@RISK: The Consensus Security Vulnerability Alert

Part I -- Critical Vulnerabilities from TippingPoint (www.tippingpoint.com)

• (1) CRITICAL: Microsoft Internet Explorer Layout Handling Code Execution Vulnerability (0day)
• (2) HIGH: Multiple Symantec Altiris Products AeXNSConsoleUtilities Buffer Overflow Vulnerability
• (3) HIGH: Opera Web Browser Memory Corruption Vulnerability
• (4) HIGH: Hewlett-Packard Operations Manager Default Account Code Execution Vulnerability

Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)

Other Microsoft Products

• 09.48.1 - Microsoft Internet Explorer "Style" Object Remote Code Execution
• 09.48.2 - Microsoft Internet Explorer PDF Generation Information Disclosure

Third Party Windows Apps

• 09.48.3 - RhinoSoft Serv-U FTP Server TEA Decoder Remote Stack Buffer Overflow
• 09.48.4 - IBM SolidDB "solid.exe" Denial of Service
• 09.48.5 - Google Chrome Frame Same Origin Policy Bypass
• 09.48.6 - Cisco VPN Client for Windows "StartServiceCtrlDispatche" Local Denial of Service
• 09.48.7 - XM Easy Personal FTP Server File/Folder Remote Denial of Service
• 09.48.8 - TYPSoft FTP Server "APPE" and "DELE" Commands Remote Denial of Service
• 09.48.9 - Multiple Symantec Altiris Products "RunCmd()" ActiveX Control Buffer Overflow
• 09.48.10 - Philippe Jounin Tftpd32 Long Filename Denial of Service
• 09.48.11 - Philippe Jounin TFTPD32 Connect Frame Denial of Service

Linux

• 09.48.12 - Linux Kernel "drivers/scsi/gdth.c" Local Privilege Escalation
• 09.48.13 - Linux Kernel "fuse_direct_io()" Denial of Service

Solaris

• 09.48.14 - Sun Solaris "sshd(1M)" Timeout Mechanism Remote Denial of Service

Unix

• 09.48.15 - KDE KDELibs "dtoa()" Remote Code Execution

Cross Platform

• 09.48.16 - Xerver HTTP Response Splitting
• 09.48.17 - Multiple Citrix Products Unspecified SSL/TLS Certificate Spoofing
• 09.48.18 - file CDF File Parsing Multiple Buffer Overflow Vulnerabilities
• 09.48.19 - MySQL MyISAM Table Symbolic Link Local Privilege Escalation
• 09.48.20 - MySQL OpenSSL Server Certificate yaSSL Security Bypass
• 09.48.21 - Opera Web Browser "dtoa()" Remote Code Execution
• 09.48.22 - PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
• 09.48.23 - Dovecot Insecure "base_dir" Permissions Local Privilege Escalation
• 09.48.24 - HP Operations Manager Remote Unauthorized Access
• 09.48.25 - Opera Web Browser Security Bypass and Unspecified Vulnerabilities
• 09.48.26 - Mozilla Firefox infoRSS Extension RSS Feeds Cross-Domain Scripting
• 09.48.27 - Autodesk 3ds Max Application Callbacks Arbitrary Command Execution
• 09.48.28 - Autodesk Maya MEL Script Nodes Remote Command Execution
• 09.48.29 - Autodesk Softimage Scene TOC File Remote Code Execution
• 09.48.30 - WP Contact Form WordPress Plugin Multiple HTML Injection Vulnerabilities
• 09.48.31 - Mozilla Firefox "libpr0n" GIF File Handling Denial of Service
• 09.48.32 - ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning
• 09.48.33 - Mozilla Firefox Sage Extension RSS Feeds Cross-Domain Scripting
• 09.48.34 - Mozilla Firefox Yoono Extension DOM Event Handler Cross-Domain Scripting
• 09.48.35 - GNU libtool "libltdl" Library Search Path Local Privilege Escalation

Web Application - Cross Site Scripting

• 09.48.36 - Drupal PHPList Integration "My Account" Cross-Site Request Forgery
• 09.48.37 - IBM Rational Products Multiple Cross-Site Scripting Vulnerabilities
• 09.48.38 - GForge "helpname" Parameter Cross-Site Scripting
• 09.48.39 - WordPress WP-PHPList Plugin "unsubscribeemail" Parameter Cross-Site Scripting
• 09.48.40 - WordPress Trashbin Plugin "mtb_undelete" Parameter Cross-Site Scripting
• 09.48.41 - WordPress WP-Cumulus Plugin "tagcloud.swf" Cross-Site Scripting
• 09.48.42 - WordPress WP-Cumulus Plugin Cross-Site Scripting
• 09.48.43 - Subscribe to Comments WordPress Plugin Multiple Cross-Site Scripting Vulnerabilities
• 09.48.44 - Subscribe to Comments Multiple Unspecified Cross-Site Scripting Vulnerabilities

Web Application - SQL Injection

• 09.48.45 - Joomla! JoomClip Component "cat" Parameter SQL Injection
• 09.48.46 - Joomla! iF Portfolio Nexus Component "id" Parameter SQL Injection
• 09.48.47 - CubeCart "productId" SQL Injection
• 09.48.48 - e107 Cross-Site Scripting and SQL Injection Vulnerabilities
• 09.48.49 - Joomla! "com_mygallery" Component "cid" Parameter SQL Injection

