High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| automatedsolutions — modbus/tcp_master_opc_server | Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field. | 2011-01-28 | 7.6 | CVE-2010-4709 CERT-VN VUPEN MISC BID EXPLOIT-DB SECUNIA CONFIRM |
| cisco — ios | Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different vulnerability than CVE-2011-0350. | 2011-01-28 | 7.8 | CVE-2011-0349 XF VUPEN BID CISCO SECTRACK SECUNIA OSVDB |
| cisco — ios | Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth41891, a different vulnerability than CVE-2011-0349. | 2011-01-28 | 7.8 | CVE-2011-0350 XF VUPEN BID CISCO SECTRACK SECUNIA OSVDB |
| cisco — webex_advanced_recording_format_player | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044. | 2011-02-02 | 9.3 | CVE-2010-3041 XF BID MISC CISCO CONFIRM SECTRACK |
| cisco — webex_advanced_recording_format_player | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044. | 2011-02-02 | 9.3 | CVE-2010-3042 CISCO CONFIRM XF BID SECTRACK |
| cisco — webex_advanced_recording_format_player | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044. | 2011-02-02 | 9.3 | CVE-2010-3043 XF BID CISCO CONFIRM SECTRACK |
| cisco — webex_advanced_recording_format_player | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043. | 2011-02-02 | 9.3 | CVE-2010-3044 CISCO CONFIRM XF BID MISC SECTRACK |
| cisco — webex_advanced_recording_format_player | Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism. | 2011-02-02 | 9.3 | CVE-2010-3269 MISC CISCO CONFIRM XF VUPEN BID BUGTRAQ SECTRACK |
| cisco — tandberg_endpoint | The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method. | 2011-02-03 | 10.0 | CVE-2011-0354 CERT-VN BID EXPLOIT-DB CISCO CONFIRM SECTRACK SECUNIA |
| harmistechnology — com_jeauto | SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page. | 2011-02-01 | 7.5 | CVE-2010-4720 BID CONFIRM SECUNIA OSVDB |
| hp — openview_storage_data_protector | Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown vectors. | 2011-01-28 | 7.1 | CVE-2011-0275 XF VUPEN BID SECTRACK SECUNIA OSVDB HP HP |
| hp — openview_performance_insight | HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a “hidden account” in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class. | 2011-02-01 | 10.0 | CVE-2011-0276 XF MISC VUPEN SECTRACK BID BUGTRAQ SECUNIA HP HP |
| ibm — db2 | Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors. | 2011-02-01 | 7.5 | CVE-2011-0731 BID OSVDB AIXAPAR AIXAPAR AIXAPAR SECUNIA |
| ibm — tivoli_common_reporting | Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to “security vulnerabilities of Websphere Application Server bundled within” and “many internal defects and APARs.” | 2011-02-01 | 10.0 | CVE-2011-0732 AIXAPAR SECUNIA |
| icon-labs — iconfidant_ssl_server | Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value. | 2011-01-28 | 7.5 | CVE-2011-0651 XF MISC BID SECUNIA OSVDB |
| isc — dhcp | The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. | 2011-01-31 | 7.8 | CVE-2011-0413 CERT-VN XF VUPEN VUPEN BID OSVDB CONFIRM SECTRACK SECUNIA SECUNIA SECUNIA FEDORA |
| maradns — maradns | The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow. | 2011-01-28 | 7.5 | CVE-2011-0520 XF BID MLIST MLIST SECUNIA OSVDB CONFIRM |
| mediawiki — mediawiki | Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly Novell Netware, allow remote attackers to include and execute arbitrary local PHP files via vectors related to a crafted language file and the Language::factory function. | 2011-02-03 | 7.5 | CVE-2011-0537 MLIST MISC CONFIRM VUPEN MLIST MLIST |
