/39034
______________________________________________________________________

10.14.63 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Joomla! "com_xmap" Component "Itemid" Parameter SQL Injection
Description: "com_xmap" is a component for the Joomla! content
manager. The component is exposed to an SQL injection issue because it
fails to sufficiently sanitize user-supplied data to the "Itemid"
parameter before using it in an SQL query.
Ref: http://www.securityfocus.com/archive/1/510374
______________________________________________________________________

10.14.64 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Joomla! "com_software" Component "software_id" Parameter SQL
Injection
Description: "com_software" is a component for the Joomla! content
manager. The component is exposed to an SQL injection issue because it
fails to sufficiently sanitize user-supplied data to the "software_id"
parameter before using it in an SQL query.
Ref: http://www.securityfocus.com/bid/38942
______________________________________________________________________

10.14.65 CVE: Not Available
Platform: Web Application - SQL Injection
Title: E-Php Scripts CMS "event_desc.php" SQL Injection
Description: EPhp Scripts CMS is a web-based content manager; it is
implemented in PHP. The application is exposed to an SQL injection
issue because it fails to sufficiently sanitize user-supplied data to
the "es_id" parameter of the "event_desc.php" script before using it
in an SQL query.
Ref: http://www.securityfocus.com/bid/38954
______________________________________________________________________

10.14.66 CVE: Not Available
Platform: Web Application - SQL Injection
Title: SiteX "photo.php" SQL Injection
Description: SiteX is a content manager implemented in PHP. The
application is exposed to an SQL injection issue because it fails to
sufficiently sanitize user-supplied input to the "albumid" parameter
of the "photo.php" script before using it in an SQL query. SiteX
version 0.7.4 beta is affected.
Ref: http://www.securityfocus.com/bid/38976
______________________________________________________________________

10.14.67 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Joomla! dcsFlashGames Component "catid" Parameter SQL Injection
Description: dcsFlashGames is a component for the Joomla! content
manager. The component is exposed to an SQL injection issue because it
fails to sufficiently sanitize user-supplied data to the "catid"
parameter of "com_dcs_flashgame" before using it in an SQL query.
Ref: http://www.securityfocus.com/bid/38981
______________________________________________________________________

10.14.68 CVE: Not Available
Platform: Web Application - SQL Injection
Title: SuperNews "index.php" SQL Injection
Description: SuperNews is a web application implemented in PHP. The
application is exposed to an SQL injection issue because it fails to
sufficiently sanitize user-supplied input to the "noticia" parameter
of the "index.php" script before using it in an SQL query.
Ref: http://www.exploit-db.com/exploits/11887
______________________________________________________________________

10.14.69 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Kasseler CMS Jokes Module "id" Parameter SQL Injection
Description: Kasseler CMS is a PHP-based content manager. Kasseler CMS
is exposed to an SQL injection issue because it fails to sufficiently
sanitize user-supplied data to the "id" parameter of the "index.php"
script when the "module" parameter is set to "Jokes".
Ref: http://www.securityfocus.com/bid/38995
______________________________________________________________________

10.14.70 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Joomla! multiple SQL Injection Vulnerabilities
Description: The application is exposed to multiple SQL injection
issues because it fails to sufficiently sanitize user-supplied data to
the following parameters: "actionid" parameter of the "com_actions"
component; "season" parameter of the "com_guide" component; "id"
parameter of "com_departments" component; "detail" parameter of
"com_tariff" component; "id" parameter of "com_personal" component;
"id" parameter of "com_units", "com_topmenu", "com_weblinks",
"con","category_id", "com_science" and "com_teacher" component; "aid"
parameter of "com_agency" component; "category_id" parameter of
"com_business" component; "pro_id" parameter of "com_spec" component;
"mosConfig_absolute_path" parameter of "com_universal" component;
"cid" parameter of "com_wallpapers" component before using it in an
SQL query.
Ref: http://www.securityfocus.com/bid/38997
______________________________________________________________________

