@RISK: The Consensus Security Vulnerability Alert

Part I -- Critical Vulnerabilities from TippingPoint (www.tippingpoint.com)

• (1) CRITICAL: Apple QuickTime Multiple Vulnerabilities
• (2) HIGH: Novell Netmail WebAdmin Buffer Overflow
• (3) MODERATE: Asterisk SIP Channel Handler Denial-of-Service
• (4) MODERATE: Ipswitch Collaboration Suite and IMail Multiple ActiveX Component Vulnerabilities
• (5) LOW: Mozilla-based Browser Arbitrary JavaScript Code Execution

Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)

Windows

• 07.11.1 - Microsoft Windows ole32.dll Word Document Handling Denial of Service

Third Party Windows Apps

• 07.11.2 - Adobe Reader AcroPDF.DLL Resource Consumption Denial of Service
• 07.11.3 - Macromedia Shockwave 10 SWDIR.DLL Multiple ActiveX Control Remote Denial of Service Vulnerabilities
• 07.11.4 - RealMedia RealPlayer Ierpplug.DLL ActiveX Control Multiple Buffer Overflow Vulnerabilities
• 07.11.5 - MailEnable Append Remote Buffer Overflow

Mac Os

• 07.11.6 - Apple QuickTime MOV File Heap Overflow
• 07.11.7 - Apple Quicktime UDTA ATOM Integer Overflow
• 07.11.8 - Apple QuickTime Color Table ID Heap Overflow
• 07.11.9 - Apple QuickTime Multiple Unspecified Code Execution Vulnerabilities

Linux

• 07.11.10 - Linux Kernel Omnikey CardMan 4040 Driver Local Buffer Overflow
• 07.11.11 - Util-Linux Umount Filesystem NULL Pointer Dereference
• 07.11.12 - Linux Kernel Sys_Tee Local Privilege Escalation
• 07.11.13 - GnuPG Signed Message Arbitrary Content Injection

BSD

• 07.11.14 - NetBSD KTRUser Integer Overflow

Solaris

• 07.11.15 - Sun Ipmitool Interface Remote Unauthorized Access

Unix

• 07.11.16 - Radscan Conquest Multiple Remote Vulnerabilities
• 07.11.17 - Mutt GnuPG Arbitrary Content Injection
• 07.11.18 - Sylpheed GnuPG Arbitrary Content Injection
• 07.11.19 - KMail GnuPG Arbitrary Content Injection
• 07.11.20 - Gnome Evolution GnuPG Arbitrary Content Injection

Novell

• 07.11.21 - Novell NetMail Multiple Buffer Overflow Vulnerabilities

Cross Platform

• 07.11.22 - Fish Multiple Remote Buffer Overflow Vulnerabilities
• 07.11.23 - PHP Zip URL Wrapper Stack Buffer Overflow
• 07.11.24 - PHP Import_Request_Variables Arbitrary Variable Overwrite
• 07.11.25 - Mozilla Firefox Document.Cookie Path Argument Denial of Service
• 07.11.26 - Snort Inline Fragmentation Denial of Service
• 07.11.27 - Avaya System Products Shell Command Injection Vulnerabilities
• 07.11.28 - Avaya Communications Manager Javascript Remote Code Execution
• 07.11.29 - PHP Shared Memory Functions Resource Verification Arbitrary Code Execution
• 07.11.30 - PHP 5 Substr_Compare Integer Overflow
• 07.11.31 - Mozilla Thunderbird/Seamonkey Rich Text Integer Overflow
• 07.11.32 - Silc Server New Channel Remote Denial of Service
• 07.11.33 - Apache mod_python Output Filter Mode Information Disclosure
• 07.11.34 - Asterisk SIP Channel Driver Remote Denial of Service
• 07.11.35 - Ezstream XML Config File Multiple Buffer Overflow Vulnerabilities
• 07.11.36 - PHP4 Ovrimos Extension Code Execution
• 07.11.37 - Mod_Security ASCIIZ Byte POST Bypass
• 07.11.38 - PHP MySQL_Connect Local Buffer Overflow
• 07.11.39 - Mozilla Firefox Javascript URI Remote Code Execution
• 07.11.40 - GNUMail.App GnuPG Arbitrary Content Injection
• 07.11.41 - Enigmail GnuPG Arbitrary Content Injection
• 07.11.42 - PuTTY Puttygen Insecure Private Key File Permissions
• 07.11.43 - KDE Konqueror JavaScript IFrame Denial of Service
• 07.11.44 - Zend Platform PHP.INI File Modification
• 07.11.45 - PHP PHPInfo Cross-Site Scripting Variant
• 07.11.46 - PHP PHP_Binary Heap Information Leak
• 07.11.47 - PHP WDDX Session Deserialization Information Leak
• 07.11.48 - PHP WDDX_Deserialize Buffer Overflow
• 07.11.49 - Kaspersky AntiVirus UPX File Decompression Remote Denial of Service
• 07.11.50 - WebMod Content Length Stack Buffer Overflow
• 07.11.51 - EMC NetWorker Management Console Remote Authentication Bypass
• 07.11.52 - Apache Tomcat Mod_JK.SO Arbitrary Code Execution

Web Application - Cross Site Scripting

• 07.11.53 - Trac Download Function Cross-Site Scripting
• 07.11.54 - dynaliens Multiple Cross-Site Scripting Vulnerabilities
• 07.11.55 - Lazarus Guestbook Multiple Unspecified Cross-Site Scripting Vulnerabilities
• 07.11.56 - vCard Pro create.php Cross-Site Scripting
• 07.11.57 - VirtueMart Multiple Cross-Site Scripting Vulnerabilities

Web Application - SQL Injection

• 07.11.58 - GaziYapBoz Game Portal kategori.asp SQL Injection
• 07.11.59 - SQL-Ledger/LedgerSMB Remote Code Execution
• 07.11.60 - Monitor-Line Links Management index.php SQL Injection
• 07.11.61 - LI-Guestbook guestbook.php SQL injection
• 07.11.62 - Rigter Portal System Categoria index.php SQL Injection
• 07.11.63 - Multiple AJ Square Products SQL Injection Vulnerabilities