| mhproducts — immo_makler | SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2011-02-01 | 7.5 | CVE-2010-4721 OSVDB EXPLOIT-DB SECUNIA |
| modxcms — evolution | SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch. | 2011-02-01 | 7.5 | CVE-2010-3929 XF CONFIRM JVNDB JVN |
| mozilla — bugzilla | Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to arbitrary accounts via unspecified vectors, related to an insufficient number of calls to the srand function. | 2011-01-28 | 7.5 | CVE-2010-4568 CONFIRM CONFIRM CONFIRM XF VUPEN BID CONFIRM SECUNIA OSVDB |
| novell — groupwise | Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message. | 2011-01-28 | 10.0 | CVE-2010-4325 CONFIRM XF MISC VUPEN BID BUGTRAQ CONFIRM SECUNIA OSVDB |
| novell — groupwise | Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message. | 2011-01-28 | 10.0 | CVE-2010-4326 CONFIRM CONFIRM CONFIRM CONFIRM MISC MISC MISC XF MISC VUPEN BID CONFIRM CONFIRM |
| novell — groupwise | Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command. | 2011-01-28 | 9.0 | CVE-2010-2777 CONFIRM MISC CONFIRM |
| novell — groupwise | Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command. | 2011-01-31 | 7.5 | CVE-2010-4711 CONFIRM MISC CONFIRM CONFIRM |
| novell — groupwise | Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data. | 2011-01-31 | 10.0 | CVE-2010-4712 CONFIRM CONFIRM MISC MISC CONFIRM CONFIRM CONFIRM |
| novell — groupwise | Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header. | 2011-01-31 | 10.0 | CVE-2010-4713 CONFIRM MISC CONFIRM CONFIRM |
| novell — groupwise | Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent. | 2011-01-31 | 10.0 | CVE-2010-4714 CONFIRM MISC CONFIRM CONFIRM |
| novell — zenworks_handheld_management | Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. | 2011-02-01 | 10.0 | CVE-2011-0742 XF MISC VUPEN SECTRACK BID BUGTRAQ CONFIRM MISC SECUNIA OSVDB |
| openvas — openvas_manager | The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA). | 2011-01-28 | 9.0 | CVE-2011-0018 CONFIRM XF VUPEN BID BUGTRAQ EXPLOIT-DB SECUNIA OSVDB |
| opera — opera_browser | The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file. | 2011-01-31 | 7.6 | CVE-2011-0450 CONFIRM CONFIRM OSVDB JVNDB JVN |
| opera — opera_browser | Opera before 11.01 does not properly handle large form inputs, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document. | 2011-01-31 | 9.3 | CVE-2011-0682 CONFIRM CONFIRM CONFIRM CONFIRM |
| opera — opera_browser | Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient access to local files to use these files as page resources, and consequently obtain potentially sensitive information from the contents of the files, via an unknown response manipulation. | 2011-01-31 | 7.8 | CVE-2011-0684 CONFIRM CONFIRM CONFIRM CONFIRM OSVDB |
| plone — plone | Unspecified vulnerability in Plone 2.5 through 4.0 allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors. | 2011-02-03 | 7.5 | CVE-2011-0720 XF BID SECUNIA CONFIRM OSVDB |
| realnetworks — realplayer | Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file. | 2011-01-31 | 9.3 | CVE-2010-4393 XF MISC VUPEN BID CONFIRM SECTRACK SECUNIA OSVDB |
| smarty — smarty | Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 have unknown impact and attack vectors. | 2011-02-03 | 10.0 | CVE-2009-5052 CONFIRM |
| smarty — smarty | Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file. | 2011-02-03 | 7.5 | CVE-2009-5053 CONFIRM |
| smarty — smarty | Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations. | 2011-02-03 | 7.5 | CVE-2009-5054 CONFIRM |
| smarty — smarty | Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors. | 2011-02-03 | 10.0 | CVE-2010-4722 CONFIRM |