Web Application

• 09.48.50 - Drupal Strongarm Module "value" Field HTML Injection
• 09.48.51 - Drupal Subgroups For Organic Groups Node Title HTML Injection
• 09.48.52 - Drupal Agreement Module Multiple HTML Injection Vulnerabilities
• 09.48.53 - Drupal Ubercart Cross-Site Request Forgery and Security Bypass Vulnerabilities
• 09.48.54 - Drupal Printfriendly Unspecified HTML Injection
• 09.48.55 - Drupal Feed Element Mapper Module Multiple HTML Injection Vulnerabilities
• 09.48.56 - Drupal Gallery Assist Module Node Title HTML Injection
• 09.48.57 - Simplog Multiple Remote Vulnerabilities
• 09.48.58 - Redmine Cross-Site Scripting and Request Forgery Remote Vulnerabilities
• 09.48.59 - Drupal Node Hierarchy Module Node Title HTML Injection
• 09.48.60 - PEAR Sendmail
• 09.48.61 - Outreach Project Tool "CRM_path" Parameter Remote File Include
• 09.48.62 - PEAR Net_Ping "ping()" Function Arbitrary Argument Injection
• 09.48.63 - PEAR Net_Traceroute "traceroute()" Function Arbitrary Argument Injection
• 09.48.64 - FireStats WordPress Plugin Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities
• 09.48.65 - WP Contact Form WordPress Plugin Security Bypass and Multiple HTML Injection Vulnerabilities
• 09.48.66 - Fuctweb CapCC Plugin for WordPress CAPTCHA Security Bypass
• 09.48.67 - Subscribe to Comments WordPress Plugin Unsubscribe Challenge Information Disclosure
• 09.48.68 - PHP Live! "DOCUMENT_ROOT" Parameter Multiple Remote File Include
• 09.48.69 - WordPress Multiple Plugins Captcha Bypass Vulnerabilities
• 09.48.70 - Cacti Multiple HTML Injection Vulnerabilities
• 09.48.71 - OpenX Arbitrary File Upload
• 09.48.72 - Subscribe to Comments WordPress Plugin Multiple Unspecified Input Validation Vulnerabilities
• 09.48.73 - Quick.Cart and Quick.CMS Delete Function Cross-Site Request Forgery
• 09.48.74 - klinza professional cms "menulast.php" Local File Include

Network Device

• 09.48.75 - Multiple HP LaserJet Printers Unauthorized Access and Denial of Service

PART I Critical Vulnerabilities

Part I for this issue has been compiled by Rohan Kotian at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems.

Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 48, 2009

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 7653 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely. ______________________________________________________________________

• 09.48.1 - CVE: CVE-2009-3762
• Platform: Other Microsoft Products
• Title: Microsoft Internet Explorer "Style" Object Remote Code Execution
• Description: Microsoft Internet Explorer is a browser for the Windows operating system. Internet Explorer is exposed to a remote code execution issue that is related to the handling of the "Style" HTML tag when accessed via the "document.getElementsByTagName" JavaScript function. Internet Explorer versions 6 and 7 is affected by this issue.
• Ref: http://www.securityfocus.com/archive/1/507984

• 09.48.2 - CVE: Not Available
• Platform: Other Microsoft Products
• Title: Microsoft Internet Explorer PDF Generation Information Disclosure
• Description: Microsoft Internet Explorer is a web browser. The browser is exposed to an information disclosure issue when used in conjunction with a PDF generator. Specifically, if a local HTML file is converted to a PDF document via the Internet Explorer "print" dialog, the generated PDF document will contain the original filename and directory path in the "title" attribute. Ref: http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0243.html

• 09.48.3 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: RhinoSoft Serv-U FTP Server TEA Decoder Remote Stack Buffer Overflow
• Description: RhinoSoft Serv-U is an FTP server for Microsoft Windows platforms. The application is exposed to a remote stack-based buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue can be triggered when an unspecified function processes an overly long hexadecimal string using a TEA decoding algorithm. Serv-U version 9.0.0.5 and 9.0.0.1 are affected by this issue.
• Ref: http://www.securityfocus.com/archive/1/507955

• 09.48.4 - CVE: CVE-2009-3840
• Platform: Third Party Windows Apps
• Title: IBM SolidDB "solid.exe" Denial of Service
• Description: IBM SolidDB is a relational SQL database. The application is exposed to a remote denial of service issue that occurs in the "solid.exe" service listening on TCP port 2315 (default), when handling a specially crafted network packet containing an invalid error code. SolidDB versions 6.30.0.29 and 6.30.0.33 are affected by this issue. Ref: http://www-01.ibm.com/support/docview.wss?rs=0&q1=solidb&uid=swg24024510 http://www.coresecurity.com/content/ibm-soliddb-errorcode-dos

• 09.48.5 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Google Chrome Frame Same Origin Policy Bypass
• Description: Google Chrome Frame is a plugin for Microsoft Internet Explorer. The application is exposed to an issue that allows attackers to bypass the same origin policy. The issue occurs when processing links that use the "cf:view-source:" handler which may allow supplied JavaScript code to run within a security context different than the origin domain's context. Google Chrome Frame versions 4.0.223.9 and earlier are affected by this issue. Ref: http://lostmon.blogspot.com/2009/11/google-chrome-frame-null-domain-xss.html http://googlechromereleases.blogspot.com/2009/11/google-chrome-frame-update-bug-fixes.html

• 09.48.6 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Cisco VPN Client for Windows "StartServiceCtrlDispatche" Local Denial of Service
• Description: Cisco VPN Client for Windows is exposed to a local denial of service issue which occurs in the "StartServiceCtrlDispatcher" function when the "cvpnd.exe" binary is executed as a console application. Successfully exploiting this issue may allow a local attacker to crash the application, resulting in a denial of service condition. Cisco VPN Client for Windows versions earlier than 5.0.06.0100 are affected by this issue.
• Ref: http://tools.cisco.com/security/center/viewAlert.x?alertId=19445

