Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - August 09, 2012

by: Carol~ August 9, 2012 8:25 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - August 09, 2012

by Carol~ Moderator - 8/9/12 8:25 AM

Google Chrome PDF Viewer Two Vulnerabilities

Release Date : 2012-08-09

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Google Chrome 21.x

Description:
Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

1) A use-after-free error exists within the PDF viewer.

2) An out-of-bounds write error exists within the PDF viewer.

The vulnerabilities are reported in versions prior to 21.0.1180.75.

Solution:
Update to version 21.0.1180.75.

Provided and/or discovered by:
The vendor credits Mateusz Jurczyk and Gynvael Coldwind, Google Security Team

Original Advisory:
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update.html

http://secunia.com/advisories/50222/


Reply
Report offensive post
Email to friend

AXIGEN Mail Server Script Insertion Vulnerability

by Carol~ Moderator - 8/9/12 8:29 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: AXIGEN Mail Server 8.x

Description:
A vulnerability has been discovered in AXIGEN Mail Server, which can be exploited by malicious people to conduct script insertion attacks.

Input passed within e-mail messages is not properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when a malicious e-mail message is opened in the web mail interface.

Successful exploitation requires that the recipient uses Internet Explorer.

The vulnerability is confirmed in version 8.0.3. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security

Original Advisory:
http://www.exploit-db.com/exploits/20348/

http://secunia.com/advisories/50062/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Better Revisions Module Script Insertion

by Carol~ Moderator - 8/9/12 8:29 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Drupal Better Revisions Module Script Insertion Vulnerability

Release Date : 2012-08-09

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Drupal Better Revisions Module 7.x

Description:
A vulnerability has been reported in the Better Revisions module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

Successful exploitation requires the "administer better revisions" permissions.

The vulnerability is reported in 7.x-1.x versions prior to 7.x-1.1.

Solution:
Update to version 7.x-1.1.

Provided and/or discovered by:
The vendor credits Klaus Purer, Drupal Security Team

Original Advisory:
DRUPAL-SA-CONTRIB-2012-122:
http://drupal.org/node/1719402

http://secunia.com/advisories/50179/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Shorten URLs Module Script Insertion Vulnerability

by Carol~ Moderator - 8/9/12 8:29 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Drupal Shorten URLs Module 6.x
Drupal Shorten URLs Module 7.x

Description:
A vulnerability has been reported in the Shorten URLs module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

Certain input when creating shortened URLs is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

Successful exploitation requires the "use Shorten URLs page" permission, the "Record Shortened URLs" submodule to be installed, and the "Views" module not to be installed.

The vulnerability is reported in 6.x-1.x versions prior to 6.x-1.13 and 7.x-1.x versions prior to 7.x-1.2.

Solution:
Update to version 6.x-1.13 or 7.x-1.2.

Provided and/or discovered by:
The vendor credits Zach Alexander and Justin Klein Keane.

Original Advisory:
SA-CONTRIB-2012-121:
http://drupal.org/node/1719392

http://secunia.com/advisories/50182/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for webkit

by Carol~ Moderator - 8/9/12 8:29 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for webkit. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

Solution:
Apply updated packages.

http://secunia.com/advisories/50219/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for JBoss Enterprise SOA Platform

by Carol~ Moderator - 8/9/12 8:32 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: JBoss Enterprise SOA Platform 5.x

Description:
Red Hat has issued an update for JBoss Enterprise SOA Platform. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site request forgery attacks.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. perform certain operations on MBeans and potentially execute arbitrary code when a logged-in JMX Console user visits a specially crafted web page.

Solution:
Updated packages are available via Red Hat Network.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
RHSA-2012:1152-1:
https://rhn.redhat.com/errata/RHSA-2012-1152.html

http://secunia.com/advisories/50230/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for kernel-rt

by Carol~ Moderator - 8/9/12 8:32 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date: 2012-08-09

Criticality level : Not critical
Impact : DoS
Where : Local system
Solution Status : Vendor Patch

Software: Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 6)

Description:
Red Hat has issued an update for kernel-rt. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1150-01:
https://rhn.redhat.com/errata/RHSA-2012-1150.html

http://secunia.com/advisories/50231/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Joomla! En Masse Component Remote File Inclusion

by Carol~ Moderator - 8/9/12 8:32 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Joomla! En Masse Component Remote File Inclusion Vulnerability

Release Date : 2012-08-09

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: En Masse 3.x (component for Joomla!)