| smarty — smarty | Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors. | 2011-02-03 | 9.3 | CVE-2010-4723 CONFIRM |
| smarty — smarty | Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack vectors. | 2011-02-03 | 10.0 | CVE-2010-4724 CONFIRM |
| smarty — smarty | Smarty before 3.0.0 RC3 does not properly handle an on value of the asp_tags option in the php.ini file, which has unspecified impact and remote attack vectors. | 2011-02-03 | 10.0 | CVE-2010-4725 CONFIRM |
| smarty — smarty | Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors. NOTE: this might overlap CVE-2009-1669. | 2011-02-03 | 10.0 | CVE-2010-4726 CONFIRM |
| smarty — smarty | Smarty before 3.0.0 beta 7 does not properly handle the tags, which has unspecified impact and remote attack vectors. | 2011-02-03 | 10.0 | CVE-2010-4727 CONFIRM |
| sun — openoffice.org | Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. | 2011-01-28 | 9.3 | CVE-2010-3450 CONFIRM VUPEN VUPEN SECTRACK BID REDHAT REDHAT CONFIRM DEBIAN UBUNTU SECUNIA SECUNIA SECUNIA SECUNIA OSVDB |
| sun — openoffice.org | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document. | 2011-01-28 | 9.3 | CVE-2010-3451 CONFIRM XF VUPEN VUPEN SECTRACK BID REDHAT REDHAT CONFIRM DEBIAN MISC UBUNTU SECUNIA SECUNIA SECUNIA SECUNIA OSVDB |
| sun — openoffice.org | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document. | 2011-01-28 | 9.3 | CVE-2010-3452 CONFIRM XF VUPEN VUPEN SECTRACK BID REDHAT REDHAT CONFIRM DEBIAN MISC UBUNTU SECUNIA SECUNIA SECUNIA SECUNIA OSVDB |
| sun — openoffice.org | The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write. | 2011-01-28 | 9.3 | CVE-2010-3453 CONFIRM VUPEN VUPEN SECTRACK BID REDHAT REDHAT CONFIRM DEBIAN MISC UBUNTU SECUNIA SECUNIA SECUNIA SECUNIA OSVDB |
| sun — openoffice.org | Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write. | 2011-01-28 | 9.3 | CVE-2010-3454 CONFIRM VUPEN VUPEN SECTRACK BID REDHAT REDHAT CONFIRM DEBIAN MISC UBUNTU SECUNIA SECUNIA SECUNIA SECUNIA OSVDB |
| sun — openoffice.org | Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document. | 2011-01-28 | 9.3 | CVE-2010-4253 CONFIRM VUPEN VUPEN SECTRACK BID REDHAT CONFIRM DEBIAN UBUNTU SECUNIA SECUNIA SECUNIA OSVDB |
| sun — openoffice.org | Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file in an ODF or Microsoft Office document. | 2011-01-28 | 9.3 | CVE-2010-4643 CONFIRM VUPEN VUPEN SECTRACK BID REDHAT REDHAT CONFIRM DEBIAN UBUNTU SECUNIA SECUNIA SECUNIA SECUNIA |
| symantec — antivirus | Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service. | 2011-01-31 | 9.3 | CVE-2010-0110 XF MISC MISC MISC MISC VUPEN CONFIRM BID SECTRACK SECUNIA SECUNIA |
| symantec — antivirus | HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call. | 2011-01-31 | 9.3 | CVE-2010-0111 XF XF MISC VUPEN CONFIRM BID SECTRACK SECUNIA SECUNIA |
| symantec — antivirus | Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information. | 2011-01-31 | 9.3 | CVE-2011-0688 XF VUPEN CONFIRM BID SECTRACK SECUNIA |
| symantec — im_manager | Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method. | 2011-02-01 | 8.5 | CVE-2010-3719 XF MISC VUPEN CONFIRM BID BUGTRAQ SECUNIA |
| tibco — enterprise_message_service | Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), and (3) Rendezvous Secure Routing Daemon (rvsrd). | 2011-02-03 | 7.2 | CVE-2011-0649 CONFIRM BID SECUNIA SECUNIA |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe — coldfusion | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion, possibly before 9.0.1 CHF1, allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file. | 2011-02-01 | 4.3 | CVE-2011-0733 MISC SECTRACK FULLDISC |
