Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - May 14, 2012

by: Carol~ May 14, 2012 7:29 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - May 14, 2012

by Carol~ Moderator - 5/14/12 7:29 AM

GetSimple CMS "path" Cross-Site Scripting Vulnerability

Release Date : 2012-05-14

Criticality level : Less critical
Ipact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: GetSimple CMS 3.x

Description:
Chokri B.A. has discovered a vulnerability in GetSimple CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "path" parameter in admin/upload.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 3.1. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Chokri B.A., Vulnerability Research Laboratory.

Original Advisory:
http://www.vulnerability-lab.com/get_content.php?id=521

http://secunia.com/advisories/49137/


Reply
Report offensive post
Email to friend

Sockso "name" Script Insertion Vulnerability

by Carol~ Moderator - 5/14/12 8:04 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Moderately critical
Ipact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Sockso 1.x

Description:
Ciaran McNally has discovered a vulnerability in Sockso, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via the "name" parameter to /user/register is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

The vulnerability is confirmed in version 1.5.3. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
Ciaran McNally.

Original Advisory:
http://smwyg.com/blog/#sockso-persistant-xss-attack

http://secunia.com/advisories/49148/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

FreeRealty Multiple Vulnerabilities

by Carol~ Moderator - 5/14/12 8:04 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Moderately critical
Ipact : Cross Site Scripting
Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: FreeRealty 3.x

Description:
Multiple vulnerabilities have been discovered in FreeRealty, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery and SQL injection attacks.

1) Input passed via the "view" parameter to agentdisplay.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2) Input passed via the "title", "previewdesc", "fulldesc", and "notes" POST parameters to agentadmin.php when creating or updating a property listing is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

3) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site.

The vulnerabilities are confirmed in version 3.1-0.6. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised. Do not browse untrusted sites or follow untrusted links while being logged-in to the application.

Provided and/or discovered by:
the_storm via Vulnerability Laboratory Research

Original Advisory:
http://www.vulnerability-lab.com/get_content.php?id=513

http://secunia.com/advisories/49132/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Proman Xpress "cl_comments" Script Insertion Vulnerability

by Carol~ Moderator - 5/14/12 8:04 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Less critical
Ipact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Proman Xpress 5.x

Description:
A vulnerability has been reported in Proman Xpress, which can be exploited by malicious users to conduct script insertion attacks.

Input passed via the "cl_comments" parameter to client_details.php when creating a comment for a project is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

The vulnerability is reported in version 5.0.1. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
the storm via Vulnerability Research Laboratory.

Original Advisory:
http://www.vulnerability-lab.com/get_content.php?id=512

http://secunia.com/advisories/49127/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Travelon Express "hid" Two SQL Injection Vulnerabilities

by Carol~ Moderator - 5/14/12 8:05 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: Travelon Express 6.x

Description:
Two vulnerabilities have been reported in Travelon Express, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "hid" parameter to holiday.php and holiday_book.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 6.2. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
the_storm via Vulnerability Research Laboratory

Original Advisory:
http://www.vulnerability-lab.com/get_content.php?id=530

http://secunia.com/advisories/49118/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Kronolith Multiple Cross-Site Scripting Vulnerabilities

by Carol~ Moderator - 5/14/12 11:03 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Kronolith 3.x (Horde module)

Description:
Multiple vulnerabilities have been reported in Kronolith, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the tasks view and search view is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in versions prior to 3.0.17.

Solution:
Update to version 3.0.17.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
Kronolith:
http://lists.horde.org/archives/announce/2012/000766.html
https://github.com/horde/horde/commit/1228a6825a8dab3333d0a8c8986fc10d1f3d11b2

http://secunia.com/advisories/49147/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress WP-FaceThumb Plugin "pagination_wp_facethumb"

by Carol~ Moderator - 5/14/12 11:03 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

WordPress WP-FaceThumb Plugin "pagination_wp_facethumb" Cross-Site Scripting Vulnerability

Release Date : 2012-05-14

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress WP-FaceThumb Plugin 0.x

Description:
A vulnerability has been discovered in the WP-FaceThumb plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "pagination_wp_facethumb" parameter in index.php (when "p" is set to the id of the WP-FaceThumb Gallery) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 0.1. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Avram Marius Gabriel (d3v1l)

Original Advisory:
http://packetstormsecurity.org/files/112658/WordPress-WP-FaceThumb-Gallery-0.1-Cross-Site-Scripting.html

http://secunia.com/advisories/49143/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

NetBill Script Insertion and Cross-Site Request Forgery

by Carol~ Moderator - 5/14/12 11:03 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

NetBill Script Insertion and Cross-Site Request Forgery Vulnerabilities

Release Date : 2012-05-14

Criticality level : Less critical
Impact : Cross Site Scripting
Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: NetBill 1.x

Description:
Two vulnerabilities have been reported in NetBill, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

1) Input passed via the "comment" parameter to accounts/index2.php when posting a support request is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add a new account by tricking a logged in administrator into visiting a malicious web site.

The vulnerabilities are reported in version 1.2. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a proxy. Do not browse untrusted sites or follow untrusted links while being logged-in to the application.