Description:
A vulnerability has been reported in the En Masse component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

Certain unspecified input is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.

The vulnerability is reported in versions prior to 3.1.3.

Solution:
Update to version 3.1.3.

Provided and/or discovered by:
The vendor credits Joomla! Extension Dictionary (JED)

Original Advisory:
http://www.matamko.com/news-update/14-en-masse-releases/142-announcement-for-security-release-enmasse-313.html

http://secunia.com/advisories/50220/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Mime Mail Module File Attachment Security Bypass

by Carol~ Moderator - 8/9/12 8:33 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Drupal Mime Mail Module File Attachment Security Bypass Security Issue

Release Date : 2012-08-09

Criticality level : Less critical
Impact : Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch

Software: Drupal Mime Mail Module 6.x

Description:
A security issue has been reported in the Mime Mail module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

The security issue is caused due to the application not validating permissions when attaching files and can be exploited to attach and disclose arbitrary files within the webroot.

The security issue is reported in 6.x-1.x versions prior to 6.x-1.1.

Solution:
Update to version 6.x-1.1.

Provided and/or discovered by:
The vendor credits joglin

Original Advisory:
SA-CONTRIB-2012-124:
http://drupal.org/node/1719482

http://secunia.com/advisories/50170/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Postie Plugin Email Script Insertion Vulnerability

by Carol~ Moderator - 8/9/12 8:33 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress Postie Plugin 1.x

Description:
loneferret has reported a vulnerability in the Postie plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via an email is not properly sanitised before being used when checking for mail. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerability is reported in version 1.4.3. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security.

Original Advisory:
Offensive Security:
http://www.exploit-db.com/exploits/20360/

http://secunia.com/advisories/50207/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Chaos tool suite Module CSS Import Statement File

by Carol~ Moderator - 8/9/12 8:51 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Drupal Chaos tool suite Module CSS Import Statement File Disclosure Vulnerability

Release Date : 2012-08-09

Criticality level : Less critical
Impact : Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch

Software: Drupal Chaos tool suite Module 6.x
Drupal Chaos tool suite Module 7.x

Description:
A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information.

Certain input passed via CSS import statements is not properly verified before being used to display files. This can be exploited to e.g. disclose the contents of the settings.php file.

Successful exploitation requires permissions to place custom CSS into a field.

The vulnerability is reported in versions prior to 6.x-1.9 and prior to 7.x-1.1.

Solution:
Update to versions 6.x-1.9 or 7.x-1.1.

Provided and/or discovered by:
The vendor credits Casey.

Original Advisory:
SA-CONTRIB-2012-125:
http://drupal.org/node/1719548

http://secunia.com/advisories/50168/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

EMC Lifeline Shares Access Security Bypass Security Issue

by Carol~ Moderator - 8/9/12 9:16 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Less critical
Impact : Security Bypass
Where : From remote
Solution Status : Vendor Patch

Operating System: EMC Lifeline 2.x
EMC Lifeline 3.x

Description:
A security issue has been reported in EMC Lifeline, which can be exploited by malicious people to bypass certain security restrictions.

The security issue is caused due to the appliance not properly validating access rights and can be exploited to gain access to otherwise restricted shares.

Successful exploitation requires that remote access including port-forwarding is enabled.

Please see the vendor's advisory for a list of affected versions.

Solution:
Update to a fixed version (please see the vendor's advisory for details).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
ESA-2012-031
http://archives.neohapsis.com/archives/bugtraq/2012-08/att-0056/ESA-2012-031.txt

http://secunia.com/advisories/50232/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WinWebMail Server HTML Mail Script Insertion Vulnerability

by Carol~ Moderator - 8/9/12 9:16 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

oftware: WinWebMail Server 3.x

Description:
A vulnerability has been discovered in WinWebMail Server, which can be exploited by malicious people to conduct script insertion attacks.

Input passed within HTML e-mail messages is not properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when a malicious e-mail message is opened in the web mail interface.