| adobe — coldfusion | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a “tag body” attack. | 2011-02-01 | 4.3 | CVE-2011-0734 MISC SECTRACK FULLDISC |
| adobe — coldfusion | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a “tag script.” | 2011-02-01 | 4.3 | CVE-2011-0735 MISC FULLDISC |
| adobe — coldfusion | Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file. | 2011-02-01 | 4.3 | CVE-2011-0736 MISC FULLDISC |
| adobe — coldfusion | Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. | 2011-02-01 | 5.0 | CVE-2011-0737 MISC FULLDISC |
| apache — couchdb | Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2011-02-01 | 4.3 | CVE-2010-3854 XF VUPEN SECTRACK BID BUGTRAQ SECUNIA OSVDB MLIST |
| balabit — syslog-ng | Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files. | 2011-01-28 | 6.9 | CVE-2011-0343 CONFIRM BUGTRAQ |
| cisco — ios | Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917. | 2011-01-28 | 6.4 | CVE-2011-0348 XF VUPEN BID CISCO SECTRACK SECUNIA OSVDB |
| cisco — webex_meeting_center | Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed. | 2011-02-02 | 6.8 | CVE-2010-3270 VUPEN BID BUGTRAQ MISC CONFIRM SECTRACK |
| emc — networker | librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | 2011-02-01 | 6.4 | CVE-2011-0321 XF VUPEN BID OSVDB SECTRACK SECUNIA CONFIRM BUGTRAQ |
| exim — exim | The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack. | 2011-02-01 | 6.9 | CVE-2011-0017 MLIST XF VUPEN VUPEN BID DEBIAN SECUNIA SECUNIA OSVDB CONFIRM |
| fxwebdesign — com_jradio | Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | 2011-02-01 | 5.0 | CVE-2010-4719 XF BID CONFIRM EXPLOIT-DB SECUNIA MISC |
| globus — globus_toolkit | MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote attackers to spoof the server and conduct man-in-the-middle (MITM) attacks via a crafted certificate when executing (a) myproxy-logon or (b) myproxy-get-delegation. | 2011-02-01 | 4.3 | CVE-2011-0738 MLIST XF BID SECUNIA SECUNIA OSVDB FEDORA FEDORA MISC |
| google — android | data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service. | 2011-01-31 | 5.0 | CVE-2011-0680 MISC CONFIRM CONFIRM MISC CONFIRM BID MISC MISC MISC MISC MISC |
| greenbone — security_assistant | Cross-site request forgery (CSRF) vulnerability in Greenbone Security Assistant (GSA) allows remote attackers to hijack the authentication of users for requests that send email via an OMP request to OpenVAS Manager. NOTE: this issue can be leveraged to bypass authentication requirements for exploiting CVE-2011-0018. | 2011-01-28 | 6.8 | CVE-2011-0650 XF BUGTRAQ |
| ibm — websphere_portal | IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a “modified message.” | 2011-01-28 | 5.0 | CVE-2011-0679 VUPEN BID CONFIRM AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR SECUNIA OSVDB |
| ibm — db2 | IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority. | 2011-02-02 | 6.5 | CVE-2011-0757 XF BID CONFIRM AIXAPAR AIXAPAR AIXAPAR CONFIRM CONFIRM CONFIRM SECUNIA |
| janrain — janrain_engage_module | Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks and possibly execute arbitrary PHP code by causing a crafted avatar to be downloaded from an external login provider site. | 2011-02-03 | 6.8 | CVE-2011-0771 BID CONFIRM XF XF SECUNIA OSVDB |
| linux — kernel | The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. | 2011-02-02 | 6.9 | CVE-2011-0521 MLIST MLIST CONFIRM XF BID CONFIRM SECUNIA |