Provided and/or discovered by:
the_storm via Vulnerability Laboratory Research

Original Advisory:
http://www.vulnerability-lab.com/get_content.php?id=560

http://secunia.com/advisories/49109/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for ffmpeg

by Carol~ Moderator - 5/14/12 11:03 AM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Highly critical
Impact : System access
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for ffmpeg. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2471-1:
http://www.debian.org/security/2012/dsa-2471

http://secunia.com/advisories/49089/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Sympa Multiple Security Bypass Vulnerabilities

by Carol~ Moderator - 5/14/12 1:13 PM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Moderately critical
Impact : Security Bypass
Where : From remote
Solution Status : Vendor Patch

Software: Sympa 6.x

Description:
Multiple vulnerabilities have been reported in Sympa, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerabilities are caused due to the application allowing access to archive functions without checking credentials. This can be exploited to create, download, and delete an archive.

The vulnerabilities are reported in versions prior to 6.1.11.

Solution:
Update to version 6.1.11.

Original Advisory:
http://www.sympa.org/distribution/latest-stable/NEWS
http://www.openwall.com/lists/oss-security/2012/05/11/8

http://secunia.com/advisories/49045/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Hitachi IT Operations Director Cross-Site Scripting and

by Carol~ Moderator - 5/14/12 1:13 PM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Hitachi IT Operations Director Cross-Site Scripting and Denial of Service Vulnerabilities

Release Date : 2012-05-14

Criticality level : Less critical
Impact : Cross Site Scripting
DoS
Where : From remote
Solution Status : Vendor Patch

Software: Hitachi IT Operations Director

Description:
Two vulnerabilities have been reported in Hitachi IT Operations Director, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) An unspecified error can be exploited to cause a crash. No further information is currently available.

The vulnerabilities are reported in versions 02-50-01 through 02-50-07 and 03-00 through 03-00-07.

Solution:
Update or upgrade to version 03-00-08.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HS12-014:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-014/index.html

http://secunia.com/advisories/49144/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Hitachi COBOL GUI Run Time System Code Execution

by Carol~ Moderator - 5/14/12 1:17 PM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Hitachi COBOL GUI Run Time System Code Execution Vulnerability

Release Date : 2012-05-14

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Hitachi COBOL GUI Run Time System 6.x
Hitachi COBOL GUI Run Time System 7.x
Hitachi COBOL GUI Run Time System 8.x
Hitachi COBOL GUI Server Run Time System 6.x
Hitachi COBOL GUI Server Run Time System 7.x
Hitachi COBOL GUI Server Run Time System 8.x

Description:
A vulnerability has been reported in Hitachi COBOL GUI Run Time System and Hitachi COBOL Server GUI Run Time System, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error. No further information is currently available.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions 06-00, 06-01 through 06-01-/A, 07-00, 07-01 through 07-01-/A, and 08-00 through 08-00-/A.

Solution:
Update or upgrade to version 07-01-/B or 08-00-/B.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HS12-013:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-013/index.html

http://secunia.com/advisories/49158/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Smarty "smarty_function_html_options_optoutput()" Cross-Site

by Carol~ Moderator - 5/14/12 1:18 PM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Smarty "smarty_function_html_options_optoutput()" Cross-Site Scripting Vulnerability

Release Date : 2012-05-14

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Partial Fix

Software: Smarty 3.x

Description:
A vulnerability has been reported in Smarty, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain input is not properly sanitised in the "smarty_function_html_options_optoutput()" function in distribution/libs/plugins/function.html_options.php before being returned to the user. This can potentially be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in version 3.1.8. Other versions may also be affected.

Solution:
Fixed in the SVN repository.

Provided and/or discovered by:
Reported by ikehiroki in a bug report.

Original Advisory:
http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt
http://code.google.com/p/smarty-php/issues/detail?id=98&can=1

http://secunia.com/advisories/49164/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM WebSphere Application Server for z/OS Unspecified

by Carol~ Moderator - 5/14/12 1:19 PM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

IBM WebSphere Application Server for z/OS Unspecified Vulnerability

Release Date : 2012-05-14

Criticality level : Moderately critical
Impact : Unknown
Where : From remote
Solution Status : Vendor Patch

Software: IBM WebSphere Application Server 7.0.x

Description:
A vulnerability with unknown impact has been reported in IBM WebSphere Application Server for z/OS.

The vulnerability is reported in versions prior to 7.0.0.23.

Solution:
Update to version 7.0.0.23 (Fix Pack 23).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
IBM (PM45181):
http://www.ibm.com/support/docview.wss?uid=swg1PM53810

http://secunia.com/advisories/49078/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for wordpress

by Carol~ Moderator - 5/14/12 1:24 PM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Release Date : 2012-05-14

Criticality level : Moderqately critical
Impact : Security Bypass
Cross Site Scripting
Exposure of system information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for wordpress. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to conduct script insertion and cross-site scripting attacks, disclose sensitive information, and cause a DoS (Denial of Service).

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2670-1:
http://www.debian.org/security/2012/dsa-2470

http://secunia.com/advisories/49138/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Hitachi IT Operations Director Cross-Site Scripting

by Carol~ Moderator - 5/14/12 2:08 PM

In Reply to: VULNERABILITIES / FIXES - May 14, 2012 by Carol~ Moderator

Hitachi IT Operations Director Cross-Site Scripting and Denial of Service Vulnerabilities

Release Date : 2012-05-14

Criticality level : Less critical
Impact : Cross Site Scripting
DoS
Where : From remote
Solution Status : Vendor Patch

Software: Hitachi IT Operations Director

Description:
Two vulnerabilities have been reported in Hitachi IT Operations Director, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) An unspecified error can be exploited to cause a crash. No further information is currently available.

The vulnerabilities are reported in versions 02-50-01 through 02-50-07 and 03-00 through 03-00-07.

Solution:
Update or upgrade to version 03-00-08.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HS12-014:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-014/index.html

http://secunia.com/advisories/49144/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close