• 09.48.7 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: XM Easy Personal FTP Server File/Folder Remote Denial of Service
• Description: XM Easy Personal FTP Server is an FTP server for Microsoft Windows. The server is exposed to a remote denial of service issue. This issue occurs when the root directory contains more than 2000 files or folders and an attacker issues a LIST command. The affected server will crash. XM Easy Personal FTP Server 5.8.0 is affected by this issue.
• Ref: http://www.securityfocus.com/archive/1/508049

• 09.48.8 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: TYPSoft FTP Server "APPE" and "DELE" Commands Remote Denial of Service
• Description: TYPSoft FTP Server is an FTP server for Microsoft Windows. The server is exposed to a remote denial of service issue that occurs when handling data passed to the "APPE" and "DELE" commands via the same socket connection. TYPSoft FTP Server version 1.10 is affected by this issue.
• Ref: http://securityreason.com/exploitalert/7475

• 09.48.9 - CVE: CVE-2009-3033
• Platform: Third Party Windows Apps
• Title: Multiple Symantec Altiris Products "RunCmd()" ActiveX Control Buffer Overflow
• Description: Symantec Altiris Deployment Solution is software for deploying and managing devices from a centralized location. Symantec Altiris Notification Server with Symantec Management Platform and Altiris Deployment Solution are prone to a buffer overflow issue because the application's web console uses an ActiveX control provided by "AeXNSConsoleUtilities.dll" that fails to properly validate user-supplied input to the "RunCmd()" method. Ref: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvd=security_advisory&year=2009&suid=20091124_00 https://kb.altiris.com/display/1n/articleDirect/index.asp?aid=50072&r=0.1711542 https://kb.altiris.com/display/1n/articleDirect/index.asp?aid=50279&r=0.2102625

• 09.48.10 - CVE: CVE-2005-4882
• Platform: Third Party Windows Apps
• Title: Philippe Jounin Tftpd32 Long Filename Denial of Service
• Description: Philippe Jounin TFTPD32 is a Trivial File Transfer Protocol server available for Microsoft Windows platforms. The server is exposed to a denial of service issue that occurs when the application handles a long filename in a TFTP read. Philippe Jounin TFTPD32 version 2.74 is affected by this issue.
• Ref: http://www.kb.cert.org/vuls/id/632633

• 09.48.11 - CVE: CVE-2005-4882
• Platform: Third Party Windows Apps
• Title: Philippe Jounin TFTPD32 Connect Frame Denial of Service
• Description: Philippe Jounin TFTPD32 is a Trivial File Transfer Protocol server available for Microsoft Windows platforms. The server is exposed to a denial of service issue due to a race condition that occurs because the application fails to handle specially crafted "connect frames". Philippe Jounin TFTPD32 versions earlier than 2.80 are affected by this issue.
• Ref: http://pagesperso-orange.fr/philippe.jounin/tftpd32_news.html

• 09.48.12 - CVE: CVE-2009-3080
• Platform: Linux
• Title: Linux Kernel "drivers/scsi/gdth.c" Local Privilege Escalation
• Description: Linux kernel is exposed to a local privilege escalation issue that is caused by an array index error. This issue occurs in the "gdth_read_event()' function of the 'drivers/scsi/gdth.c' source file. Ref: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=690e744869f3262855b83b4fb59199cf142765b0

• 09.48.13 - CVE: Not Available
• Platform: Linux
• Title: Linux Kernel "fuse_direct_io()" Denial of Service
• Description: The Linux kernel is exposed to a local denial of service issue that stems from an invalid pointer dereference. Specifically, if allocation requests fail within a loop in the "fuse_direct_io()" function, an unconditional "fuse_put_request()" is made on the resulting invalid pointer in the "fs/fuse/file.c" source file. Ref: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f60311d5f7670d9539b424e4ed8b5c0872fc9e83 https://bugzilla.redhat.com/show_bug.cgi?id=538734

• 09.48.14 - CVE: Not Available
• Platform: Solaris
• Title: Sun Solaris "sshd(1M)" Timeout Mechanism Remote Denial of Service
• Description: Sun Solaris "sshd(1M)" daemon is exposed to a remote denial of service issue because of an unspecified error in the timeout mechanism. Successfully exploiting this issue may allow remote attackers to cause the "sshd" daemon to stop accepting new "ssh(1)" connections, denying service to legitimate users. Solaris version 10, and OpenSolaris based on builds snv_99 through snv_123 are affected by this issue.
• Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-66-272629-1

• 09.48.15 - CVE: CVE-2009-0689
• Platform: Unix
• Title: KDE KDELibs "dtoa()" Remote Code Execution
• Description: KDE (K Desktop Environment) is a desktop for Unix variants. KDE is exposed to a remote code execution issue when the "dtoa()" function parses strings into floating-point numbers. KDE KDELibs version 4.3.3 is affected by this issue.
• Ref: http://securityreason.com/achievement_securityalert/74

• 09.48.16 - CVE: Not Available
• Platform: Cross Platform
• Title: Xerver HTTP Response Splitting
• Description: Xerver is a Java-based HTTP and FTP server application that is available for a number of platforms. The application is exposed to a HTTP response splitting issue because it fails to sufficiently sanitize input in certain requests before using it in HTTP headers. Xerver versions 4.31 and 4.32 are affected by this issue.
• Ref: http://www.securityfocus.com/bid/37064

• 09.48.17 - CVE: CVE-2009-3936
• Platform: Cross Platform
• Title: Multiple Citrix Products Unspecified SSL/TLS Certificate Spoofing
• Description: Multiple Citrix products are exposed to an issue that may allow attackers to spoof an SSL or TLS endpoint. Successfully exploiting this issue may allow attackers to impersonate a legitimate server to bypass intended authentication protections. Citrix Online Plug-in for Windows earlier than 11.0.150 and 11.2; Citrix Online Plug-in for Mac earlier than 11.0; Citrix Receiver for iPhone earlier than 1.0.3 and ICA Client for XenApp and ICA Client for XenDesktop are affected by this issue.
• Ref: http://support.citrix.com/article/CTX123248

