Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - March 26, 2012

by: Carol~ March 26, 2012 9:50 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - March 26, 2012

by Carol~ Moderator - 3/26/12 9:50 AM

FreePBX Multiple Cross-Site Scripting Vulnerabilities

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: FreePBX 2.x

Description:
Multiple vulnerabilities have been discovered in FreePBX, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "context" parameter in panel/index_amp.php and panel/dhtml/index.php, "clid" and "clidname" parameters in panel/flash/mypage.php, and via the URL to admin/views/freepbx_reload.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are confirmed in version 2.9.0. Prior versions may also be affected.

Solution:
Update to version 2.10.0.

Provided and/or discovered by:
Martin Tschirsich

Original Advisory:
http://archives.neohapsis.com/archives/fulldisclosure/2012-03/0234.html

http://secunia.com/advisories/48475/


Reply
Report offensive post
Email to friend

Debian update for gnutls26

by Carol~ Moderator - 3/26/12 9:54 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Highly critical
Impact : System access
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for gnutls26. This fixes a vulnera:ility, which can be exploited by malicious people to potentially compromise an application using the library.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2441-1:
http://www.debian.org/security/2012/dsa-2441

http://secunia.com/advisories/48511/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for libtasn1-3

by Carol~ Moderator - 3/26/12 9:55 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Highly critical
Impact : System access
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for libtasn1-3. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2440-1:
http://www.debian.org/security/2012/dsa-2440

http://secunia.com/advisories/48505/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

FreePBX Cross-Site Scripting and Command Injection

by Carol~ Moderator - 3/26/12 9:55 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

FreePBX Cross-Site Scripting and Command Injection Vulnerabilities

Release Date : 2012-03-26

Criticality level : Moderately critical
Impact : Cross Site Scripting
System access
Where : From remote
Solution Status : Vendor Workaround

Software: FreePBX 2.x

Description:
Two vulnerabilities have been reported in FreePBX, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

1) Input passed to the "login" parameter in recordings/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Input passed to the "callmenum" parameter in recordings/misc/callme_page.php (when "action" is set to "c") is not properly verified before being used. This can be exploited to inject and execute arbitrary shell commands.

The vulnerabilities are reported in version 2.10.0. Other versions may also be affected.

Solution:
Fixed in the SVN repository.

Provided and/or discovered by:
Martin Tschirsich

Original Advisory:
FreePBX:
http://www.freepbx.org/trac/ticket/5711

Martin Tschirsich:
http://archives.neohapsis.com/archives/fulldisclosure/2012-03/0234.html

http://secunia.com/advisories/48463/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Gentoo update for chromium

by Carol~ Moderator - 3/26/12 9:55 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Highly critical
Impact : Unknown
Security Bypass
Cross Site Scripting
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Gentoo Linux

Description:
Gentoo has issued an update for chromium. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.

Solution:
Update to version "www-client/chromium-17.0.963.83" or later.

Original Advisory:
GLSA 201203-19:
http://www.gentoo.org/security/en/glsa/glsa-201203-19.xml

http://secunia.com/advisories/48527/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for php5

by Carol~ Moderator - 3/26/12 9:55 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Highly critical
Impact : System access
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: SUSE Linux Enterprise Server (SLES) 10

Description:
SUSE has issued an update for php5. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory
SUSE-SU-2012:0411-1::
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html

http://secunia.com/advisories/48567/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Apache Traffic Server Host Header Buffer Overflow

by Carol~ Moderator - 3/26/12 9:57 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Apache Traffic Server Host Header Buffer Overflow Vulnerability

Release Date : 2012-03-26

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Apache Traffic Server 3.0.x
Apache Traffic Server 3.1.x

Description:
A vulnerability has been reported in Apache Traffic Server, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error when parsing the "Host" HTTP header and can be exploited to cause a heap-based buffer overflow via a specially crafted header.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions prior to 3.0.4 and 3.1.3.

Solution:
Update to version 3.0.4 or 3.1.3.

Provided and/or discovered by:
CERT-FI credits Codenomicon.

Original Advisory:
Apache:
http://mail-archives.apache.org/mod_mbox/www-announce/201203.mbox/%3C4F6B6649.9000507@apache.org%3E

CERT-FI:
https://www.cert.fi/en/reports/2012/vulnerability612884.html

http://secunia.com/advisories/48509/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

NetFront Life Browser for Android Unspecified Vulnerability

by Carol~ Moderator - 3/26/12 9:57 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Moderately critical
Impact : Unknown
Where : From remote
Solution Status : Vendor Patch

Software: NetFront Life Browser for Android 2.x

Description:
AppSec has reported a vulnerability with an unknown impact in NetFront Life Browser for Android.

The vulnerability is caused due to an unspecified error. Currently there is no further information available.