Web Application

• 07.11.64 - Computer Associates eTrust Admin GINA Module Unspecified Privilege Escalation
• 07.11.65 - LedgerSMB Unspecified Password Check
• 07.11.66 - Dynaliens validlien.php3 Remote Authentication Bypass
• 07.11.67 - netForo down.php Local File Include
• 07.11.68 - Webo foldertree.php Remote File Include
• 07.11.69 - Flat Chat startsession.php Remote PHP Code Execution
• 07.11.70 - Drupal Project Issue Tracking Parameter Handling Security Bypass
• 07.11.71 - Snitz Forums 2000 pop_profile.asp HTML Injection
• 07.11.72 - Ipswitch IMail Server/Collaboration Suite Multiple Unspecified Buffer Overflow Vulnerabilities
• 07.11.73 - Drupal Nodefamily Module Security Bypass
• 07.11.74 - PostGuestbook header.php Remote File Include
• 07.11.75 - WebCalendar Certain Variable Overwrite
• 07.11.76 - SnapGear Unspecified Denial of Service
• 07.11.77 - phpMyAdmin PMA_ArrayWalkRecursive Function Remote Denial of Service
• 07.11.78 - ePortfolio Client Side Input Validation
• 07.11.79 - Sava's Guestbook Multiple Input Validation Vulnerabilities
• 07.11.80 - Simple Invoices PDF Print Preview Security Bypass
• 07.11.81 - RRDBrowse File Parameter Directory Traversal
• 07.11.82 - News-Letterman Sqllog Remote File Include
• 07.11.83 - Woltlab Burning Board Multiple HTML Injection Vulnerabilities
• 07.11.84 - webSPELL Multiple Input Validation Vulnerabilities
• 07.11.85 - Tyger Bug Tracking System Multiple Input Validation Vulnerabilities
• 07.11.86 - Bernard Joly Webring HTML Injection
• 07.11.87 - Mani Stats Reader index.php Remote File Include

Network Device

• 07.11.88 - IBM ThinkPad Intel PRO/1000 LAN Adapter Software Unspecified

PART I Critical Vulnerabilities

Part I for this issue has been compiled by Rob King and Rohit Dhamankar at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 11, 2007

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 5397 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

• 07.11.1 - CVE: Not Available
• Platform: Windows
• Title: Microsoft Windows ole32.dll Word Document Handling Denial of Service
• Description: The Microsoft ole32.dll library is exposed to a denial of service issue. The issue manifests when the library handles document (.doc) files containing malformed pointer values. Software that is linked to the ole32.dll versions that reside on Microsoft Windows 2000 SP4 FR and XP SP2 FR platforms are affected.
• Ref: http://www.securityfocus.com/bid/22847

• 07.11.2 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Adobe Reader AcroPDF.DLL Resource Consumption Denial of Service
• Description: Acrobat Reader is exposed to a denial of service issue because the application fails to handle exceptional condition when the "search" parameter is supplied with an excessively large argument. Acrobat Reader version 8.0 is affected.
• Ref: http://www.securityfocus.com/bid/22856

• 07.11.3 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Macromedia Shockwave 10 SWDIR.DLL Multiple ActiveX Control Remote Denial of Service Vulnerabilities
• Description: Macromedia Shockwave is exposed to multiple denial of service issues when certain variables of the vulnerable control are assigned an excessively long string. Macromedia Shockwave 10.1.4.20 is affected.
• Ref: http://support.microsoft.com/kb/240797

• 07.11.4 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: RealMedia RealPlayer Ierpplug.DLL ActiveX Control Multiple Buffer Overflow Vulnerabilities
• Description: RealPlayer ActiveX control allows users to stream various media files through their web browser. The application is exposed to multiple buffer overflow issues because it fails to properly bounds check user-supplied data before copying it to an insufficiently sized buffer. RealPlayer ActiveX control version 10.5 is affected.
• Ref: http://support.microsoft.com/kb/240797

• 07.11.5 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: MailEnable Append Remote Buffer Overflow
• Description: MailEnable is a commercially available mail server. The application is exposed to a buffer overflow issue in the IMAP service because the application fails to properly bounds check user-supplied input and fails to handle excessively long APPEND commands. MailEnable Professional versions 2.37, 2.35, 2.33, 2.32 are affected.
• Ref: http://www.securityfocus.com/bid/22792

• 07.11.6 - CVE: CVE-2007-0713
• Platform: Mac Os
• Title: Apple QuickTime MOV File Heap Overflow
• Description: Apple QuickTime is a media player that supports multiple file formats. The application is prone to a heap overflow issue because it fails to properly check boundaries on user-supplied data. QuickTime 7.1 is affected.
• Ref: http://docs.info.apple.com/article.html?artnum=305149

• 07.11.7 - CVE: CVE-2007-0714
• Platform: Mac Os
• Title: Apple Quicktime UDTA ATOM Integer Overflow
• Description: QuickTime Player is the media player distributed by Apple for QuickTime and other media files. The application is exposed to an integer overflow issue when processing specially crafted MOV files. Specifying a large "udta" (user data atom) Atom size can result in an insufficiently-sized heap buffer allocation. This can be leveraged to overwrite heap memory during a RtlAllocateHeap() routine. Versions prior to 7.1.5 are affected.
• Ref: http://docs.info.apple.com/article.html?artnum=305149

• 07.11.8 - CVE: CVE-2007-0718
• Platform: Mac Os
• Title: Apple QuickTime Color Table ID Heap Overflow
• Description: QuickTime Player is the media player distributed by Apple for QuickTime and other media files. QuickTime is exposed to a heap overflow issue because it fails to perform adequate bounds checking on user-supplied data. QuickTime 7.1.3 is affected.
• Ref: http://www.kb.cert.org/vuls/id/313225

