Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - April 06, 2012

by: Carol~ April 6, 2012 7:22 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - April 06, 2012

by Carol~ Moderator - 4/6/12 7:22 AM

Novell iManager jclient "EnteredAttrName" Buffer Overflow Vulnerability

Release Date : 2012-04-06

Criticality level : Moderately critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software: Novell iManager 2.x

Description:
A vulnerability has been reported in Novell iManager, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

The vulnerability is caused due to an error in jclient when handling the "EnteredAttrName" parameter and can be exploited to cause a buffer overflow via the "Create Attribute" function in the web interface.

The vulnerability is reported in versions prior to 2.7.4 patch 4.

Solution:
Update to version 2.7.4 patch 4.

Provided and/or discovered by:
The vendor credits Beyond Security.

Original Advisory:
Novell:
http://www.novell.com/support/viewContent.do?externalId=7002971

http://secunia.com/advisories/48672/


Reply
Report offensive post
Email to friend

Google Chrome Multiple Vulnerabilities

by Carol~ Moderator - 4/6/12 7:23 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Highly critical
Impact : Unknown
Security Bypass
System access
Where : From remote
Solution Status : Vendor Patch

Software: Google Chrome 18.x

Description:
Multiple vulnerabilities have been reported in Google Chrome where some have unknown impacts while others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) Two unspecified errors in Flash Player can be exploited to corrupt memory in the Chrome interface.

2) An out-of-bounds read error exists when handling Skia clipping.

3) An error exists within the cross-origin policy when handling iframe replacement.

4) A use-after-free error exists when handling run-ins.

5) A use-after-free error exists when handling line boxes.

6) A use-after-free error exits when handling v8 bindings.

7) A use-after-free error exits when handling HTMLMediaElement.

8) An error exists within the cross-origin policy when parenting pop-up windows.

9) A use-after-free error exists when handling SVG resources.

10) A use-after-free error exists when handling media content.

11) A use-after-free error exists when applying style commands.

12) A use-after-free error exists when handling focus events.

13) A read-after-free error exists within script bindings.

The vulnerabilities are reported in versions prior to 18.0.1025.151.

Solution:
Update to version 18.0.1025.151.

Provided and/or discovered by:
The vendor credits:
2, 4, 5, 11, 12) miaubiz
3, 8) Sergey Glazunov
6) SkyLined, Google Chrome Security Team
7) pa_kt via ZDI
9) Arthur Gerkis
10) Slawomir Blazek
13) Inferno, Google Chrome Security Team

Original Advisory:
http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html

http://secunia.com/advisories/48732/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for libpng

by Carol~ Moderator - 4/6/12 7:28 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 10.04
Ubuntu Linux 10.10
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 8.04

Description:
Ubuntu has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

Solution:
Apply updated packages.

Original Advisory:
USN-1417-1:
http://www.ubuntu.com/usn/usn-1417-1

http://secunia.com/advisories/48721/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for gnutls26

by Carol~ Moderator - 4/6/12 7:28 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Highly critical
Impact : System access
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 10.04
Ubuntu Linux 10.10
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 8.04

Description:
Ubuntu has issued an update for gnutls26. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

Solution:
Apply updated packages.

Original Advisory:
USN-1418-1:
http://www.ubuntu.com/usn/usn-1418-1

http://secunia.com/advisories/48712/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for nginx-1.0

by Carol~ Moderator - 4/6/12 7:28 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Not critical
Impact : Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for nginx-1.0. This fixes a weakness, which can be exploited by malicious people to disclose certain sensitive information.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0469-1:
http://lists.opensuse.org/opensuse-updates/2012-04/msg00021.html

http://secunia.com/advisories/48698/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Siemens Scalance X Switches HTTP Request Handling Denial

by Carol~ Moderator - 4/6/12 7:28 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Siemens Scalance X Switches HTTP Request Handling Denial of Service

Release Date : 2012-04-06

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Operating System: Siemens Scalance X-300 Series Switches
Siemens Scalance X-400 Series Switches

Description:
A vulnerability has been reported in Siemens Scalance X Switches, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the embedded web server when handling HTTP requests. This can be exploited to cause the device to reboot via a specially crafted request sent to the administrative web interface.