• 09.48.18 - CVE: CVE-2009-3930
• Platform: Cross Platform
• Title: file CDF File Parsing Multiple Buffer Overflow Vulnerabilities
• Description: The "file" command is for determining file types available for multiple platforms. The application is exposed to multiple buffer overflow vulnerabilities because it fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. CDF file versions earlier than 5.02 are affected by this issue.
• Ref: http://mx.gw.com/pipermail/file/2009/000382.html

• 09.48.19 - CVE: Not Available
• Platform: Cross Platform
• Title: MySQL MyISAM Table Symbolic Link Local Privilege Escalation
• Description: MySQL is an open source SQL database available for multiple operating systems. MySQL is exposed to a local privilege escalation issue caused by an incomplete fix introduced in MySQL 5.1.24. where the application validates the directory path only when creating tables, but not when opening tables. MySQL versions earlier than 5.1.41 are affected by this issue.
• Ref: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html

• 09.48.20 - CVE: Not Available
• Platform: Cross Platform
• Title: MySQL OpenSSL Server Certificate yaSSL Security Bypass
• Description: MySQL is an open source SQL database available for multiple operating systems. The application is exposed to a security bypass issue because MySQL client that uses OpenSSL fails to check the server certificates presented by a server that uses yaSSL. MySQL versions earlier than5.1.41 are affected by this issue.
• Ref: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html

• 09.48.21 - CVE: CVE-2009-0689
• Platform: Cross Platform
• Title: Opera Web Browser "dtoa()" Remote Code Execution
• Description: Opera Web Browser is a browser that runs on multiple operating systems. The application is exposed to a remote code execution issue when the JavaScript engine parses strings into floating-point numbers using the "dtoa()" function. Opera version 10.01 is affected by this issue.
• Ref: http://www.opera.com/docs/changelogs/windows/1010/

• 09.48.22 - CVE: Not Available
• Platform: Cross Platform
• Title: PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
• Description: PHP is a general purpose scripting language that is especially suited for web development and can be embedded into HTML. It is exposed to an unspecified input validation issue that affects "exif" processing, an unspecified security bypass issue that occurs in the "tempnam()" and "posix_mkfifo()" functions that may allow an attacker to bypass the "safe_mode" feature, an unspecified issue related to "popen" and invalid modes, and an unspecified issue related to "safe_mode_include_dir". PHP versions earlier than 5.3.1 are affected by this issue.
• Ref: http://www.php.net/releases/5_3_1.php

• 09.48.23 - CVE: Not Available
• Platform: Cross Platform
• Title: Dovecot Insecure "base_dir" Permissions Local Privilege Escalation
• Description: Dovecot is a mail server for Linux and Unix like operating systems. The application is exposed to a local privilege escalation issue because it sets 0777 permissions on the "base_dir" directory. Dovecot versions earlier than 1.2.8 are affected by this issue.
• Ref: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html

• 09.48.24 - CVE: CVE-2009-3843
• Platform: Cross Platform
• Title: HP Operations Manager Remote Unauthorized Access
• Description: HP Operations Manager is an application for managing IT infrastructure available for a number of platforms. The application is exposed to a remote unauthorized access issue because there is a hidden account in the Tomcat users XML file. Operations Manager 8.1 for Windows is affected by this issue. Ref: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01931960 http://www.zerodayinitiative.com/advisories/ZDI-09-085/

• 09.48.25 - CVE: Not Available
• Platform: Cross Platform
• Title: Opera Web Browser Security Bypass and Unspecified Vulnerabilities
• Description: Opera Web Browser is a browser that runs on multiple operating systems. The application is exposed to a security bypass issue because it allows passing error messages of one site to another through the contents of unrelated variables and is also exposed to an unspecified issue with moderate impact. Opera Web Browser versions earlier than 10.10 are affected by this issue.
• Ref: http://www.opera.com/docs/changelogs/windows/1010/ http://www.opera.com/support/kb/view/941/

• 09.48.26 - CVE: Not Available
• Platform: Cross Platform
• Title: Mozilla Firefox infoRSS Extension RSS Feeds Cross-Domain Scripting
• Description: infoRSS is an RSS feed reader extension for Mozilla Firefox. The infoRSS extension for Mozilla Firefox is exposed to a cross-domain scripting issue because the application fails to properly sanitize user-supplied input passed to RSS feeds before displaying it in a user's browser. infoRSS version 1.1.4.2 is affected by this issue. Ref: https://addons.mozilla.org/en-US/firefox/addons/versions/361#version-1.2.0

• 09.48.27 - CVE: CVE-2009-3577
• Platform: Cross Platform
• Title: Autodesk 3ds Max Application Callbacks Arbitrary Command Execution
• Description: Autodesk 3ds Max is an application for 3D modeling, animation, and rendering. The application is exposed to a issue that lets attackers execute arbitrary commands in the context of the application, because the application's built-in scripting language, MaxScript, allows application callbacks to be embedded in ".max" files. 3ds Max versions 6 through 9 and 3ds Max 2008 through 2010 are affected by this issue. Ref: http://www.coresecurity.com/content/3dsmax-arbitrary-command-execution

• 09.48.28 - CVE: CVE-2009-3578
• Platform: Cross Platform
• Title: Autodesk Maya MEL Script Nodes Remote Command Execution
• Description: Autodesk Maya is a 3D modeling application available for multiple operating platforms. The software is exposed to a remote command execution issue because it fails to properly handle specially crafted files. Specifically, ".mb" and ".ma" files may contain MEL (Maya Embedded Language) scripting nodes that can contain arbitrary MEL or Python code that may execute when the file is opened. Maya 2010 and earlier are affected by this issue.
• Ref: http://www.coresecurity.com/content/maya-arbitrary-command-execution

