Ad: Check out the Canon EOS 5D Mark III
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - September 13, 2012

by: Carol~ September 13, 2012 6:31 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - September 13, 2012

by Carol~ Moderator - 9/13/12 6:31 AM

Apple iTunes Multiple WebKit Vulnerabilities

Release Date : 2012-09-13

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Apple iTunes 10.x

Description:
Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.

1) Some unspecified errors exist within the WebKit component. No further information is currently available.

2) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit.

The vulnerabilities are reported in versions prior to 10.7.

Solution:
Update to version 10.7.

Provided and/or discovered by:
1) Reported by the vendor.

The vendor also credits Skylined, Martin Barbella, Cris Neckar, Abhishek Arya, Dominic Cooney, Julien Chaffraix of Google Chrome Security Team and kuzzcc.

Original Advisory:
APPLE-SA-2012-09-12-1:
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html

http://secunia.com/advisories/50618/


Reply
Report offensive post
Email to friend

ISC BIND Resource Record Denial of Service Vulnerability

by Carol~ Moderator - 9/13/12 6:59 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Software: ISC BIND 9.6.x
ISC BIND 9.7.x
ISC BIND 9.8.x
ISC BIND 9.9.x

Description:
A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an assertion error when processing resource records having RDATA greater than 65535 bytes. This can be exploited to e.g. crash a recursive server via a query that requests a record from an authoritative server.

Please see the vendor's advisory for a list of affected versions.

Solution:
Apply patches or update to a fixed release (please see the vendor's advisory for details).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
https://kb.isc.org/article/AA-00778/74

http://secunia.com/advisories/50610/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ISC DHCP IPv6 Lease Expiration Handling Denial of Service

by Carol~ Moderator - 9/13/12 6:59 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

ISC DHCP IPv6 Lease Expiration Handling Denial of Service Security Issue

Release Date : 2012-09-13

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Software: ISC DHCP 4.1.x
ISC DHCP 4.2.x

Description:
A security issue has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).

The security issue is caused due to an error when handling the expiration time of an active IPv6 lease and may result in a server crash if the lease time is reduced.

The security issue is reported in versions 4.1.x and 4.2.x.

Solution:
Update to version 4.1-ESV-R7 or 4.2.4-P2.

Provided and/or discovered by:
The vendor credits Glen Eustace, Massey University of New Zealand.

Original Advisory:
https://kb.isc.org/article/AA-00779/75

http://secunia.com/advisories/50612/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Mass Contact Module Email Permissions Security Bypass

by Carol~ Moderator - 9/13/12 6:59 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Drupal Mass Contact Module Email Permissions Security Bypass Vulnerability

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Security Bypass
Where : From remote
Solution Status : Vendor Patch

Software: Drupal Mass Contact Module 6.x

Description:
A vulnerability has been reported in the Mass Contact module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to the module not checking certain permissions before sending emails and can be exploited to e.g. change the sender email or allow HTML in emails.

The vulnerability is reported in versions prior to 6.x-1.2.

Solution:
Update to version 6.x-1.2.

Provided and/or discovered by:
The vendor credits Michael Orlitzky

Original Advisory:
SA-CONTRIB-2012-141:
http://drupal.org/node/1782832

http://secunia.com/advisories/50546/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Inf08 Theme Taxonomy Vocabulary Names Script

by Carol~ Moderator - 9/13/12 6:59 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Drupal Inf08 Theme Taxonomy Vocabulary Names Script Insertion Vulnerability

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Drupal Inf08 Theme 6.x

Description:
A vulnerability has been reported in the Inf08 theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

Certain input related to taxonomy vocabulary names is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

Successful exploitation requires the "administer taxonomy" permission.

The vulnerability is reported in versions prior to 6.x-1.10.

Solution:
Update to version 6.x-1.10.

Provided and/or discovered by:
The vendor credits Justin C. Klein Keane

Original Advisory:
SA-CONTRIB-2012-140:
http://drupal.org/node/1782686

http://secunia.com/advisories/50557/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Cisco Unified Presence / Jabber XCP Stream Header Handling

by Carol~ Moderator - 9/13/12 6:59 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Cisco Unified Presence / Jabber XCP Stream Header Handling Denial of Service Vulnerability

Release Date : 2012-09-13

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Software: Cisco Jabber Extensible Communications Platform (Jabber XCP) 5.x
Cisco Unified Presence 8.x

Description:
A vulnerability has been reported in Cisco Unified Presence and Cisco Jabber XCP, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the Extensible Messaging and Presence Protocol (XMPP) server when handling incoming stream headers. This can be exploited to cause the Connection Manager process to terminate via a specially crafted header.