The vulnerability is reported in version 2.3.0. Prior versions may also be affected.

Solution:
Update to version 2.3.1.

Provided and/or discovered by:
Daoyuan Wu, Xiapu Luo and Rocky K. C. Chang, Department of Computing, The Hong Kong Polytechnic University

Original Advisory:
http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2012-1485-vulnerability-in-NetFrontLifeBrowser.html

http://secunia.com/advisories/48557/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Pale Moon Multiple Vulnerabilities

by Carol~ Moderator - 3/26/12 9:57 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Highly critical
Impact : Security Bypass
Cross Site Scripting
Exposure of sensitive information
System access
Where : From remote
Solution Status : Unpatched

Software: Pale Moon 9.x

Description:
Multiple vulnerabilities have been reported in Pale Moon, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.

Solution:
Upgrade to version 11.0.

Original Advisory:
http://www.palemoon.org/releasenotes-ng.shtml

http://secunia.com/advisories/48561/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

phpFox static/ajax.php Command Injection Vulnerability

by Carol~ Moderator - 3/26/12 10:57 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: phpFox 2.x
phpFox 3.x

Description:
A vulnerability has been reported in phpFox, which can be exploited by malicious people to compromise a vulnerable system.

Input passed via the "phpfox[call]" or "core[call]" POST parameter to static/ajax.php is not properly verified in the "Phpfox_Module::getComponent()" function within include/library/phpfox/module/module.class.php before being used in an "eval()" call. This can be exploited to inject and execute certain shell commands.

The vulnerability is reported in 2.x versions prior to 2.1.0 (build 3) and 3.x versions prior to 3.0.1 (build 3).

Solution:
Update to version 2.1.0 (build 3) or 3.0.1 (build 3).

Provided and/or discovered by:
Egidio Romano aka EgiX.

Original Advisory:
phpFox:
http://www.phpfox.com/blog/v2-1-0-build-3-v3-0-1-build-3-released/

Egidio Romano:
http://www.exploit-db.com/exploits/18655/

http://secunia.com/advisories/48550/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Hitachi IT Operations Director Unspecified Cross-Site

by Carol~ Moderator - 3/26/12 11:44 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Hitachi IT Operations Director Unspecified Cross-Site Scripting Vulnerability

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Hitachi IT Operations Director

Description:
A vulnerability has been reported in Hitachi IT Operations Director, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions 02-50-01 through 02-50-07 and 03-00 through 03-00-06.

Solution:
Update or upgrade to version 03-00-07.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory
Hitachi (English):
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-010/index.html

Hitachi (Japanese):
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-010/index.html

http://secunia.com/advisories/48555/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Hitachi IT Operations Analyzer Unspecified Cross-Site

by Carol~ Moderator - 3/26/12 11:46 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Hitachi IT Operations Analyzer Unspecified Cross-Site Scripting Vulnerability

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Hitachi IT Operations Analyzer

Description:
A vulnerability has been reported in Hitachi IT Operations Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

The vulnerability is reported in versions 02-01, 02-51 through 02-51-01, 02-53 through 02-53-02, and 03-01.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
Hitachi (English):
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-010/index.html

Hitachi (Japanese):
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-010/index.html

http://secunia.com/advisories/48556/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for openssl

by Carol~ Moderator - 3/26/12 11:50 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Moderately critical
Impact : Dos
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) of an application using the library.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0414-1:
http://lists.opensuse.org/opensuse-updates/2012-03/msg00039.html

http://secunia.com/advisories/48516/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress CMS Tree Page View Plugin "cms_tpv_view"

by Carol~ Moderator - 3/26/12 11:50 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

WordPress CMS Tree Page View Plugin "cms_tpv_view" Cross-Site Scripting Vulnerability

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: WordPress CMS Tree Page View Plugin 0.x

Description:
High-Tech Bridge SA has discovered a vulnerability in the CMS Tree Page View plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "cms_tpv_view" parameter in e.g. wp-admin/edit.php (when "post_type" is set to "page" and "page" is set to "cms-tpv-page-page") is not properly sanitised within the "cms_tpv_admin_head()" function in wp-content/plugins/cms-tree-page-view/functions.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 0.8.8. Prior versions may also be affected.

Solution:
Update to version 0.8.9.

Provided and/or discovered by:
High-Tech Bridge SA

Original Advisory:
CMS Tree Page View:
http://wordpress.org/extend/plugins/cms-tree-page-view/changelog/
http://plugins.trac.wordpress.org/changeset/523576/cms-tree-page-view#file52

HTB23083:
https://www.htbridge.com/advisory/HTB23083

http://secunia.com/advisories/48510/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin "[URL]" BBCode Script Insertion Vulnerability

by Carol~ Moderator - 3/26/12 11:50 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: vBulletin 4.x

Description:
A vulnerability has been reported in vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

Input passed via "[URL]" BBCode when e.g. posting a group discussion is not properly sanitised before being used when e.g. previewing a blog post quoting the group discussion within the editor in WYSIWYG (What You See Is What You Get) mode. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerability is reported in version 4.1.11. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Flexxpoint and Sony.