• 09.48.29 - CVE: Not Available
• Platform: Cross Platform
• Title: Autodesk Softimage Scene TOC File Remote Code Execution
• Description: Autodesk Softimage is an application for 3D modeling, animation, rendering, and compositing. The application is exposed to a remote code execution issue that occurs when handling specially crafted scene TOC (table of contents) files. Ref: http://www.coresecurity.com/content/softimage-arbitrary-command-execution

• 09.48.30 - CVE: Not Available
• Platform: Cross Platform
• Title: WP Contact Form WordPress Plugin Multiple HTML Injection Vulnerabilities
• Description: The WP Contact Form plugin for WordPress is a messaging application implemented in PHP. The application is exposed to multiple HTML injection vulnerabilities because it fails to sanitize user-supplied input for the "name", "email", and "phone" textboxes provided by the "contact/" script.
• Ref: http://www.securityfocus.com/archive/1/508003

• 09.48.31 - CVE: Not Available
• Platform: Cross Platform
• Title: Mozilla Firefox "libpr0n" GIF File Handling Denial of Service
• Description: Mozilla Firefox is a web browser available for Windows, Linux, and Mac OS X platforms. Mozilla Firefox is exposed to a denial of service issue when handling malformed GIF files which can be triggered with specially crafted files with a large image size and results in a NULL pointer dereference leading to a crash. Mozilla Firefox versions earlier than 3.5.5 are affected by this issue.
• Ref: https://bugzilla.mozilla.org/show_bug.cgi?id=525326 https://wiki.mozilla.org/Releases/Firefox_3.5.5/Test_Plan

• 09.48.32 - CVE: CVE-2009-4022
• Platform: Cross Platform
• Title: ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning
• Description: A remote DNS cache poisoning vulnerability affects BIND 9. This issue occurs due to a failure to properly validate additional sections to query responses when resolving recursive client queries validated with DNSSEC. BIND versions earlier than 9.4.3-P4; 9.5.2-P1 and 9.6.1-P2 are affected by this issue.
• Ref: https://www.isc.org/node/504 http://sunsolve.sun.com/search/document.do?assetkey=1-66-273169-1

• 09.48.33 - CVE: Not Available
• Platform: Cross Platform
• Title: Mozilla Firefox Sage Extension RSS Feeds Cross-Domain Scripting
• Description: Sage is an RSS feed reader for Mozilla Firefox. The Sage extension is exposed to a cross-domain scripting issue because it fails to properly sanitize user-supplied input passed via RSS feeds before displaying them in a user's browser. Sage versions 1.4.3 is affected by this issue.
• Ref: http://forums.mozillazine.org/viewtopic.php?f=48&t=1603515&start=0 http://www.net-security.org/secworld.php?id=8527

• 09.48.34 - CVE: Not Available
• Platform: Cross Platform
• Title: Mozilla Firefox Yoono Extension DOM Event Handler Cross-Domain Scripting
• Description: Yoono is a social networking application that is available as an extension for Mozilla Firefox. The extension is prone to a cross-domain scripting issue because it fails to properly sanitize user-supplied input when malicious webpages including DOM event handlers such as "onLoad()" are accessed. The Yoono version 6.1.1 is affected by this issue.
• Ref: http://www.net-security.org/secworld.php?id=8527

• 09.48.35 - CVE: CVE-2009-3736
• Platform: Cross Platform
• Title: GNU libtool "libltdl" Library Search Path Local Privilege Escalation
• Description: GNU libtool is a generic library support script. GNU libtool is exposed to a local privilege escalation issue that affects the "libltdl" library. Specifically, when calling a shared object, the application includes the current working directory of the module's search path. An attacker can exploit this issue by placing a specially crafted shared object or a ".la" file in a directory and enticing an unsuspecting administrator to run the application from the shared object's directory. GNU libtool versions earlier than 2.2.6b are affected by this issue.
• Ref: http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html

• 09.48.36 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Drupal PHPList Integration "My Account" Cross-Site Request Forgery
• Description: Drupal PHPList Integration is a module that integrates Drupal and the PHPList mailing list application. The application is exposed to a cross-site request forgery issue. Specifically, the links for subscribing and unsubscribing to and from mailing lists in "My Account" fails to properly implement the Drupal Forms API submission model, which is used to protect users from cross-site request forgery attacks. Drupal PHPList Integration versions 6.x-1.0 and 5.x-1.1 are affected by this issue.
• Ref: http://drupal.org/node/636412

• 09.48.37 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: IBM Rational Products Multiple Cross-Site Scripting Vulnerabilities
• Description: IBM Rational products are exposed to multiple cross-site scripting issues because they fail to properly sanitize user-supplied input in the JSF Tree Control and the JavaScript Resource Servlet. IBM Rational Application Developer for WebSphere Software versions 7.0.x and IBM Rational Software Architect versions 7.0.x are affected by this issue.
• Ref: http://www-01.ibm.com/support/docview.wss?uid=swg27012378 http://www-01.ibm.com/support/docview.wss?uid=swg27012558

• 09.48.38 - CVE: CVE-2009-3303
• Platform: Web Application - Cross Site Scripting
• Title: GForge "helpname" Parameter Cross-Site Scripting
• Description: GForge is a PHP-based application for managing source code. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "helpname" parameter before using it in dynamically generated content. GForge versions 4.5.14 and 4.7rc2 are affected by this issue.
• Ref: http://www.securityfocus.com/bid/37088