10.14.71 CVE: CVE-2010-0764
Platform: Web Application - SQL Injection
Title: eSmile "index.php" SQL Injection
Description: eSmile is a web application implemented in PHP. The
application is exposed to an SQL injection issue because it fails to
sufficiently sanitize user-supplied input to the "cid" parameter of
the "index.php" script before using it in an SQL query.
Ref: http://www.exploit-db.com/exploits/11382
______________________________________________________________________

10.14.72 CVE: CVE-2010-0802
Platform: Web Application - SQL Injection
Title: (nv2) Awards "index.php" SQL Injection
Description: (nv2) Awards is a web application implemented in PHP. The
application is exposed to an SQL injection issue because it fails to
sufficiently sanitize user-supplied input to the "id" parameter of the
"index.php" script before using it in an SQL query. (nv2) Awards
version 1.1.0 is affected.
Ref: http://forums.invisionize.com/nv2-Awards-120-t137847.html
______________________________________________________________________

10.14.73 CVE: Not Available
Platform: Web Application - SQL Injection
Title: Fuctweb CapCC Plugin for WordPress "plugins.php" SQL Injection
Description: Fuctweb CapCC Plugin for WordPress is a web-based
application implemented in PHP. CATPCHA (Completely Automated Public
Turing test to tell Computers and Humans Apart) is a
challenge and response protocol to determine if the user is a human or a
computer. The application is exposed to an SQL injection issue because
it fails to sufficiently sanitize user-supplied input to the
"CAPCC_MAX_ATTEMPTS" field of the "plugins.php" script before using it
in an SQL query. CapCC version 1.0 is affected.
Ref: http://websecurity.com.ua/2688
______________________________________________________________________

10.14.74 CVE: Not Available
Platform: Web Application - SQL Injection
Title: PhotoPost vBGallery "profile.php" Multiple SQL Injection
Vulnerabilities
Description: PhotoPost vBGallery is a PHP-based image gallery for the
vBulletin content system. The application is exposed to multiple SQL
injection issues because it fails to sufficiently sanitize
user-supplied input to multiple parameters of the "profile.php" script
before using it in an SQL query. All Enthusiast PhotoPost version 2.5
is affected.
Ref: http://www.securityfocus.com/archive/1/510362
______________________________________________________________________

10.14.75 CVE: CVE-2010-0973
Platform: Web Application - SQL Injection
Title: phppool media Domain Verkaufs und Auktions Portal SQL Injection
Description: Domain Verkaufs und Auktions Portal is a web application
implemented in PHP. The application is exposed to an SQL injection
issue because it fails to sufficiently sanitize user-supplied input to
the "id" parameter of the "index.php" script before using it in an SQL
query.
Ref: http://www.securityfocus.com/bid/39054
______________________________________________________________________

10.14.76 CVE: Not Available
Platform: Web Application
Title: WeBAM Denial of Service Vulnerability and CAPTCHA Bypass
Description: WeBAM is a web-based application implemented in PHP. The
application is exposed to multiple remote issues. Attackers can
leverage these issues to cause the affected server to stop responding
or to bypass certain security mechanisms.
Ref: http://www.securityfocus.com/archive/1/510318
______________________________________________________________________

10.14.77 CVE: Not Available
Platform: Web Application
Title: justVisual "p" Parameter Local File Include
Description: justVisual is a PHP-based content manager. justVisual is
exposed to a local file include issue because it fails to properly
sanitize user-supplied input. This issue affects the "p" parameter of
the "index.php" script. justVisual versions 2.0 and earlier are
affected.
Ref: http://www.securityfocus.com/bid/38970
______________________________________________________________________

10.14.78 CVE: Not Available
Platform: Web Application
Title: New-CMS "pg" Parameter Local File Include
Description: New-CMS is a PHP-based content management application.
The application is exposed to a local file include issue because it
fails to properly sanitize user-supplied input to the "pg" parameter
of the "index.php" script. New-CMS versions 1.21 and earlier are
affected.
Ref: http://www.securityfocus.com/bid/38971
______________________________________________________________________

10.14.79 CVE: Not Available
Platform: Web Application
Title: Direct News Multiple Remote File Include Vulnerabilities
Description: Direct News is a PHP-based content manager. The
application is exposed to multiple remote file include issues because
it fails to sufficiently sanitize user-supplied input. Direct News
version 4.10.2 is affected.
Ref: http://www.securityfocus.com/bid/38975
______________________________________________________________________