Original Advisory:
Flexxpoint and Sony:
http://st2tea.blogspot.com/2012/03/vbulletin-4110-4111-cross-site.html

http://secunia.com/advisories/48506/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin vbActivity Module "reason" Script Insertion

by Carol~ Moderator - 3/26/12 11:50 AM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

vBulletin vbActivity Module "reason" Script Insertion Vulnerabilities

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: vBActivity (module for vBulletin) 3.x

Description:
Two vulnerabilities have been reported in the vbActivity module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

Input passed via the "reason" parameter to dbtech/vbactivity/actions/nominatemedal.php and to dbtech/vbactivity/actions/requestmedal.php is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerabilities are reported in vbActivity Pro versions prior to 3.0.1.

Solution:
Update to version 3.0.1.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.dragonbyte-tech.com/f4/vbactivity-vbshout-forumon-rpg-vbdownloads-vbquiz-updates-security-releases-6876/

http://secunia.com/advisories/48490/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin vbShout Module Cross-Site Scripting and Script

by Carol~ Moderator - 3/26/12 1:37 PM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

vBulletin vbShout Module Cross-Site Scripting and Script Insertion Vulnerabilities

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: vBShout (module for vBulletin) 6.x

Description:
Some vulnerabilities have been reported in the vBShout module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

1) Input passed to the "message" parameter in vbshout.php (when "do" is set to "archive" and "instanceid" is valid) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

This vulnerability is reported in versions prior to 6.0.4.

2) Input passed via the "reportreason" and "modnotes" parameters in Shout Reports is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

This vulnerability is reported in versions prior to 6.0.6.

Solution:
Update to version 6.0.6.

Provided and/or discovered by:
1) Avram Marius Gabriel.
2) Reported by the vendor.

Original Advisory:
DragonByte Technologies:
http://www.dragonbyte-tech.com/f4/vbshout-v6-0-4-security-release-6830/
http://www.dragonbyte-tech.com/f4/vbactivity-vbshout-forumon-rpg-vbdownloads-vbquiz-updates-security-releases-6876/

Avram Marius Gabriel:
http://packetstormsecurity.org/files/111160/vBulletin-vBShout-6.0.5-Cross-Site-Scripting.html

http://secunia.com/advisories/48519/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin Forumon RPG Module "monster[title]" Script

by Carol~ Moderator - 3/26/12 1:37 PM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

vBulletin Forumon RPG Module "monster[title]" Script Insertion Vulnerability

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Forumon RPG (module for vBulletin) 1.x

Description:
A vulnerability has been reported in the Forumon RPG module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

Input passed via the "monster[title]" parameter when creating a new monster not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerability is reported in versions prior to 1.0.8.

Solution:
Update to version 1.0.8.

Provided and/or discovered by:
Reported by the vendor.

http://secunia.com/advisories/48514/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin vBQuiz Module "quiz_name" Script Insertion

by Carol~ Moderator - 3/26/12 1:37 PM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

vBulletin vBQuiz Module "quiz_name" Script Insertion Vulnerability

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: vBQuiz (module for vBulletin) 1.x

Description:
A vulnerability has been reported in vBQuiz module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

Input passed via the "quiz_name" parameter to dbtech/vbquiz/includes/class_profileblock.php is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

Solution:
Update to the latest version.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.dragonbyte-tech.com/f4/vbactivity-vbshout-forumon-rpg-vbdownloads-vbquiz-updates-security-releases-6876/

http://secunia.com/advisories/48521/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin vBDownloads Module "mirrors[]" Script Insertion

by Carol~ Moderator - 3/26/12 1:39 PM

In Reply to: VULNERABILITIES / FIXES - March 26, 2012 by Carol~ Moderator

vBulletin vBDownloads Module "mirrors[]" Script Insertion Vulnerability

Release Date : 2012-03-26

Criticality level : Less critical
Impact : Unknown
Where : From remote
Solution Status : Vendor Patch

Software: vBDownloads (module for vBulletin) 1.x

Description:
A vulnerability has been reported in vBDownloads module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

Input passed via the "mirrors[]" parameter to dbtech/downloads/actions/editdownload.php is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

Solution:
Update to the latest version.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.dragonbyte-tech.com/f4/vbactivity-vbshout-forumon-rpg-vbdownloads-vbquiz-updates-security-releases-6876/

http://secunia.com/advisories/48522/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close