• 09.48.39 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: WordPress WP-PHPList Plugin "unsubscribeemail" Parameter Cross-Site Scripting
• Description: WP-PHPList is a PHP-based list plugin for WordPress. The WP-PHPList plugin is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input for the "unsubscribeemail" parameter of the "wp-phplist.php" script. WP-PHPList version 2.10.2 is affected by this issue.
• Ref: http://www.securityfocus.com/archive/1/508003

• 09.48.40 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: WordPress Trashbin Plugin "mtb_undelete" Parameter Cross-Site Scripting
• Description: Trashbin is a plugin for WordPress that allows users to keep deleted posts or messages. The plugin is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input for the "mtb_undelete" parameter of the "trashbin.php" script. WordPress Trashbin version 0.1 is affected by this issue.
• Ref: http://websecurity.com.ua/2021 http://www.securityfocus.com/archive/1/508003

• 09.48.41 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: WordPress WP-Cumulus Plugin "tagcloud.swf" Cross-Site Scripting
• Description: WP-Cumulus is a plugin for WordPress. The WP-Cumulus plugin is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "href" parameter of the "tagcloud.swf" file. WP-Cumulus versions prior to 1.23 are affected by this issue.
• Ref: http://www.securityfocus.com/archive/1/508003

• 09.48.42 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: WordPress WP-Cumulus Plugin Cross-Site Scripting
• Description: WP-Cumulus is a plugin for WordPress. The WP-Cumulus plugin is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "wp-cumulus.php" script. WP-Cumulus versions earlier than 1.22 are affected by this issue.
• Ref: http://www.securityfocus.com/bid/37102/

• 09.48.43 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Subscribe to Comments WordPress Plugin Multiple Cross-Site Scripting Vulnerabilities
• Description: Subscribe to Comments is a plugin for the WordPress content manager. The application is exposed to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data to multiple scripts and parameters. Subscribe to Comments versions earlier than 2.0.8 are affected by this issue.
• Ref: http://www.securityfocus.com/bid/37105

• 09.48.44 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Subscribe to Comments Multiple Unspecified Cross-Site Scripting Vulnerabilities
• Description: Subscribe to Comments is a plugin for the WordPress content manager. The application is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Subscribe to Comments versions prior to 2.1 are affected by this issue.
• Ref: http://www.securityfocus.com/bid/37111

• 09.48.45 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: Joomla! JoomClip Component "cat" Parameter SQL Injection
• Description: JoomClip is a PHP-based component for the Joomla! content manager. The application is exposed to a SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "cat" parameter of the "com_joomclip" component before using it an SQL query.
• Ref: http://secunia.com/advisories/37400/

• 09.48.46 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: Joomla! iF Portfolio Nexus Component "id" Parameter SQL Injection
• Description: iF Portfolio Nexus is a PHP-based portfolio management component for the Joomla! content manager. The application is exposed to a SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "services/portfolio.php" script before using it an SQL query.
• Ref: http://www.inertialfate.za.net/services/portfolio?view=item&id=103

• 09.48.47 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: CubeCart "productId" SQL Injection
• Description: CubeCart is a web-based ecommerce application implemented in PHP. The application is exposed to a SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "productId" parameter of the "includes/content/viewProd.inc.php" script before using it in an SQL query. CubeCart version 4.3.6 is affected by this issue.
• Ref: http://forums.cubecart.com/index.php?showtopic=39900

• 09.48.48 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: e107 Cross-Site Scripting and SQL Injection Vulnerabilities
• Description: e107 is a PHP-based content manager. The application is exposed to multiple cross-site scripting issues due to improper validation of user-supplied in multiple pages and an SQL injection issue because it fails to provide validate the user-supplied input in the search function of the application. e107 versions 0.7.16 and earlier are affected by this issue.
• Ref: http://blog.bkis.com/e107-multiple-vulnerabilities/

• 09.48.49 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: Joomla! "com_mygallery" Component "cid" Parameter SQL Injection
• Description: The "com_mygallery" component is an extension for the Joomla! content manager. The application is exposed to a SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "cid" parameter of the "com_mygallery" component before using it an SQL query.
• Ref: http://www.securityfocus.com/archive/1/488434

• 09.48.50 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Strongarm Module "value" Field HTML Injection
• Description: Strongarm is a PHP-based component for the Drupal content manager. The application is exposed to a HTML injection isssue because it fails to properly sanitize user-supplied input to the "value" field in the settings page before displaying it in a user's browser. Strongarm versions earlier than 6.x-1.1 are affected by this issue.
• Ref: http://drupal.org/node/636462

• 09.48.51 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Subgroups For Organic Groups Node Title HTML Injection
• Description: Subgroups For Organic Groups is a module for the Drupal content manger that allows users to set group hierarchies. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input to the titles of nodes before displaying them in the web browser. Drupal Subgroups For Organic Groups versions 5.x-4.0 beta and 5.x-3.3 are affected by this issue.
• Ref: http://drupal.org/node/636562

• 09.48.52 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Agreement Module Multiple HTML Injection Vulnerabilities
• Description: Agreement is a module for the Drupal content manager. The module is exposed to multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content for some unspecified fields. Agreement module versions earlier than 6.x-1.2 are affected by this issue.
• Ref: http://drupal.org/node/636568

• 09.48.53 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Ubercart Cross-Site Request Forgery and Security Bypass Vulnerabilities
• Description: Ubercart is a shopping cart module for the Drupal content manager. The application is exposed an unspecified cross-site request forgery vulnerability and a security bypass issue because the application exposes a path for completed orders without properly checking if the order is valid for the current user allowing attackers to place duplicate orders. Drupal Ubercart versions 6.x-2.0 and 5.x-1.8 are affected by this issue.
• Ref: http://drupal.org/node/636576

• 09.48.54 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Printfriendly Unspecified HTML Injection
• Description: Printfriendly is a module for the Drupal content manger that integrates the printfriendly.com printer service. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before displaying it in a users web browser. Drupal Printfriendly versions earlier than 6.x-1.5 are affected by this issue.
• Ref: http://drupal.org/node/636678