• 07.11.9 - CVE: CVE-2007-0711, CVE-2007-0712, CVE-2007-0713,CVE-2007-0714, CVE-2007-0715, CVE-2007-0716, CVE-2007-0717,CVE-2007-0718
• Platform: Mac Os
• Title: Apple QuickTime Multiple Unspecified Code Execution Vulnerabilities
• Description: QuickTime Player is the media player distributed by Apple for QuickTime and other media files. The application is exposed to multiple unspecified remote code execution issues because it fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers. QuickTime versions prior to 7.1.5 are vulnerable.
• Ref: http://www.securityfocus.com/bid/22827

• 07.11.10 - CVE: CVE-2007-0005
• Platform: Linux
• Title: Linux Kernel Omnikey CardMan 4040 Driver Local Buffer Overflow
• Description: The Omnikey CardMan 4040 is a PCMCIA smart card reader. The application is exposed to a local buffer overflow issue because it fails to properly bounds check user-supplied input before using it in a memory copy operation that affects the "cm4040_write()" and "cm4040_read()" functions of the "drivers/char/pcmcia/cm4040_cs.c" source file. Linux kernel versions prior to 2.6.21-rc3 are affected.
• Ref: http://www.securityfocus.com/bid/22870/info

• 07.11.11 - CVE: CVE-2007-0822
• Platform: Linux
• Title: Util-Linux Umount Filesystem NULL Pointer Dereference
• Description: Util-Linux is a freely available, open source software package that provides implementations of standard UNIX utilities, such as mount and umount. The application is exposed to a NULL pointer dereference that results in a denial of service condition due to segmentation fault and may potentially lead to the disclosure of sensitive information. Util-Linux Umount implemented on Linux kernel 2.6.15 is affected.
• Ref: http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html

• 07.11.12 - CVE: Not Available
• Platform: Linux
• Title: Linux Kernel Sys_Tee Local Privilege Escalation
• Description: The Linux kernel is susceptible to a local privilege escalation issue. This issue occurs due to a race condition in the "sys_tee()" function in the "fs/splice.c" source file. Linux kernel 2.6.17.6 and prior versions are affected.
• Ref: http://www.securityfocus.com/bid/22823

• 07.11.13 - CVE: CVE-2007-1263
• Platform: Linux
• Title: GnuPG Signed Message Arbitrary Content Injection
• Description: GNU Privacy Guard (GnuPG) is an open-source encryption application available for numerous platforms. GnuPG is prone to a weakness that may allow an attacker to add arbitrary content into a message without the end user knowing. RedHat Enterprise Linux WS 4 and earlier versions are affected.
• Ref: http://www.securityfocus.com/archive/1/461958

• 07.11.14 - CVE: CVE-2007-1273
• Platform: BSD
• Title: NetBSD KTRUser Integer Overflow
• Description: NetBSD is exposed to a local integer overflow issue because it fails to properly bounds check the length of an unspecifiecd parameter of the "ktruser()" function, which is used in code for FreeBSD and Darwin compatibility. NetBSD 4.0-current and prior versions are affected.
• Ref: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-001.txt.asc

• 07.11.15 - CVE: Not Available
• Platform: Solaris
• Title: Sun Ipmitool Interface Remote Unauthorized Access
• Description: Sun Ipmitool is prone to a remote unauthorized access vulnerability. Sun Fire X2100M2 and Sun Fire X2200M2 without BMC/SP Firmware 2.9 are affected. Please refer to the advisory for further details.
• Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102828-1&searchclau
  se=

• 07.11.16 - CVE: Not Available
• Platform: Unix
• Title: Radscan Conquest Multiple Remote Vulnerabilities
• Description: Conquest is a multi-player space warfare game available for Unix-like operating systems. The application is exposed to multiple remote issues because the application fails to bounds check user-supplied data before copying it into an insufficiently-sized buffer. Conquest version 8.2a is affected.
• Ref: http://www.securityfocus.com/archive/1/462184

• 07.11.17 - CVE: CVE-2007-1268
• Platform: Unix
• Title: Mutt GnuPG Arbitrary Content Injection
• Description: Mutt is an open-source text-based email client. The application is exposed to an issue that may allow an attacker to add arbitrary content into a message without the end user knowing. This issue affects Mutt versions prior to and including 1.5.13.
• Ref: http://www.securityfocus.com/archive/1/461958

• 07.11.18 - CVE: CVE-2007-1267
• Platform: Unix
• Title: Sylpheed GnuPG Arbitrary Content Injection
• Description: Sylpheed is an email client based on GTK+. The application is exposed to an issue that may allow an attacker to add arbitrary content into a message without the end user knowing. This issue affects Sylpheed versions prior to and including 2.2.7.
• Ref: http://www.securityfocus.com/archive/1/461958

• 07.11.19 - CVE: CVE-2007-1265
• Platform: Unix
• Title: KMail GnuPG Arbitrary Content Injection
• Description: KMail is a mail client for the KDE desktop environment. The application is exposed to an issue that may allow an attacker to add arbitrary content into a message without the end user knowing. This issue affects KMail versions prior to and including 1.9.5.
• Ref: http://www.securityfocus.com/archive/1/461958

• 07.11.20 - CVE: CVE-2007-1266
• Platform: Unix
• Title: Gnome Evolution GnuPG Arbitrary Content Injection
• Description: GNOME Evolution is an email client for the GNOME desktop. Evolution is prone to a vulnerability that may allow an attacker to add arbitrary content into a message without the end user knowing. This issue affects KMail versions prior to and including 2.8.1.
• Ref: http://www.securityfocus.com/archive/1/461958

• 07.11.21 - CVE: CVE-2007-1350
• Platform: Novell
• Title: Novell NetMail Multiple Buffer Overflow Vulnerabilities
• Description: Novell NetMail is a commercially available email and calendar system. The application is exposed to multiple remotely exploitable buffer overflow issues because it fails to do proper bounds checking on user-supplied input. Novell NetMail version 3.52 A, B, C, C1, D, e-ftfl are affected.
• Ref: http://www.kb.cert.org/vuls/id/919369