| lockon — ec-cube | Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl and (2) data/Smarty/templates/default/campaign/bloc/cart_tag.tpl in EC-CUBE before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2011-02-03 | 4.3 | CVE-2011-0451 CONFIRM XF BID CONFIRM SECUNIA JVNDB JVN |
| lomtec — activeweb | Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm. | 2011-01-28 | 6.8 | CVE-2011-0678 CERT-VN VUPEN BID MISC SECUNIA OSVDB |
| lyften — com_lyftenbloggie | Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. | 2011-02-01 | 4.3 | CVE-2010-4718 BID SECUNIA MISC |
| mediawiki — mediawiki | Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka “CSS injection vulnerability.” | 2011-02-03 | 4.3 | CVE-2011-0047 MLIST CONFIRM VUPEN BID SECUNIA |
| microsoft — windows_2003_server | The MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer. | 2011-01-31 | 4.3 | CVE-2011-0096 CERT-VN XF VUPEN SECTRACK CONFIRM EXPLOIT-DB MISC SECUNIA OSVDB CONFIRM CONFIRM |
| mikel_lindsaar — mail | The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address. | 2011-02-01 | 6.8 | CVE-2011-0739 MISC CONFIRM XF VUPEN BID SECUNIA OSVDB |
| mj2 — majordomo_2 | Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface. | 2011-02-03 | 5.0 | CVE-2011-0049 CONFIRM CONFIRM CONFIRM MISC XF BID BUGTRAQ EXPLOIT-DB SECUNIA |
| modxcms — evolution | Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE-2010-1427. | 2011-02-01 | 5.0 | CVE-2010-3930 CONFIRM JVNDB JVN |
| modxcms — evolution | Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) installer or (2) image editor. | 2011-02-01 | 4.3 | CVE-2011-0741 CONFIRM |
| mozilla — bugzilla | Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the URL (aka bug_file_loc) field. | 2011-01-28 | 4.3 | CVE-2010-4567 CONFIRM XF VUPEN BID CONFIRM SECUNIA OSVDB |
| mozilla — bugzilla | Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI. | 2011-01-28 | 4.3 | CVE-2010-4569 CONFIRM MISC MISC VUPEN BID CONFIRM OSVDB |
| mozilla — bugzilla | Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI. | 2011-01-28 | 4.3 | CVE-2010-4570 CONFIRM MISC MISC VUPEN BID CONFIRM |
| mozilla — bugzilla | CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the query string, a different vulnerability than CVE-2010-2761 and CVE-2010-4411. | 2011-01-28 | 4.3 | CVE-2010-4572 CONFIRM VUPEN BID CONFIRM SECUNIA |
| mozilla — bugzilla | Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi. | 2011-01-28 | 6.8 | CVE-2011-0046 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM XF VUPEN BID CONFIRM SECUNIA OSVDB OSVDB OSVDB OSVDB OSVDB OSVDB |
| mozilla — bugzilla | Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: URI in the URL (aka bug_file_loc) field, which allows remote attackers to conduct cross-site scripting (XSS) attacks against logged-out users via a crafted URI. | 2011-01-28 | 4.3 | CVE-2011-0048 CONFIRM XF VUPEN BID CONFIRM SECUNIA OSVDB |
| novell — groupwise | Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a “Javascript XSS exploit.” | 2011-01-28 | 4.3 | CVE-2010-2778 CONFIRM MISC CONFIRM |
| novell — groupwise | Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to “replies.” | 2011-01-28 | 4.3 | CVE-2010-2779 CONFIRM MISC CONFIRM |
| novell — groupwise | Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information. | 2011-01-31 | 5.0 | CVE-2010-4715 CONFIRM CONFIRM CONFIRM CONFIRM SECUNIA |
| novell — groupwise | Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2011-01-31 | 4.3 | CVE-2010-4716 CONFIRM CONFIRM CONFIRM |
| novell — groupwise | Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command. | 2011-01-31 | 6.5 | CVE-2010-4717 CONFIRM MISC CONFIRM CONFIRM |