• 09.48.55 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Feed Element Mapper Module Multiple HTML Injection Vulnerabilities
• Description: Feed Element Mapper is a plugin module for the Drupal content manager. The module is exposed to multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input obtained from RSS feeds before using it in dynamically generated content. Feed Element Mapper versions earlier than 5.x-1.3 and 6.x-1.3 are affected by this issue.
• Ref: http://drupal.org/node/636518

• 09.48.56 - CVE: Not Available
• Platform: Web Application
• Title: Drupal Gallery Assist Module Node Title HTML Injection
• Description: Gallery Assist is an image gallery module for the Drupal content manager. The module is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input to the node title in an unspecified field before displaying it in a user's browser. Gallery Assist versions earlier than 6.x-1.7 are affected by this issue.
• Ref: http://drupal.org/node/636660

• 09.48.57 - CVE: Not Available
• Platform: Web Application
• Title: Simplog Multiple Remote Vulnerabilities
• Description: Simplog is a web-based blogging application. The application is exposed to multiple HTML injection vulnerabilities because it fails to sufficiently sanitize user-supplied input to the "Name" and "Email" parameters before adding comments to a blog entry, a cross-site request forgery issue in the "user.php" script and a security-bypass issue in the "comments.php" script because the application fails to properly authorize a user before editing or deleting comments. Simplog version 0.9.3.2 is affected by this issue.
• Ref: http://exploits.offensive-security.com/record.php?id=10180&type=webapps

• 09.48.58 - CVE: Not Available
• Platform: Web Application
• Title: Redmine Cross-Site Scripting and Request Forgery Remote Vulnerabilities
• Description: Redmine is project management web-application. The application is exposed to an unspecified cross-site scripting issue because the application fails to sufficiently sanitize user-supplied input, and a cross-site request forgery issue which may allow a remote attacker to use a victim's currently active session to perform actions with the application. Redmine versions earlier than 0.8.7 are affected by this issue.
• Ref: http://jvn.jp/en/jp/JVN87341298/index.html http://jvn.jp/en/jp/JVN01245481/index.html

• 09.48.59 - CVE: CVE-2009-3916
• Platform: Web Application
• Title: Drupal Node Hierarchy Module Node Title HTML Injection
• Description: Node Hierarchy is a module for the Drupal content manager. The module is exposed to a HTML injection issue because it fails to properly sanitize user-supplied input contained in child node titles before displaying it in a user's browser. Node Hierarchy versions earlier than 5.x-1.3 and 6.x-1.3 are affected by this issue.
• Ref: http://drupal.org/node/623490

• 09.48.60 - CVE: Not Available
• Platform: Web Application
• Title: PEAR Sendmail
• Description: PEAR is a framework for reusable PHP components. The framework is exposed to a remote argument injection issue because it fails to adequately sanitize user-supplied input data for the "From" parameter of the "Mail::Send()" method. PEAR version 1.1.14 is affected by this issue.
• Ref: http://pear.php.net/bugs/bug.php?id=16200

• 09.48.61 - CVE: Not Available
• Platform: Web Application
• Title: Outreach Project Tool "CRM_path" Parameter Remote File Include
• Description: Outreach Project Tool is a web-based project management application implemented in PHP. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "CRM_path" parameter of the "opt/forums/Forum_Include/index.php" script. Outreach Project Tool version 1.2.7 is affected by this issue.
• Ref: http://secunia.com/advisories/37447/

• 09.48.62 - CVE: Not Available
• Platform: Web Application
• Title: PEAR Net_Ping "ping()" Function Arbitrary Argument Injection
• Description: PEAR is a framework for reusable PHP components. The application is exposed to a remote argument injection vulnerability because it fails to adequately sanitize user-supplied input to the "host" parameter of the "ping()" function located in the "ping.php" script. PEAR Net_Ping versions earlier than 2.4.5 are affected by this issue.
• Ref: http://pear.php.net/advisory20091114-01.txt http://svn.php.net/viewvc/pear/packages/Net_Ping/trunk/Ping.php?r1=274728&r2
  =290669

• 09.48.63 - CVE: Not Available
• Platform: Web Application
• Title: PEAR Net_Traceroute "traceroute()" Function Arbitrary Argument Injection
• Description: PEAR is a framework for reusable PHP components. The framework is exposed to a remote argument injection issue because it fails to adequately sanitize user-supplied input to the "host" parameter of the "traceroute()" function located in the "Traceroute.php" script. PEAR Net_Traceroute versions prior to 0.21.2 are affected by this issue.
• Ref: http://pear.php.net/advisory20091114-01.txt http://svn.php.net/viewvc/pear/packages/Net_Traceroute/trunk/Traceroute.php?r1=2
  32735&r2=290749

• 09.48.64 - CVE: Not Available
• Platform: Web Application
• Title: FireStats WordPress Plugin Multiple Cross-Site Scripting and Authentication Bypass Vulnerabilities
• Description: FireStats is a statistic tracking plugin for the WordPress content manager. The application is exposed to an authentication bypass issue because the plugin fails to restrict unauthorized users from accessing the "firestats/php/ajax-handler.php" administrative script, a cross-site scripting issue because the plugin fails to sufficiently sanitize user-supplied input to the "action" parameter of the "firestats/php/ajax-handler.php" script, and multiple cross-site scripting vulnerabilities because the plugin fails to sufficiently sanitize user-supplied input passed to unspecified scripts via the "UserAgent" field. FireStats version 1.0.2 is affected by this issue.
• Ref: http://www.securityfocus.com/bid/37099