• 07.11.22 - CVE: Not Available
• Platform: Cross Platform
• Title: Fish Multiple Remote Buffer Overflow Vulnerabilities
• Description: FiSH is a plugin for Internet Relay Chat (IRC) clients that implements secure communication. The application is exposed to multiple remote buffer overflow issues because it fails to bounds check "decrypt_topic_332()", "nick_changed()", "notice_received()", and "ExtractRnick()", when copying user-supplied data from the "word" parameter into an inadequately sized buffer. FiSH for XChat version 0.98, for mIRC version 1.29, and for irssi version 0.99 are affected.
• Ref: http://www.securityfocus.com/bid/22880

• 07.11.23 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP Zip URL Wrapper Stack Buffer Overflow
• Description: PHP is a general purpose scripting language that is especially suited for web development and can be embedded into HTML. The application is prone to a remote stack-based buffer overflow issue because the "zip://" URL wrapper fails to properly bounds check user-supplied input before copying it to an insufficiently-sized memory buffer. PHP version 5.2.0 and PHP with PECL ZIP 1.8.3 are affected.
• Ref: http://www.php-security.org/MOPB/MOPB-16-2007.html#notes

• 07.11.24 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP Import_Request_Variables Arbitrary Variable Overwrite
• Description: PHP is a general purpose scripting language that is especially suited for web development and can be embedded into HTML. The application is exposed to an issue that permits an attacker to overwrite arbitrary variables due to a design flaw in the "import_request_variables()" function. PHP versions 4.0.7 to 5.2.1 are affected.
• Ref: http://www.wisec.it/vulns.php?id=10

• 07.11.25 - CVE: Not Available
• Platform: Cross Platform
• Title: Mozilla Firefox Document.Cookie Path Argument Denial of Service
• Description: Mozilla Firefox is exposed to a remote denial of service issue. Mozilla Firefox version 2.0.0.2 is affected. Please refer to the advisory for further details.
• Ref: http://www.securityfocus.com/bid/22879

• 07.11.26 - CVE: Not Available
• Platform: Cross Platform
• Title: Snort Inline Fragmentation Denial of Service
• Description: Snort is a freely available, open-source NID system. The application is exposed to a denial of service issue because the network intrusion detection (NID) system fails to handle specially crafted network packets. Snort versions 2.6.1.1, 2.6.1.2 and 2.7.0(beta) are affected.
• Ref: http://www.securityfocus.com/bid/22872

• 07.11.27 - CVE: Not Available
• Platform: Cross Platform
• Title: Avaya System Products Shell Command Injection Vulnerabilities
• Description: Avaya System Products are prone to unspecified shell command injection issues. Specific Avaya products that contain maintenance web pages may allow authenticated users to issue shell commands through their HTTP interface. Avaya SES devices (all versions), and all versions of Avaya S8700, S8500, and S8300 products prior to CM 3.1.3 are affected.
• Ref: http://support.avaya.com/elmodocs2/security/ASA-2007-052.htm

• 07.11.28 - CVE: Not Available
• Platform: Cross Platform
• Title: Avaya Communications Manager Javascript Remote Code Execution
• Description: Avaya Communications Manager is exposed to a remote Javascript code execution issue due to a design error which occurs because of a regression that allows web content to execute arbitrary Javascript code. All versions of Avaya S8700, S8500, and S8300 products prior to CM 3.1.3 are affected.
• Ref: http://www.securityfocus.com/bid/22866

• 07.11.29 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP Shared Memory Functions Resource Verification Arbitrary Code Execution
• Description: PHP is a general purpose scripting language that is especially suited for web development and can be embedded into HTML. PHP shared memory functions (shmop) are prone to an arbitrary code execution issue because the shared memory functions fail to verify the type of resources that are being used. Therefore it is possible for the functions to call wrong resource types containing user-supplied data. PHP 4 versions prior to 4.4.5 and PHP 5 versions prior to 5.2.1 are affected.
• Ref: http://www.php-security.org/MOPB/MOPB-15-2007.html

• 07.11.30 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP 5 Substr_Compare Integer Overflow
• Description: PHP is a general purpose scripting language that is especially suited for web development and can be embedded into HTML. The PHP 5 "substr_compare()" function is exposed to an integer overflow issue because it fails to ensure that integer values are not overrun. Versions of PHP 5 up to version 5.2.1 are affected.
• Ref: http://www.php-security.org/MOPB/MOPB-14-2007.html

• 07.11.31 - CVE: Not Available
• Platform: Cross Platform
• Title: Mozilla Thunderbird/Seamonkey Rich Text Integer Overflow
• Description: Thunderbird is an email application and Seamonkey is a suite of applications including email. Thunderbird and Seamonkey are exposed to an integer overflow issue because they fail to handle excessively large, specially formatted email messages. This issue affects Thunderbird versions prior to 1.5.0.10 and Seamonkey versions prior to 1.0.8.
• Ref: http://www.mozilla.org/security/announce/2007/mfsa2007-10.html

• 07.11.32 - CVE: Not Available
• Platform: Cross Platform
• Title: Silc Server New Channel Remote Denial of Service
• Description: Silc server provides system administrators the ability to easily and quickly set up a new SILC network. The application is exposed to a denial of service issue because the application fails to handle exceptional conditions. Version 1.0.2 is affected.
• Ref: http://www.securityfocus.com/bid/22846

• 07.11.33 - CVE: CVE-2004-2680
• Platform: Cross Platform
• Title: Apache mod_python Output Filter Mode Information Disclosure
• Description: Apache's mod_python is a module that allows the webserver to interpret Python scripts. The application is exposed to an information disclosure issue because the module fails to handle output filter data containing more than 16384 bytes. Apache mod_python versions 3.1.3, 3.1.4, 3.0.3 and 3.0.4 are affected.
• Ref: http://www.securityfocus.com/bid/22849/info