The vulnerability is reported in the following products:
* Cisco Unified Presence versions prior to 8.6(3).
* Jabber XCP versions prior to 5.3.

Solution:
Update to a fixed version.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp

http://secunia.com/advisories/50562/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Pomm PgNumber Converter SQL Injection Vulnerability

by Carol~ Moderator - 9/13/12 7:01 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Vendor Patch

Software: Pomm (PHP Object Model Manager for Postgresql) 1.x

Description:
A vulnerability has been reported in Pomm, which can be exploited by malicious people to conduct SQL injection attacks.

Certain input passed to the PgNumber converter is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in versions prior to 1.0.5.

Solution:
Update to version 1.0.5 or later.

Provided and/or discovered by:
The vendor credits Keith C.Ivey.

Original Advisory:
http://pomm.coolkeums.org/news/pomm-1-0-6-is-out.html

http://secunia.com/advisories/50569/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal PDFThumb Module Command Injection Vulnerability

by Carol~ Moderator - 9/13/12 8:06 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Drupal PDFThumb Module Command Injection Vulnerability

Release Date : 2012-09-13

Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Drupal PDFThumb Module 7.x

Description:
A vulnerability has been reported in the PDFThumb module for Drupal, which can be exploited by malicious users to compromise a vulnerable system.

Certain unspecified input is not properly verified before being used. This can be exploited to inject and execute shell commands.

Successful exploitation requires the "administer PDFThumb" permission.

The vulnerability is reported in versions prior to 7.x-1.1.

Solution:
Update to version 7.x-1.1.

Provided and/or discovered by:
Reported by the vendor.

The vendor also credits Matt Kleve, Drupal Security Team.

Original Advisory:
SA-CONTRIB-2012-139:
http://drupal.org/node/1782580

http://secunia.com/advisories/50534/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OpenStack Keystone Token Validation Security Issue

by Carol~ Moderator - 9/13/12 8:06 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Security Bypass
Where : From remote
Solution Status : Vendor Patch

Software: OpenStack Keystone 2012.x

Description:
A security issue has been reported in OpenStack Keystone, which can be exploited by malicious users to bypass certain security restrictions.

The security issue is caused due to an error when granting or revoking roles, which does not affect token validation for pre-existing tokens and may result in tokens having an original set of roles.

The security issue is reported in versions prior to 2012.1.3.

Solution:
Update to version 2012.1.3.

Provided and/or discovered by:
Dolph Mathews Rackspace and Ryan Lane.

Original Advisory:
OpenStack (OSSA 2012-014):
http://seclists.org/oss-sec/2012/q3/440

Dolph Mathews:
https://bugs.launchpad.net/keystone/+bug/1041396

http://secunia.com/advisories/50531/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Google Chrome for Android Multiple Vulnerabilities

by Carol~ Moderator - 9/13/12 8:06 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Cross Site Scripting
Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch

Software: Google Chrome for Android 18.x

Description:
Multiple vulnerabilities have been reported in Google Chrome for Android, which can be exploited by malicious people to disclose certain sensitive information and conduct cross-site scripting attacks.

1) An error within the "file://" URI handler can be exploited to disclose certain information and credentials.

2) An unspecified error can be exploited to conduct cross-site scripting attacks.

3) An unspecified error can be exploited to conduct cross-site scripting attacks via intent extra data.

4) Another error within the "file://" URI handler can be exploited to disclose certain information and credentials.

The vulnerabilities are reported in versions prior to 18.0.1025308.

Solution:
Update to version 18.0.1025308 via Google Play.

Provided and/or discovered by:
The vendor credits:
1, 2) Artem Chaykin
3, 4) Takeshi Terada

Original Advisory:
googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html

http://secunia.com/advisories/50613/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Cisco ASA-CX / Cisco PRSM Log Partition Denial of Service

by Carol~ Moderator - 9/13/12 8:07 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Cisco ASA-CX / Cisco PRSM Log Partition Denial of Service Security Issue

Release Date : 2012-09-13

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Software: Cisco ASA-CX Context-Aware Security 9.x
Cisco Prime Security Manager (PRSM) 9.x

Description:
A security issue has been reported in Cisco ASA-CX Context-Aware Security and Cisco Prime Security Manager (PRSM), which can be exploited by malicious people to cause a DoS (Denial of Service).