The following models are affected:
* Scalance X414-3E
* Scalance X308-2M
* Scalance X-300EEC
* Scalance XR-300
* Scalance X-300

Solution:
Update to firmware version 3.7.1 for Scalance X414-3E and version 3.7.2 for all other affected Scalance X switches.

Provided and/or discovered by:
The vendor credits Jurgen Bilberger, Daimler TSS GmbH.

Original Advisory:
Siemens SSA-130874:
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-130874.pdf

http://secunia.com/advisories/48730/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Siemens Scalance Firewall Two Vulnerabilities

by Carol~ Moderator - 4/6/12 7:29 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Brute Force
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: Siemens Scalance S Security Modules

Description:
A vulnerability and a weakness have been reported in Siemens Scalance Firewall, which can be exploited by malicious people to conduct brute-force attacks or cause a DoS (Denial of Service).

1) Missing enforcement of time delays between failed logon attempts to the web configuration interface allows probing a high number of passwords within short time, making brute-force attacks more effective.

2) An error in the handling of the Profinet DCP protocol can be exploited via a specially crafted DCP frame to cause the firewall to become unresponsive and interrupt established VPN tunnels.

The vulnerability and weakness are reported in the following devices:
* Scalance S602 V2
* Scalance S612 V2
* Scalance S613 V2

Solution:
Update to firmware version 2.3.0.3.

Provided and/or discovered by:
The vendor credits Adam Hahn and Manimaran Govindarasu, Iowa State University.

Original Advisory:
Siemens SSA-268149:
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdf

http://secunia.com/advisories/48680/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

GENU "article_id" SQL Injection Vulnerability

by Carol~ Moderator - 4/6/12 7:30 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: GENU

Description:
A vulnerability has been discovered in GENU, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "article_id" parameter to articles/read.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 2012.3. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
hordcode security

Original Advisory:
http://www.exploit-db.com/exploits/18708/

http://secunia.com/advisories/48701/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for php5

by Carol~ Moderator - 4/6/12 7:31 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: SUSE Linux Enterprise Server (SLES) 11

Description:
SUSE has issued an update for php5. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
SUSE-SU-2012:0472-1:
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html

http://secunia.com/advisories/48726/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

slock "XRaiseWindow()" Handling Lock Screen Bypass Weakness

by Carol~ Moderator - 4/6/12 7:32 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Not critical
Impact : Security Bypass
Where : Local system
Solution Status : Vendor Workaround

Software: slock 0.x

Description:
A weakness has been reported in slock, which can be exploited by malicious people with physical access to bypass certain security restrictions.

The weakness is caused due to an error when handling a "XRaiseWindow()" event on a locked screen. This can be exploited to view the current active window and potentially gain access to sensitive information.

Solution:
Fixed in the Mercurial repository.

Provided and/or discovered by:
Longpoke in a Gentoo bug.

Original Advisory:
https://bugs.gentoo.org/show_bug.cgi?id=401645

http://secunia.com/advisories/48700/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

QuickBooks Help System Protocol Handler File Disclosure

by Carol~ Moderator - 4/6/12 7:32 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

QuickBooks Help System Protocol Handler File Disclosure and Buffer Overflow Vulnerabilities

Release Date : 2012-04-06

Criticality level : Highly critical
Impact : Exposure of sensitive information
System access
Where : From remote
Solution Status : Unpatched

Software: QuickBooks 2008
QuickBooks 2010
QuickBooks 2011 12.x
QuickBooks 2012

Description:
Derek Soeder has reported two vulnerabilities in QuickBooks, which can be exploited by malicious people to disclose sensitive information and potentially compromise a user's system.

1) An error within the Help System protocol handler "intu-help-qb5://" in HelpAsyncPluggableProtocol.dll when handling certain archives (e.g. ZIP) can be exploited to disclose their files.