• 07.11.34 - CVE: Not Available
• Platform: Cross Platform
• Title: Asterisk SIP Channel Driver Remote Denial of Service
• Description: Asterisk is a private branch exchange (PBX) application. The application is exposed to a remote denial of service issue. The problem occurs in the "channels/chan_sip.c" SIP channel driver when handling malformed requests sent through UDP port 5060. Asterisk versions prior to 1.2.16 and 1.4.1 are affected.
• Ref: http://www.kb.cert.org/vuls/id/228032

• 07.11.35 - CVE: Not Available
• Platform: Cross Platform
• Title: Ezstream XML Config File Multiple Buffer Overflow Vulnerabilities
• Description: Ezstream is an open-source command line client application for Icecast media streaming servers. It is exposed to multiple buffer overflow issues because it fails to properly bounds check user-supplied data before copying it to an insufficiently-sized memory buffer. Versions prior to 0.3.0 are affected.
• Ref: http://www.securityfocus.com/bid/22840/info

• 07.11.36 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP4 Ovrimos Extension Code Execution
• Description: PHP4 is exposed to a code execution issue due to a design error in a vulnerable extension. PHP versions prior to 4.4.5 with a compiled "Ovrimos SQL Server Extension" are vulnerable to this issue.
• Ref: http://www.php-security.org/MOPB/MOPB-13-2007.html

• 07.11.37 - CVE: Not Available
• Platform: Cross Platform
• Title: Mod_Security ASCIIZ Byte POST Bypass
• Description: Mod_security is a web application firewall implemented as an Apache HTTP server module. The application is exposed to a POST parsing bypass issue which allows an attacker to bypass mod_security restrictions and successfully submit malicious input to mod_security protected sites. All iterations of mod_security below 2.1.0 are affected.
• Ref: http://www.php-security.org/MOPB/BONUS-12-2007.html

• 07.11.38 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP MySQL_Connect Local Buffer Overflow
• Description: PHP is a free and widely used Web page development language. The application is exposed to a local buffer overflow issue due to a failure in the application to perform proper bounds checks on user-supplied data before using it in a finite-sized buffer. PHP for Microsoft Windows versions prior to 4.4.6 are affected.
• Ref: http://www.securityfocus.com/bid/22832

• 07.11.39 - CVE: CVE-2007-0994
• Platform: Cross Platform
• Title: Mozilla Firefox Javascript URI Remote Code Execution
• Description: Mozilla Firefox is prone to a remote code execution issue due to a design error. The vulnerability exists because of a regression which allows web content to execute arbitrary code. It can be exploited by setting the "SRC" attribute of an "IMG" tag to a specific javascript URI. Mozilla SeaMonkey 1.0.7, Mozilla Firefox 2.0 .1 and 1.5.0.9 are affected.
• Ref: http://www.securityfocus.com/bid/22826

• 07.11.40 - CVE: CVE-2007-1269
• Platform: Cross Platform
• Title: GNUMail.App GnuPG Arbitrary Content Injection
• Description: GNUMail.app is a clone of the NeXT Mail.app application. It uses the GNUstep development framework. The appplication is exposed to an issue that may allow an attacker to add arbitrary content into a message without the end user knowing. GNUMail.app versions prior to and including 1.1.2 are affected.
• Ref: http://www.securityfocus.com/archive/1/461958

• 07.11.41 - CVE: Not Available
• Platform: Cross Platform
• Title: Enigmail GnuPG Arbitrary Content Injection
• Description: Enigmail is an extension to the mail client of Mozilla/Netscape and of Mozilla Thunderbird. The application is exposed to an issue that may allow an attacker to add arbitrary content into a message without the end user knowing. This issue affects Enigmail versions prior to and including 0.94.2.
• Ref: http://www.securityfocus.com/archive/1/461958

• 07.11.42 - CVE: Not Available
• Platform: Cross Platform
• Title: PuTTY Puttygen Insecure Private Key File Permissions
• Description: PuTTY is an xterm terminal and SSH implementation. The application is exposed to an insecure file permission issue due to a design flaw in the affected application. PuTTY version 0.58-5 on Debian Linux is affected.
• Ref: http://www.securityfocus.com/bid/22809

• 07.11.43 - CVE: Not Available
• Platform: Cross Platform
• Title: KDE Konqueror JavaScript IFrame Denial of Service
• Description: Konqueror is a web browser included with the KDE desktop manager. The application is prone to a remote denial of service issue because of an error in the KDE JavaScript implementation. Specifically, the browser will crash when the browser runs a JavaScript routine which reads a child iframe "src" parameter containing an FTP URI. The version of Konqueror included with KDE version 3.5.5 is affected.
• Ref: http://www.securityfocus.com/archive/1/461897

• 07.11.44 - CVE: Not Available
• Platform: Cross Platform
• Title: Zend Platform PHP.INI File Modification
• Description: The Zend Platform is a PHP application server. The application is exposed to an issue that may allow local attackers to modify the PHP configuration file (php.ini). This issue occurs because the application is installed with an ini_modifier program that may be executed by local users to change the configuration file. The Zend Platform versions 2.2.1 and 2.2.1(a) are affected.
• Ref: http://www.php-security.org/MOPB/BONUS-07-2007.html

• 07.11.45 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP PHPInfo Cross-Site Scripting Variant
• Description: PHP is a freely available, open-source web scripting language package. The application is prone to a cross-site scripting issue as it fails to properly sanitize user-supplied input to scripts containing the "phpinfo()" function. PHP versions 4.4.3, 4.4.4, 4.4.5 and 4.4.6 are affected.
• Ref: http://www.php-security.org/MOPB/MOPB-08-2007.html

• 07.11.46 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP PHP_Binary Heap Information Leak
• Description: PHP contains a serialization handler called "php_binary" as part of its session extension. The "php_binary" serialization handler is prone to a heap information leak because of a missing boundary check in the extraction of variable names. PHP4 versions prior to 4.4.5 and PHP5 versions prior to 5.2.1 are affected.
• Ref: http://www.securityfocus.com/bid/22805