The security issue is caused due to an error when logging data to the "/var/log" partition during the processing of certain IPv4 packets. This can be exploited to consume free space and prevent processing of user traffic and management access.

The security issue is reported in versions prior to 9.0.2-103.

Solution:
Update to version 9.0.2-103.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx

http://secunia.com/advisories/50592/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Apache mod_pagespeed Module Two Vulnerabilities

by Carol~ Moderator - 9/13/12 8:07 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Security Bypass
Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: mod_pagespeed 0.x

Description:
Two vulnerabilities have been reported in Apache mod_pagespeed module, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

1) The module does not properly verify its own hostname, which can be exploited bypass certain policies and e.g. fetch resources from other host names.

2) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in versions prior to 0.10.22.6.

Solution:
Update to version version 0.10.22.6.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
https://developers.google.com/speed/docs/mod_pagespeed/announce-0.10.22.6

http://secunia.com/advisories/50591/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for horizon

by Carol~ Moderator - 9/13/12 8:30 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Not critical
Impact : Spoofing
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for horizon. This fixes a weakness, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Apply updated packages.

Original Advisory:
USN-1565-1:
http://www.ubuntu.com/usn/usn-1565-1/

http://secunia.com/advisories/50532/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for bind9

by Carol~ Moderator - 9/13/12 8:31 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Debian GNU/Linux 6.0

Description:
Debian has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2547-1:
http://www.debian.org/security/2012/dsa-2547

http://secunia.com/advisories/50560/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for keystone

by Carol~ Moderator - 9/13/12 8:31 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Security Bypass
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for keystone. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.

Solution:
Apply updated packages.

Original Advisory:
USN-1564-1:
http://www.ubuntu.com/usn/usn-1564-1/

http://secunia.com/advisories/50590/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for kvm

by Carol~ Moderator - 9/13/12 11:06 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Privilege Escalation
Where : Local system
Solution Status : Vendor Patch

Operating System : openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:1153-1:
http://lists.opensuse.org/opensuse-updates/2012-09/msg00051.html

http://secunia.com/advisories/50621/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Apache HTTP Server LD_LIBRARY_PATH and Cross-Site

by Carol~ Moderator - 9/13/12 11:07 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Apache HTTP Server LD_LIBRARY_PATH and Cross-Site Scripting Vulnerabilities

Release Date : 2012-09-13

Criticality level : Less critical
Impact : Cross Site Scripting
Privilege Escalation
Where : From remote
Solution Status : Vendor Patch

Software: Apache 2.2.x

Description:
A security issue and a vulnerability have been reported in Apache HTTP Server, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.

The security issue and the vulnerability are reported in versions prior to 2.2.23.

Solution:
Update to version 2.2.23.

Original Advisory:
http://www.apache.org/dist/httpd/Announcement2.2.html

http://secunia.com/advisories/50541/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for MozillaFirefox

by Carol~ Moderator - 9/13/12 11:08 AM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Highly critical
Impact : Cross Site Scripting
Spoofing
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : SUSE Linux Enterprise Server (SLES) 11

Description:
SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
SUSE-SU-2012:1157-1:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html

http://secunia.com/advisories/50616/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for quagga

by Carol~ Moderator - 9/13/12 12:08 PM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6

Description:
Red Hat has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1259-1:
https://rhn.redhat.com/errata/RHSA-2012-1259.html

http://secunia.com/advisories/50624/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for quagga (2)

by Carol~ Moderator - 9/13/12 12:10 PM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

Release Date : 2012-09-13

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 5
Red Hat Enterprise Linux Server 5
RHEL Desktop Workstation 5

Description:
Red Hat has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1258-1:
https://rhn.redhat.com/errata/RHSA-2012-1258.html

http://secunia.com/advisories/50609/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OpenSLP "SLPIntersectStringList()" Denial of Service

by Carol~ Moderator - 9/13/12 12:19 PM

In Reply to: VULNERABILITIES / FIXES - September 13, 2012 by Carol~ Moderator

OpenSLP "SLPIntersectStringList()" Denial of Service Vulnerability

Release Date : 2012-09-13

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Unpatched

Software: OpenSLP 1.x

Description:
Georgi Geshev has discovered a vulnerability in OpenSLP, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an out-of-bounds read error within the "SLPIntersectStringList()" function (common/slp_compare.c) when processing service requests and can be exploited to cause a crash via a specially crafted request.

The vulnerability is confirmed in version 1.2.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Georgi Geshev via Secunia.

http://secunia.com/advisories/50130/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close