2) An error within the Help System protocol handler "intu-help-qb5://" in HelpAsyncPluggableProtocol.dll when decoding a URL can be exploited to cause a heap-based buffer overflow.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities are reported in versions 2008 through 2012.

Solution:
Filter malicious characters and character sequences in a proxy. The vendor plans to release a fix at the end of April 2012.

Provided and/or discovered by:
Derek Soeder

Original Advisory:
Derek Soeder:
http://seclists.org/bugtraq/2012/Mar/171
http://seclists.org/bugtraq/2012/Mar/170

http://secunia.com/advisories/48686/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Sony BRAVIA TV Datagram Flooding Denial of Service

by Carol~ Moderator - 4/6/12 7:47 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Dos
Where : From local network
Solution Status : Unpatched

Operating System: Sony BRAVIA TV CX Series

Description:
A vulnerability has been reported in Sony BRAVIA TV, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling datagrams and can be exploited to cause a device to stop responding and eventually shut down via a flooding attack.

The vulnerability is reported in KDL-32CX525. Other versions may also be affected.

Solution:
No fix is currently available.

Provided and/or discovered by:
Gabriel Menezes Nunes

Original Advisory:
Gabriel Menezes Nunes:
http://archives.neohapsis.com/archives/bugtraq/2012-04/0043.html

http://secunia.com/advisories/48705/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

eGroupware "menuaction" Cross-Site Scripting Vulnerability

by Carol~ Moderator - 4/6/12 7:50 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: eGroupWare 1.x

Description:
A vulnerability has been reported in eGroupware, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "menuaction" parameter to etemplate/process_exec.php is not properly sanitised in phpgwapi/inc/common_functions_inc.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in version 1.8.002. Prior versions may also be affected.

Solution:
Update to version 1.8.004.20120405.

Provided and/or discovered by:
Marcos Garcia (@artsweb)

http://secunia.com/advisories/48703/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Joomla! VirtueMart Component "virtuemart_userinfo_id" SQL

by Carol~ Moderator - 4/6/12 7:50 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Joomla! VirtueMart Component "virtuemart_userinfo_id" SQL Injection Vulnerability

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: VirtueMart 2.x (component for Joomla!)

Description:
A vulnerability has been discovered in the VirtueMart component for Joomla!, which can be exploited by malicious users to conduct SQL injection attacks.

Input passed via the "virtuemart_userinfo_id" POST parameter to index.php/virtue-mart-edit-address (when "option" is set to "com_virtuemart") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability has been confirmed in version 2.0.2. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
renangbarreto

Original Advisory:
http://forum.virtuemart.net/index.php?topic=99999.0

http://secunia.com/advisories/48713/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Airtime Multiple Vulnerabilities

by Carol~ Moderator - 4/6/12 10:23 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Moderately critical
Impact : Unknown
Where : From remote
Solution Status : Vendor Patch

Software: Airtime 2.x

Description:
Multiple vulnerabilities with unknown impacts have been reported in Airtime.

The vulnerabilities are caused due to errors when handling pypo and monit permissions. No further information is currently available.

The vulnerabilities are reported in versions prior to 2.0.3.

Solution:
Update to version 2.0.3.

Provided and/or discovered by:
Reported by the vendor.

http://secunia.com/advisories/48711/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin Two Script Insertion Vulnerabilities

by Carol~ Moderator - 4/6/12 10:24 AM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Release Date : 2012-04-06

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: vBulletin 4.x

Description:
Two vulnerabilities have been reported in vBulletin, which can be exploited by malicious people to conduct script insertion attacks.

Certain unspecified input is not properly sanitised in clientscript/ckeplugins/bbcode/plugin.js and clientscript/ckeditor/ckeditor.js before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerabilities are reported in versions 4.1.4 through 4.1.11.