• 07.11.47 - CVE: CVE-2007-0908
• Platform: Cross Platform
• Title: PHP WDDX Session Deserialization Information Leak
• Description: PHP WDDX extension contains a serialization handler that provides support for the WDDX data format. The serialization handler of the WDDX extension is exposed to a stack information leak. The vulnerability arises because of an improper initialization of a "key_length" variable. PHP4 versions prior to 4.4.5 and PHP5 versions prior to 5.2.1 are affected.
• Ref: http://www.php-security.org/MOPB/MOPB-11-2007.html

• 07.11.48 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP WDDX_Deserialize Buffer Overflow
• Description: PHP is a freely available, open-source web scripting language package. The application is exposed to a remotely exploitable buffer overflow issue because it fails to do proper bounds checking when processing client supplied WDDX packets. PHP versions 6.0, 5.2, and 4.4.0 through 4.4.6 are affected.
• Ref: http://www.php-security.org/MOPB/MOPB-09-2007.html

• 07.11.49 - CVE: Not Available
• Platform: Cross Platform
• Title: Kaspersky AntiVirus UPX File Decompression Remote Denial of Service
• Description: Kaspersky AntiVirus is an antivirus application for desktop and small business computers. The application is exposed to a denial of service issue because it fails to properly handle compressed UPX data. Kaspersky Labs Antivirus Engine version 6.0.1.411 for Windows and 5.5-10 for Linux are affected.
• Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485

• 07.11.50 - CVE: Not Available
• Platform: Cross Platform
• Title: WebMod Content Length Stack Buffer Overflow
• Description: WebMod is a multi-threaded HTTP server available for Windows and Linux operating systems. The application is exposed to a remote stack-based buffer overflow issue because it fails to properly bounds check user-supplied "Content-Length" field before copying it into an insufficiently sized buffer. WebMod version 0.48 is affected.
• Ref: http://www.securityfocus.com/bid/22788

• 07.11.51 - CVE: CVE-2006-3892
• Platform: Cross Platform
• Title: EMC NetWorker Management Console Remote Authentication Bypass
• Description: The EMC NetWorker Management Console is an administrative Java based interface for EMC NetWorker installations. The application is prone to an issue that allows remote attackers to bypass authentication. EMC Legato Networker 7.3.2 is affected.
• Ref: http://www.securityfocus.com/bid/22789

• 07.11.52 - CVE: CVE-2007-0774
• Platform: Cross Platform
• Title: Apache Tomcat Mod_JK.SO Arbitrary Code Execution
• Description: Apache Tomcat is a popular web server application for multiple platforms. The application is exposed to an arbitrary code execution issue due to insufficient sanitization of user-supplied input which results in a stack-based buffer overflow. Apache Software Foundation Tomcat versions 5.5.20 and earlier are affected.
• Ref: http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

• 07.11.53 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Trac Download Function Cross-Site Scripting
• Description: Trac is a wiki and issue tracking system. The application is exposed to a cross-site scripting issue because the application fails to properly sanitize user-supplied input due to a flaw in the "download wiki page as text" function. Trac versions prior to 0.10.3.1 are affected.
• Ref: http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1

• 07.11.54 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: dynaliens Multiple Cross-Site Scripting Vulnerabilities
• Description: The "dynaliens" program is a guestbook application. The application is prone to multiple cross-site scripting issues because it fails to properly sanitize user-supplied input. Unspecified parameters to the "recherche.php3" and "ajouter.php3" scripts are affected. dynaliens versions 2.1 and 2.0 are affected.
• Ref: http://www.securityfocus.com/archive/1/462221

• 07.11.55 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Lazarus Guestbook Multiple Unspecified Cross-Site Scripting Vulnerabilities
• Description: Lazarus Guestbook is a web-based guestbook application. It is based on "Advanced Guestbook" by Proxy2. The application is exposed to multiple cross-site scripting issues because it fails to properly sanitize user-supplied input. Lazarus Guestbook versions prior to 1.7.3 are affected.
• Ref: http://www.securityfocus.com/bid/22868

• 07.11.56 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: vCard Pro create.php Cross-Site Scripting
• Description: vCard Pro is a virtual greeting card application. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "uploaded" parameter of the "create.php" script. vCard Pro version 2.6 is affected.
• Ref: http://www.securityfocus.com/archive/1/461922

• 07.11.57 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: VirtueMart Multiple Cross-Site Scripting Vulnerabilities
• Description: VirtueMart is an ecommerce application. The application is prone to multiple cross-site scripting issues because it fails to sanitize user-supplied input. Unspecified parameters to the "ps_cart.php" and "virtuemart_parser.php" scripts are vulnerable. VirtueMart versions prior to 1.0.10 are affected.
• Ref: http://www.securityfocus.com/bid/22816

• 07.11.58 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: GaziYapBoz Game Portal kategori.asp SQL Injection
• Description: GaziYapBoz Game Portal is a web-based game tracking application. The application is exposed to an SQL injection isue because it fails to properly sanitize user-supplied input to the "kategori" parameter of the "kategori.asp" script before using it in an SQL query.
• Ref: http://www.securityfocus.com/bid/22871

• 07.11.59 - CVE: CVE-2007-0667
• Platform: Web Application - SQL Injection
• Title: SQL-Ledger/LedgerSMB Remote Code Execution
• Description: SQL-Ledger/LedgerSMB are double-entry accounting systems implemented in Perl. The application is exposed to an arbitrary code execution issue when a custom function, created by an authenticated user, is allowed to run on an error condition. SQL-Ledger versions prior to 2.6.25 and LedgerSMB versions prior to 1.1.5 are vulnerable.
• Ref: http://www.securityfocus.com/bid/22828

• 07.11.60 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: Monitor-Line Links Management index.php SQL Injection
• Description: Links Management Application is web-based link manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "lcnt" parameter of the "index.php" script before using it in an SQL query. Version 1.0 is affected.
• Ref: http://www.securityfocus.com/bid/22825