10.14.80 CVE: Not Available
Platform: Web Application
Title: Drupal Menu Block Partial Menu Tree Block Title Module HTML
Injection
Description: Menu Block is a PHP-based component for the Drupal
content manager. The Menu Block module for Drupal is prone to an
HTML injection vulnerability. Specifically, the application fails to
sanitize the partial menu tree parent menu item before using it in a
block title. Tag Order versions prior to 6.x-2.3. 5.x-2.1 and 5.x-1.1
are affected.
Ref: http://drupal.org/node/752236
______________________________________________________________________

10.14.81 CVE: Not Available
Platform: Web Application
Title: OpenCMS OAMP Comments Module Add Comment HTML Injection
Description: OAMP Comments is a comments module for the OpenCMS
content manager. The module for OpenCMS is exposed to an HTML
injection issue because it fails to properly sanitize user-supplied
input passed. This issue occurs when adding comments. OAMP Comments
version 1.0.0 is affected.
Ref: http://www.securityfocus.com/archive/1/510291
______________________________________________________________________

10.14.82 CVE: CVE-2010-0989
Platform: Web Application
Title: Pulse CMS "delete.php" Arbitrary File Deletion
Description: Pulse CMS is a PHP-based content manager. The application
is exposed to an issue that lets attackers delete arbitrary files on
the affected computer in the context of the web server. This issue
affects the "f" parameter of the "delete.php" script. Pulse CMS
version 1.2.2 is affected.
Ref: http://www.securityfocus.com/archive/1/510307
______________________________________________________________________

10.14.83 CVE: Not Available
Platform: Web Application
Title: Drupal Mime Mail Module PHP Code Execution
Description: Mime Mail module is a module for the Drupal content
manager. Mime Mail module is used to receive HTML message body,
mime-encode it and send it. The Mime Mail module is exposed to a
remote PHP code execution issue that occurs due to improper usage of
PCRE regular expression engine. Drupal Mime Mail versions prior to
5.x-1.1 are affected.
Ref: http://drupal.org/node/751934
______________________________________________________________________

10.14.84 CVE: Not Available
Platform: Web Application
Title: vBulletin Post Title HTML Injection
Description: vBulletin is a web-based content manager written in PHP.
vBulletin is exposed to an HTML injection issue because it fails to
sufficiently sanitize user-supplied input. Specifically, this issue
affects the "Title" field when creating a new post. vBulletin version
4.0.2 is affected.
Ref:
http://www.vbulletin.com/forum/showthread.php?346486-Security-Fix-Releases-3.7.7-and-4.0.2-PL-2
______________________________________________________________________

10.14.85 CVE: CVE-2010-0988
Platform: Web Application
Title: Pulse CMS Multiple PHP Code Injection Vulnerabilities
Description: Pulse CMS is a PHP-based content manager. Pulse CMS is
exposed to multiple issues that let attackers inject arbitrary PHP
code. The first issue occurs because the application fails to properly
sanitize user-supplied input to the "filename" and "block" parameters
of the "view.php" script. Pulse CMS version 1.2.2 is affected.
Ref: http://secunia.com/secunia_research/2010-45/
______________________________________________________________________

10.14.86 CVE: Not Available
Platform: Web Application
Title: eZ Publish SQL Injection and HTML Injection Vulnerabilities
Description: eZ Publish is a content manager. Since it fails to
sufficiently sanitize user-supplied data, the component is exposed to
multiple issues. An attacker may leverage the HTML injection issue to
execute arbitrary script code in the browser of an unsuspecting user
in the context of the affected site.
Ref:
http://ez.no/de/developer/security/security_advisories/ez_publish_4_2/ezsa_2010_001_remote_vulnerability_in_ez_search
______________________________________________________________________

10.14.87 CVE: Not Available
Platform: Web Application
Title: WebMaid CMS Multiple Remote and Local File Include
Vulnerabilities
Description: WebMaid CMS is a PHP-based content management
application. WebMaid CMS is exposed to multiple input validation
issues. An attacker may leverage these issues to execute arbitrary
server side script code that resides on an affected computer or in a
remote location with the privileges of the web server process. WebMaid
CMS version 0.2-6 Beta is affected.
Ref: http://www.securityfocus.com/bid/38993
______________________________________________________________________