| opera — opera_browser | The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL. | 2011-01-31 | 4.3 | CVE-2011-0681 CONFIRM CONFIRM CONFIRM OSVDB |
| opera — opera_browser | Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | 2011-01-31 | 4.3 | CVE-2011-0683 CONFIRM CONFIRM CONFIRM CONFIRM OSVDB |
| opera — opera_browser | Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by vkontakte.ru. | 2011-01-31 | 5.0 | CVE-2011-0686 CONFIRM CONFIRM CONFIRM OSVDB |
| opera — opera_browser | Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document. | 2011-01-31 | 4.3 | CVE-2011-0687 CONFIRM CONFIRM CONFIRM OSVDB |
| php — php | The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758. | 2011-02-02 | 5.0 | CVE-2011-0752 CONFIRM CONFIRM CONFIRM MLIST |
| php — php | Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. | 2011-02-02 | 4.3 | CVE-2011-0753 CONFIRM CONFIRM |
| php — php | The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. | 2011-02-02 | 4.4 | CVE-2011-0754 CONFIRM CONFIRM |
| php — php | Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script’s use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax. | 2011-02-02 | 5.0 | CVE-2011-0755 CONFIRM CONFIRM |
| pivotx — pivotx | Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.php. | 2011-02-03 | 4.3 | CVE-2011-0772 CONFIRM XF BID BUGTRAQ BUGTRAQ OSVDB OSVDB MISC MISC SECUNIA |
| pivotx — pivotx | Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX 2.2.2 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 2011-02-03 | 4.3 | CVE-2011-0773 CONFIRM XF BID MISC CONFIRM SECUNIA MISC OSVDB |
| pivotx — pivotx | PivotX 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message. | 2011-02-03 | 5.0 | CVE-2011-0774 CONFIRM MISC |
| pivotx — pivotx | pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2011-02-03 | 5.0 | CVE-2011-0775 XF SECUNIA OSVDB |
| pleer — rss_feed_reader | Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter. | 2011-02-01 | 4.3 | CVE-2011-0740 XF BID MISC SECUNIA OSVDB |
| postgresql — postgresql | Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions. | 2011-02-01 | 6.5 | CVE-2010-4015 CONFIRM XF VUPEN BID CONFIRM CONFIRM SECUNIA OSVDB |
| proftpd — proftpd | Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query. | 2011-02-01 | 6.8 | CVE-2010-4652 CONFIRM MISC VUPEN BID CONFIRM MISC FEDORA FEDORA |
| sun — openoffice.org | soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | 2011-01-28 | 6.9 | CVE-2010-3689 CONFIRM VUPEN VUPEN SECTRACK BID REDHAT CONFIRM DEBIAN UBUNTU SECUNIA SECUNIA SECUNIA OSVDB |
| tsugio_okamoto — lha | Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to “command line processing,” a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries. | 2011-02-03 | 6.8 | CVE-2004-0694 REDHAT REDHAT |
| yahoo — yui | Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a similar issue to CVE-2010-4569 and CVE-2010-4570. | 2011-01-28 | 4.3 | CVE-2010-4710 CONFIRM MISC MISC |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| looknstop — look_’n’_stop_firewall | lnsfw1.sys 6.0.2900.5512 in Look ‘n’ Stop Firewall 2.06p4 and 2.07 allows local users to cause a denial of service (crash) via a crafted 0x80000064 IOCTL request that triggers an assertion failure. NOTE: some of these details are obtained from third party information. | 2011-01-28 | 2.1 | CVE-2011-0652 XF BID EXPLOIT-DB SECUNIA OSVDB |
| opera — opera_browser | The Delete Private Data feature in Opera before 11.01 does not properly implement the “Clear all email account passwords” option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation. | 2011-01-31 | 3.6 | CVE-2011-0685 XF CONFIRM CONFIRM CONFIRM CONFIRM OSVDB |