The vulnerability is confirmed in version 3.8.1.6. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security

Original Advisory:
http://www.exploit-db.com/exploits/20366/

http://secunia.com/advisories/50213/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SurgeMail HTML Mail Script Insertion Vulnerability

by Carol~ Moderator - 8/9/12 9:16 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: SurgeMail 6.x

Description:
A vulnerability has been discovered in SurgeMail, which can be exploited by malicious people to conduct script insertion attacks.

Input passed within HTML e-mail messages is not properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when a malicious e-mail message is opened in the web mail interface.

The vulnerability is confirmed in version 6.1c-1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security

Original Advisory:
http://www.exploit-db.com/exploits/20363/

http://secunia.com/advisories/50210/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress SimpleMail Plugin Email Fields Script Insertion

by Carol~ Moderator - 8/9/12 9:16 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

WordPress SimpleMail Plugin Email Fields Script Insertion Vulnerabilities

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress SimpleMail Plugin 1.x

Description:
loneferret has reported some vulnerabilities in the SimpleMail plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via the "To", "From", "Date", and "Subject" fields of an email is not properly sanitised before being used to display emails. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerabilities are reported in version 1.0.6. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security

Original Advisory:
Offensive Security:
http://www.exploit-db.com/exploits/20361/

http://secunia.com/advisories/50208/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SmarterMail HTML Mail Script Insertion Vulnerability

by Carol~ Moderator - 8/9/12 9:37 AM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: SmarterMail 10.x

Description:
A vulnerability has been discovered in SmarterMail, which can be exploited by malicious people to conduct script insertion attacks.

Input passed within HTML e-mail messages is not properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when a malicious e-mail message is opened in the web mail interface.

Successful exploitation requires that the victim user is running a browser which executes certain JavaScript statements from CSS (e.g. Internet Explorer).

The vulnerability is confirmed in version 10.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security

Original Advisory:
http://www.exploit-db.com/exploits/20362/

http://secunia.com/advisories/50209/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

EmailArchitect Email Server Script Insertion Vulnerability

by Carol~ Moderator - 8/9/12 12:04 PM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: EmailArchitect Email Server 10.x

Description:
A vulnerability has been discovered in EmailArchitect Email Server, which can be exploited by malicious people to conduct script insertion attacks.

Input passed within HTML e-mail messages is not properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when a malicious e-mail message is opened in the web mail interface.

Successful exploitation requires that the victim user is running a browser which executes certain JavaScript statements from CSS (e.g. Internet Explorer).

The vulnerability is confirmed in version 10.0.0.3. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security

Original Advisory:
http://www.exploit-db.com/exploits/20349/

http://secunia.com/advisories/50203/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

TYPO3 powermail Extension Multiple Vulnerabilities

by Carol~ Moderator - 8/9/12 12:04 PM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Manipulation of data
System access
Where : From remote
Solution Status : Vendor Patch

Software: powermail (extension for TYPO3) 1.x

Description:
Some vulnerabilities have been reported in the powermail extension for TYPO3, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and SQL injection attacks.

1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

3) Certain unspecified input related to a TYPO3 backend editor is not properly verified before being used. This can be exploited to execute arbitrary PHP code.

Successful exploitation of this vulnerability requires access permissions to a TYPO3 backend editor.

The vulnerabilities are reported in version 1.6.8 and prior.

Solution:
Update to version 1.6.9.

Provided and/or discovered by:
Reported by the vendor and the vendor additionally credits Helmut Hummel, TYPO3 Security Team.

Original Advisory:
TYPO3-EXT-SA-2012-011:
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-011/

http://secunia.com/advisories/50227/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ManageEngine Service Desk Plus Email Body Script Insertion

by Carol~ Moderator - 8/9/12 2:27 PM

In Reply to: VULNERABILITIES / FIXES - August 09, 2012 by Carol~ Moderator

ManageEngine Service Desk Plus Email Body Script Insertion Vulnerability

Release Date : 2012-08-09

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: ManageEngine ServiceDesk Plus 8.x

Description:
loneferret has discovered a vulnerability in ManageEngine Service Desk Plus, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via the body of an email is not properly sanitised before being used in requests. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerability is confirmed in version 8.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret, Offensive Security.

Original Advisory:
Offensive Security:
http://www.exploit-db.com/exploits/20356/

http://secunia.com/advisories/50198/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close