10.14.88 CVE: Not Available
Platform: Web Application
Title: CMS Faethon "mainpath" Parameter Multiple File Include
Vulnerabilities
Description: CMS Faethon is a content manager implemented in PHP.
Since it fails to sufficiently sanitize user-supplied input, the
application is exposed to multiple file include issues. CMS Faethon
version 2.2.0 is affected.
Ref: http://www.securityfocus.com/bid/38996
______________________________________________________________________

10.14.89 CVE: Not Available
Platform: Web Application
Title: AdaptCMS Lite "admin.php" Security Bypass
Description: AdaptCMS Lite is a PHP-based content manager. The
application is exposed to a security bypass issue that affects the
"admin.php" script. An attacker can exploit this issue to bypass
intended security measures and create a new admin user or modify the
site administrator's password. AdaptCMS Lite version 1.5 is affected.
Ref: http://www.securityfocus.com/bid/38998
______________________________________________________________________

10.14.90 CVE: Not Available
Platform: Web Application
Title: Simple Machines Forum Avatar Upload Arbitrary File Upload
Description: Simple Machines Forum (SMF) is an open source web forum
that is written in PHP. The application is exposed to an issue that
lets attackers upload arbitrary files. The problem occurs because the
avatar upload component fails to properly validate contents of an
uploaded file. Simple Machines Forum versions 1.1.8 and earlier are
affected.
Ref: http://www.securityfocus.com/bid/39007
______________________________________________________________________

10.14.91 CVE: Not Available
Platform: Web Application
Title: N-13 News "default_login_language" Parameter Local File Include
Description: N-13 News is a news management system implemented in PHP.
The application is exposed to a local file include issue because it
fails to properly sanitize user-supplied input to the
"default_login_language" parameter of the "modules/login.php" script.
N-13 News version 3.4 is affected.
Ref: http://www.securityfocus.com/bid/39012
______________________________________________________________________

10.14.92 CVE: Not Available
Platform: Network Device
Title: Cisco TFTP Server Remote Denial of Service
Description: Cisco TFTP Server is an implementation of the Trivial
File Transfer Protocol. The application is exposed to a remote denial
of service issue because it fails to properly user-supplied input.
Attackers can crash the application by sending certain input to the
server. Cisco TFTP Server version 1.1 is affected.
Ref: http://www.securityfocus.com/bid/38968
______________________________________________________________________

10.14.93 CVE: CVE-2010-0580
Platform: Network Device
Title: Cisco IOS SIP Message (CVE-2010-0580) Denial of Service
Description: Cisco IOS is exposed to a denial of service issue when
handling specially crafted SIP messages. An attacker can exploit this
issue by submitting specially crafted SIP messages via TCP port 5060
or 5061 or via UDP port 5060.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f32.shtml#12_4
______________________________________________________________________

10.14.94 CVE: CVE-2010-0577
Platform: Network Device
Title: Cisco IOS Software Crafted TCP Packet Denial of Service
Description: Cisco IOS is exposed to a denial of service issue when
handling specially crafted TCP packets. The vulnerability may only be
triggered by a TCP segment received during the TCP session
establishment phase. The received TCP segment must contain crafted,
not malformed, TCP options.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f34.shtml
______________________________________________________________________

10.14.95 CVE: CVE-2010-0583
Platform: Network Device
Title: Cisco IOS H.323 Interface Queue Resource Exhaustion Denial of
Service
Description: Cisco IOS is exposed to a remote denial of service issue
affecting the H.323 protocol implementation.
An attacker can exploit this issue to consume all available space in
the H.323 interface queue, resulting in a queue wedge, which may
prevent new packets from being processed.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee4.shtml
______________________________________________________________________