• 07.11.61 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: LI-Guestbook guestbook.php SQL injection
• Description: LI-Guestbook is a web-based guestbook application. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "country" parameter of the "guestbook.php" script before using it in an SQL query. LI-Guestbook version 1.1 is affected.
• Ref: http://www.securityfocus.com/archive/1/461912

• 07.11.62 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: Rigter Portal System Categoria index.php SQL Injection
• Description: Rigter Portal System is a web-portal application. Rigter Portal System is affected by an SQL injection issue because it fails to properly sanitize user-supplied input to the "categoria" parameter of the "index.php" script before using it in an SQL query. Rigter Portal System version 6.2 is affected.
• Ref: http://www.securityfocus.com/archive/1/462146

• 07.11.63 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: Multiple AJ Square Products SQL Injection Vulnerabilities
• Description: AJ Dating is a web-based dating software script. AJ Auction is web-based auction software. AJ Classifieds is a web-based classifieds site package. AJ Forum is web-based forum software. The applications are prone to SQL injection vulnerabilities because they fail to properly sanitize user-supplied input before using it in SQL queries. Version 1.0 of each application is affected.
• Ref: http://www.securityfocus.com/bid/22808

• 07.11.64 - CVE: CVE-2007-1345
• Platform: Web Application
• Title: Computer Associates eTrust Admin GINA Module Unspecified Privilege Escalation
• Description: Computer Assiociates eTrust Admin is an application to administer eTrust applications. The application is exposed to an unspecified privilege escalation issue. Computer Associates eTrust Admin versions 8.1 SP2 ver 8.1.2, 8.1.1 and 8.1.0 are affected. Please refer to the advisory for further details.
• Ref: http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101038

• 07.11.65 - CVE: Not Available
• Platform: Web Application
• Title: LedgerSMB Unspecified Password Check
• Description: LedgerSMB is a double-entry accounting system implemented in Perl. The application is exposed to an unspecified password check issue due to an unknown error or design flaw in the "admin.pl" script and the way in which it performs password checks. LedgerSMB versions prior to 1.1.9 are affected.
• Ref: http://www.securityfocus.com/bid/22889

• 07.11.66 - CVE: Not Available
• Platform: Web Application
• Title: Dynaliens validlien.php3 Remote Authentication Bypass
• Description: dynaliens is a guestbook application. The application is exposed to an issue that allows remote attackers to bypass authentication by simply navigating to the "admin/validlien.php3" script. dynaliens versions 2.0 and 2.1 are affected.
• Ref: http://www.securityfocus.com/archive/1/462221

• 07.11.67 - CVE: Not Available
• Platform: Web Application
• Title: netForo down.php Local File Include
• Description: netForo is a webforum application. The application is exposed to a local file include issue because it fails to properly sanitize user-supplied input to the "file_to_download" parameter of the "down.php" script. TnetForo version 0.1 is affected.
• Ref: http://www.securityfocus.com/bid/22875

• 07.11.68 - CVE: Not Available
• Platform: Web Application
• Title: Webo foldertree.php Remote File Include
• Description: WEBO is a web-based organizer. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "baseDir" parameter of the "modules/abook/foldertree.php" script. WEBO version 1.0 is affected.
• Ref: http://www.securityfocus.com/archive/1/462294

• 07.11.69 - CVE: Not Available
• Platform: Web Application
• Title: Flat Chat startsession.php Remote PHP Code Execution
• Description: Flat Chat is a chat application. The application is exposed to an arbitrary PHP code execution issue because it fails to properly sanitize user-supplied input to the "chat name" variable of "startsession.php" before using it in the "passthru()" function. Flat Chat version 2.0 is affected.
• Ref: http://www.securityfocus.com/bid/22865

• 07.11.70 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Project Issue Tracking Parameter Handling Security Bypass
• Description: The Drupal Project issue tracking module is a third party module to track various projects. The module is available for the Drupal content manager. The application is exposed to a security bypass issue because of an access validation error in the affected module. Drupal Project issue tracking versions 4.7 2.2 and earlier are affected.
• Ref: http://drupal.org/node/102614

• 07.11.71 - CVE: Not Available
• Platform: Web Application
• Title: Snitz Forums 2000 pop_profile.asp HTML Injection
• Description: Snitz Forums 2000 is a web-based forum. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before using it in dynamically generated content which affects the "MSN" input field of the "pop_profile.asp" script. Snitz Forums 2000 version 3.4.06 is affected.
• Ref: http://www.securityfocus.com/bid/22869

• 07.11.72 - CVE: Not Available
• Platform: Web Application
• Title: Ipswitch IMail Server/Collaboration Suite Multiple Unspecified Buffer Overflow Vulnerabilities
• Description: Ipswitch IMail is an email server that serves clients their mail via a web interface. Ipswitch Collaboration Suite (ICS) is an application suite that includes IMail Server and IMail Anti-Virus. The application is exposed to multiple buffer overflow issues because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers. Ipswitch Collaboration 2006 Suite Premium, IMail and IMail Plus are affected.
• Ref: http://support.microsoft.com/kb/240797

• 07.11.73 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Nodefamily Module Security Bypass
• Description: Drupal is a content manager written in PHP. Drupal Nodefamily module is exposed to a security bypass issue because the application allows attackers to browse and change user profiles. Nodefamily module versions prior to Drupal 5.x-1.0 is affected.
• Ref: http://www.securityfocus.com/bid/22853

• 07.11.74 - CVE: Not Available
• Platform: Web Application
• Title: PostGuestbook header.php Remote File Include
• Description: PostGuestbook is a guest book module for the PHP-Nuke content mangement system. The application is exposed to a remote file include issue because the application fails to properly sanitize user-supplied input to the "tpl_pgb_moddir" of the "header.php" script. PostGuestbook version 0.6.1 is affected.
• Ref: http://www.securityfocus.com/bid/22858