Solution:
Install patch. Please see vendor's advisory for more information.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
https://www.vbulletin.com/forum/showthread.php/398716-vBulletin-Security-Patch-for-vBulletin-4-1-4-4-1-11-for-Suite-amp-Forum-03-23-2012

http://secunia.com/advisories/48541/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Zend Optimizer Insecure Permissions Privilege Escalation

by Carol~ Moderator - 4/6/12 1:03 PM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Zend Optimizer Insecure Permissions Privilege Escalation Security Issue

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Privilege Escalation
Where : Local system
Solution Status : Vendor Patch

Software: Zend Optimizer 3.x

Description:
Gjoko Krstic has reported a security issue in Zend Optimizer, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application setting insecure file system permissions on ZendExtensionManager.dll and ZendOptimizer.dll, which can be exploited to overwrite the files and gain escalated privileges.

The security issue is reported in versions 3.3.3 and prior running on Windows.

Solution:
The vendor has released an updated version 3.3.3.

Provided and/or discovered by:
Gjoko Krstic, Zero Science Lab.

Original Advisory:
Gjoko Krstic:
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5083.php

Zend:
http://static.zend.com/topics/Zend-Optimizer-3.3.3-Release-Notes-V2.txt

http://secunia.com/advisories/48642/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Quest Connection Broker Client ActiveX Control

by Carol~ Moderator - 4/6/12 1:04 PM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Quest Connection Broker Client ActiveX Control "SaveMiniLaunchFile()" Insecure Method

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: Quest Connection Broker Client ActiveX Control (pnllmcli.dll) 7.x
Quest vWorkspace 7.x

Description:
Andrea Micalizzi has discovered a vulnerability in Quest Connection Broker Client ActiveX Control, which can be exploited by malicious people to manipulate certain data.

The vulnerability is caused due to the insecure "SaveMiniLaunchFile()" method allowing arbitrary paths to be supplied as the "pFileName" argument. This can be exploited to create or overwrite arbitrary files on a user's system.

The vulnerability is confirmed in version 7.5.304.547 bundled with Quest vWorkspace 7.5. Other versions may also be affected.

Solution:
Set the kill-bit for the affected ActiveX control.

Provided and/or discovered by:
Andrea Micalizzi (rgod)

Original Advisory:
http://retrogod.altervista.org/9sg_quest_vworkspace_poc.htm

http://secunia.com/advisories/48674/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Quest Explain Plan Display ActiveX Control "SaveToFile()"

by Carol~ Moderator - 4/6/12 1:05 PM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Quest Explain Plan Display ActiveX Control "SaveToFile()" Insecure Method

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: Quest Explain Plan Display ActiveX Control (QExplain2.dll) 6.x
Quest Toad for Oracle 11.x

Description:
Andrea Micalizzi has discovered a vulnerability in Quest Explain Plan Display ActiveX Control, which can be exploited by malicious people to manipulate certain data.

The vulnerability is caused due to the insecure "SaveToFile()" method allowing arbitrary paths to be supplied as the "FileName" argument. This can be exploited to create or overwrite arbitrary files on a user's system.

The vulnerability is confirmed in version 6.6.1.1115 bundled with Quest Toad Development Suite for Oracle 11.0R2. Other versions may also be affected.

Solution:
Set the kill-bit for the affected ActiveX control.

Provided and/or discovered by:
Andrea Micalizzi (rgod)

Original Advisory:
http://retrogod.altervista.org/9sg_quest_toad_poc.htm

http://secunia.com/advisories/48681/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Arbor Peakflow SP Login Interface Cross-Site Scripting

by Carol~ Moderator - 4/6/12 1:06 PM

In Reply to: VULNERABILITIES / FIXES - April 06, 2012 by Carol~ Moderator

Arbor Peakflow SP Login Interface Cross-Site Scripting Vulnerability

Release Date : 2012-04-06

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Operating System: Arbor Peakflow SP

Description:
b.saleh has reported a vulnerability in Arbor Peakflow SP, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input appended to the URL after index/ in the login interface is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions prior to SP 5.6, SP 5.5p5, and SP 5.1.1p5.

Solution:
Update to version SP 5.6, SP 5.5p5, or SP 5.1.1p5.

Provided and/or discovered by:
b.saleh

Original Advisory:
http://archives.neohapsis.com/archives/bugtraq/2012-04/0019.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0036.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0037.html

http://secunia.com/advisories/48728/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close