10.14.96 CVE: CVE-2010-0578
Platform: Network Device
Title: Cisco IOS IPsec Internet Key Exchange (IKE) Malformed Packet
Denial of Service
Description: Cisco IOS is exposed to a remote denial of service issue
affecting IPsec. Specifically, the software fails to handle specially
crafted Internet Key Exchange (IKE) packets. An attacker can exploit
this issue by submitting specially crafted network packets via UDP
port 500, 4500, 848, or 4848.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee5.shtml#ID
______________________________________________________________________

10.14.97 CVE: CVE-2010-0581
Platform: Network Device
Title: Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution
Description: Cisco IOS is exposed to a denial of service issue when
handling specially crafted SIP messages. An attacker can exploit this
issue by submitting specially crafted SIP messages via TCP port 5060
or 5061 or via UDP port 5060.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f32.shtml#12_4
______________________________________________________________________

10.14.98 CVE: CVE-2010-0583
Platform: Network Device
Title: Cisco IOS H.323 Interface Memory Leak Remote Denial of Service
Description: Cisco IOS is exposed to a remote denial of service issue
affecting the H.323 implementation. Specifically, crafted packets can
cause a memory leak, eventually leading to the affected device
reloading.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee4.shtml
______________________________________________________________________

10.14.99 CVE: CVE-2010-0579
Platform: Network Device
Title: Cisco IOS SIP Message (CVE-2010-0579) Remote Code Execution
Description: Cisco IOS is exposed to a denial of service issue when
handling specially crafted SIP messages. An attacker can exploit this
issue by submitting specially crafted SIP messages via TCP port 5060
or 5061 or via UDP port 5060.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f32.shtml#12_4
______________________________________________________________________

10.14.100 CVE: CVE-2010-0585
Platform: Network Device
Title: Cisco IOS For Communication Manager Express SCCP
(CVE-2010-0585) Denial of Service
Description: Cisco Communications Manager Express (CUCM) is a
software based call processing component of the Cisco IP telephony
solution. Cisco IOS, configured for use on Cisco Communication Manager
Express, is prone to a denial of service vulnerability. This issue
occurs when handling a malformed SCCP message.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml
______________________________________________________________________

10.14.101 CVE: CVE-2010-0584
Platform: Network Device
Title: Cisco IOS NAT SCCP Fragmentation Support Denial of Service
Description: Cisco IOS is exposed to a remote denial of service issue
that occurs when a device is configured to use the NAT SCCP
Fragmentation Support feature. The attacker can exploit this issue to
cause the affected device to reload, denying service to legitimate
users.
Ref: http://www.securityfocus.com/archive/1/510308
______________________________________________________________________

10.14.102 CVE: CVE-2010-0576
Platform: Network Device
Title: Cisco IOS Multiprotocol Label Switching (MPLS) Malformed Packet
Denial of Service
Description: Cisco IOS is exposed to a remote denial of service issue
affecting Multiprotocol Label Switching (MPLS). Specifically, the
software fails to handle specially crafted Label Distribution Protocol
(LDP) packets.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee2.shtml#ID
______________________________________________________________________

10.14.103 CVE: CVE-2010-0586
Platform: Network Device
Title: Cisco IOS For Communication Manager Express SCCP
(CVE-2010-0586) Denial of Service
Description: Cisco Communications Manager Express (CUCM) is a
software-based call processing component of the Cisco IP telephony
solution. Cisco IOS, configured for use on Cisco Communication Manager
Express, is exposed to a denial of service issue that occurs when
handling a malformed SCCP message.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20f33.shtml
______________________________________________________________________

(c) 2010. All rights reserved. The information contained in this
newsletter, including any external links, is provided "AS IS," with no
express or implied warranty, for informational purposes only. In some
cases, copyright for material in this newsletter may be held by a
party other than Qualys (as indicated herein) and permission to use
such material must be requested from the copyright owner.

Subscriptions: RISK is distributed free of charge by the SANS Institute
to people responsible for managing and securing information systems and
networks. You may forward this newsletter to others with such
responsibility inside or outside your organization.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iEYEARECAAYFAku1U58ACgkQ+LUG5KFpTkZbqwCeOrDVwKTeE1VqwbQRde9IMwPI
b24An1gpHD6o9xVK2ArJ9g8xErnhb7vI
=Xqh0
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]