• 07.11.75 - CVE: Not Available
• Platform: Web Application
• Title: WebCalendar Certain Variable Overwrite
• Description: WebCalendar is a web-based calendar application. WebCalendar is prone to a variable overwrite issue because the application fails to sanitize user-supplied input. Version 1.0.4 is affected.
• Ref: http://www.securityfocus.com/bid/22834

• 07.11.76 - CVE: Not Available
• Platform: Web Application
• Title: SnapGear Unspecified Denial of Service
• Description: SnapGear is an internet security appliance for small businesses, manufactured by Secure Computing Corporation. The application is exposed to an unspecified remote denial of service issue because the device fails to handle excessive amounts of packets. The flood of packets will cause an error, which will result in all packets being dropped. Snapgear OS 3.1.4 u2 and earlier versions are affected.
• Ref: http://www.securityfocus.com/bid/22835/info

• 07.11.77 - CVE: Not Available
• Platform: Web Application
• Title: phpMyAdmin PMA_ArrayWalkRecursive Function Remote Denial of Service
• Description: phpMyAdmin is a web-based administrative interface for managing mySQL databases. The application is exposed to a remote denial of service issue because it fails to properly sanitize user-supplied input to parameters of the "PMA_arrayWalkRecursive()" function in the "libraries/common.lib.php" file. phpMyAdmin 2.10.0.1 and earlier versions are affected.
• Ref: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3

• 07.11.78 - CVE: Not Available
• Platform: Web Application
• Title: ePortfolio Client Side Input Validation
• Description: ePortfolio is a banking application. The application is exposed to a client side input validation issue because the application fails to sufficiently sanitize user-supplied data. TKS-Banking Solutions ePortfolio version 1.0 is affected.
• Ref: http://www.securityfocus.com/archive/1/461895

• 07.11.79 - CVE: Not Available
• Platform: Web Application
• Title: Sava's Guestbook Multiple Input Validation Vulnerabilities
• Description: Sava's Guestbook is a web-based guestbook. The application is prone to multiple input validation issues because it fails to sufficiently sanitize user-supplied data. Sava's Guestbook version 23.11.2006 is affected.
• Ref: http://www.securityfocus.com/archive/1/461910

• 07.11.80 - CVE: Not Available
• Platform: Web Application
• Title: Simple Invoices PDF Print Preview Security Bypass
• Description: Simple Invoices is a web-based invoicing system. Simple Invoices is exposed to a security bypass issue because the application fails to protect sensitive information from unauthorized users. Simple Invoices version 20070202, 20070125 and 20061211 are affected.
• Ref: http://www.securityfocus.com/bid/22818

• 07.11.81 - CVE: Not Available
• Platform: Web Application
• Title: RRDBrowse File Parameter Directory Traversal
• Description: RRDBrowse is an rrd utility for polling and researching. The application is prone to a directory traversal issue because it fails to properly sanitize user-supplied input. The issue occurs when specially crafted HTTP GET requests containing a directory traversal string are sent to the "file" parameter. RDBrowse version 1.6 is affected.
• Ref: http://www.securityfocus.com/archive/1/461911

• 07.11.82 - CVE: Not Available
• Platform: Web Application
• Title: News-Letterman Sqllog Remote File Include
• Description: News-Letterman is a newsletter application. The application is prone to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "sqllog" parameter of the "eintrag.php" script. News-Letterman version 1.1 is affected.
• Ref: http://www.securityfocus.com/bid/22807

• 07.11.83 - CVE: Not Available
• Platform: Web Application
• Title: Woltlab Burning Board Multiple HTML Injection Vulnerabilities
• Description: Woltlab Burning Board is a bulletin board application. The application is exposed to multiple HTML injection issues because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Woltlab Burning Board version 2.3.6 is affected.
• Ref: http://www.securityfocus.com/archive/1/461737

• 07.11.84 - CVE: Not Available
• Platform: Web Application
• Title: webSPELL Multiple Input Validation Vulnerabilities
• Description: webSPELL is a clan and gaming content management system implemented in PHP. The application is prone to an SQL injection vulnerability and an unauthorized file upload vulnerability. webSPELL versions 4.1.2, 4.1.1, 4.1 and 4.0 are affected.
• Ref: http://www.securityfocus.com/archive/1/461796

• 07.11.85 - CVE: Not Available
• Platform: Web Application
• Title: Tyger Bug Tracking System Multiple Input Validation Vulnerabilities
• Description: Tyger Bug Tracking System is a web-based bug tracker that is implemented in PHP. The application is prone to multiple input validation vulnerabilities because it fails to sufficiently sanitize user-supplied input. Tyger Bug Tracking System version 1.1.3 is affected.
• Ref: http://www.securityfocus.com/archive/1/461801

• 07.11.86 - CVE: Not Available
• Platform: Web Application
• Title: Bernard Joly Webring HTML Injection
• Description: Bernard Joly Webring, also known as BJ Webring, is a web ring implementation. The application is prone to an HTML injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. The specific issue is that links that are added to the web ring are not sanitized of HTML and script code. Bernard Joly Webring versions 1.5 and 1.6 are affected.
• Ref: http://www.securityfocus.com/bid/22800

• 07.11.87 - CVE: Not Available
• Platform: Web Application
• Title: Mani Stats Reader index.php Remote File Include
• Description: Mani Stats Reader is a web-based application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "ipath" parameter of the "index.php" script. Mani Stats Reader version 1.2 is affected.
• Ref: http://www.securityfocus.com/bid/22794

• 07.11.88 - CVE: Not Available135400 are vulnerable.Ref:http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-62922
• Platform: Network Device
• Title: IBM ThinkPad Intel PRO/1000 LAN Adapter Software Unspecified
• Description: IBM ThinkPad Intel PRO/1000 LAN Adapter Software provides Ethernet drivers for IBM ThinkPad computers. Versions prior to build

(c) 2007. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

Subscriptions: @RISK is distributed free of charge to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.