• 09.48.65 - CVE: Not Available
• Platform: Web Application
• Title: WP Contact Form WordPress Plugin Security Bypass and Multiple HTML Injection Vulnerabilities
• Description: The WP Contact Form plugin for WordPress is a messaging application implemented in PHP. The application fails to sanitize user-supplied input to multiple parameters of the "options-contactform.php" script and also is exposed to a security-bypass vulnerability affecting the CAPTCHA because the "wpcf_response" parameter may be reused. WP Contact Form version 2.0.7 is affected by this issue.
• Ref: http://www.securityfocus.com/bid/37102/

• 09.48.66 - CVE: Not Available
• Platform: Web Application
• Title: Fuctweb CapCC Plugin for WordPress CAPTCHA Security Bypass
• Description: Fuctweb CapCC Plugin for WordPress is a web-based application implemented in PHP. CATPCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a challenge-response protocol to determine if the user is a human or a computer. The application is exposed to a security bypass issue that occurs in the CAPTCHA. CapCC version 1.0 is affected by this issue.
• Ref: http://www.securityfocus.com/bid/37103/references

• 09.48.67 - CVE: Not Available
• Platform: Web Application
• Title: Subscribe to Comments WordPress Plugin Unsubscribe Challenge Information Disclosure
• Description: Subscribe to Comments is a plugin for the WordPress content manager. The application is exposed to an information disclosure issue due to a design error. Subscribe to Comments versions earlier than 2.0.4 are affected by this issue. Ref: http://markjaquith.wordpress.com/2006/05/28/subscribe-to-comments-204/

• 09.48.68 - CVE: Not Available
• Platform: Web Application
• Title: PHP Live! "DOCUMENT_ROOT" Parameter Multiple Remote File Include
• Description: PHP Live! is a customer support application implemented in PHP. The application is exposed to multiple remote file include vulnerabilities because it fails to sufficiently sanitize user-supplied input to the "DOCUMENT_ROOT" parameter in "index.php", "chat.php" and "help.php". PHP Live! version 3.1 is affected by this issue.
• Ref: http://www.securityfocus.com/bid/37106/references

• 09.48.69 - CVE: Not Available
• Platform: Web Application
• Title: WordPress Multiple Plugins Captcha Bypass Vulnerabilities
• Description: WordPress is a web-based blogging application. Multiple plugins for WordPress are prone to CAPTCHA bypass issues. Specifically an attacker may predict the values of captcha codes, manipulate the parameter values in URLs, or reuse a session to bypass the CAPTCHA checks. Successsfully exploiting this issue may allow attackers to leverage these issues to bypass the CAPTCHA check and perform unauthorized actions.
• Ref: http://www.securityfocus.com/bid/37108/

• 09.48.70 - CVE: Not Available
• Platform: Web Application
• Title: Cacti Multiple HTML Injection Vulnerabilities
• Description: Cacti is a complete frontend for the RRDTool implemented in PHP and employs an SQL backend database. The application is exposed to multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content for the "name" parameter of the "data_input.php" script and other unspecified scripts and parameters. Cacti 0.8.7e is affected by this issue.
• Ref: http://docs.cacti.net/#cross-site_scripting_fixes

• 09.48.71 - CVE: Not Available
• Platform: Web Application
• Title: OpenX Arbitrary File Upload
• Description: OpenX is a web-based ad server implemented in PHP. The application is exposed to a issue that lets attackers upload arbitrary files because the application fails to adequately validate user-supplied input which allows files with embedded script code and arbitrary extensions to be uploaded through the facility for uploading images. OpenX 2.8.1 and earlier are affected by this issue.
• Ref: http://www.securityfocus.com/archive/1/508050

• 09.48.72 - CVE: Not Available
• Platform: Web Application
• Title: Subscribe to Comments WordPress Plugin Multiple Unspecified Input Validation Vulnerabilities
• Description: Subscribe to Comments is a plugin for the WordPress content manager. The extension is exposed to multiple input validation vulnerabilities because it fails to adequately sanitize user-supplied data. Successfully exploiting this issue will allow an attacker to steal cookie-based authentication credentials or compromise the application.
• Ref: http://www.securityfocus.com/bid/37113/

• 09.48.73 - CVE: Not Available
• Platform: Web Application
• Title: Quick.Cart and Quick.CMS Delete Function Cross-Site Request Forgery
• Description: Quick.Cart is a shopping cart application and Quick.CMS is a content management system. These application are exposed to a cross-site request forgery issue because the application allows users to bypass certain security checks which affects the "delete" function when deleting products, pages and orders. Quick.Cart 3.4 and Quick.CMS 2.4 are affected by this issue.
• Ref: http://www.securityfocus.com/bid/37115/

• 09.48.74 - CVE: Not Available
• Platform: Web Application
• Title: klinza professional cms "menulast.php" Local File Include
• Description: Klinza professional cms is a content manager implemented in PHP. The application is exposed to a local file include issue because it fails to sufficiently sanitize user-supplied input to the "LANG" parameter of the "funzioni/lib/menulast.php" script. Klinza professional cms versions 5.0.1 and earlier are affected by this issue.
• Ref: http://www.juniper.net/security/auto/vulnerabilities/vuln37127.html

• 09.48.75 - CVE: Not Available
• Platform: Network Device
• Title: Multiple HP LaserJet Printers Unauthorized Access and Denial of Service
• Description: Multiple HP LaserJet printers are exposed to a security issue that may result in a denial of service condition or unauthorized access. HP Color LaserJet M3530 Multifunction Printer earlier than firmware 53.031.4 and HP Color LaserJet CP3525 Printer earlier than firmware 05.059.3 are affected by this issue.
• Ref: http://www.securityfocus.com/bid/37070

(c) 2009. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

Subscriptions: @RISK is distributed free of charge by the SANS Institute to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.