Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - October 11, 2012

by: Carol~ October 11, 2012 8:20 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - October 11, 2012

by Carol~ Moderator - 10/11/12 8:20 AM

Samsung Galaxy S III Two Vulnerabilities

Release Date : 2012-10-11

Criticality level : Highly critical
Impact: System access
Where : From remote
Solution Status : Unpatched

Operating System : Samsung Galaxy S III

Description:
MWR InfoSecurity has reported two vulnerabilities in Samsung Galaxy S III, which can be exploited by malicious people to compromise a vulnerable device.

1) An unspecified error within the document viewer when handling certain files can be exploited to corrupt memory.

2) An unspecified error can be exploited to bypass the application sandbox and execute arbitrary code with root permissions.

Successful exploitation of this vulnerability requires that a malicious application is installed.

The vulnerabilities are reported in Samsung Galaxy S III running Android version 4.0.4. Other Android versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Tyrone Erasmus, Jon Butler, Jacques Louw, and Nils, MWR InfoSecurity.

Original Advisory:
http://labs.mwrinfosecurity.com/blog/2012/09/19/mobile-pwn2own-at-eusecwest-2012/

http://secunia.com/advisories/50914/


Reply
Report offensive post
Email to friend

Google Chrome Two Vulnerabilities

by Carol~ Moderator - 10/11/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Highly critical
Impact: Security Bypass
System access
Where : From remote
Solution Status : Vendor Patch

Software: Google Chrome 22.x

Description:
Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) A use-after-free error in Webkit's SVG (Scalable Vector Graphics) functionality can be exploited to dereference already freed memory.

2) An unspecified error in the IPC (Inter-Process Communication) layer can be exploited to write arbitrary files and escape the Chrome sandbox.

Solution:
Update to version 22.0.1229.94.

Provided and/or discovered by:
The vendor credits Pinkie Pie.

Original Advisory:
Google:
http://googlechromereleases.blogspot.com/2012/10/stable-channel-update_6105.html

Pwnium 2 results and wrap-up:
http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html

http://secunia.com/advisories/50954/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Symantec Ghost Solution Suite Backup File Parsing Memory

by Carol~ Moderator - 10/11/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Symantec Ghost Solution Suite Backup File Parsing Memory Corruption

Release Date : 2012-10-11

Criticality level : Less critical
Impact: System access
Where : From local network
Solution Status : Vendor Patch

Software: Symantec Ghost Solution Suite 2.x

Description:
A vulnerability has been reported in Symantec Ghost Solution Suite, which can be exploited by malicious users to potentially compromise a vulnerable system.

The vulnerability is caused due to an unspecified error when parsing backup files and can be exploited to corrupt memory via a specially crafted backup file placed in the appropriate path on the system.

Successful exploitation may allow execution of arbitrary code.

Solution:
Update to version 2.5.1 and apply patch GSS25x_b2620.

Provided and/or discovered by:
The vendor credits Jeremy Brown, Microsoft.

Original Advisory:
SYM12-016:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121010_00

http://secunia.com/advisories/50953/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Mozilla Firefox Cross-Domain "location" Object Access

by Carol~ Moderator - 10/11/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Mozilla Firefox Cross-Domain "location" Object Access Vulnerability

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Security Bypass
Where : From remote
Solution Status : Unpatched

Software: Mozilla Firefox 16.x

Description:
Gareth Heyes has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to the protected "location" object being accessible by other domain objects, which can be exploited to bypass the same origin policy and gain access to sensitive information.

The vulnerability is confirmed in version 16.0.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Gareth Heyes

Original Advisory:
Mozilla:
http://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/

Gareth Heyes:
http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/

http://secunia.com/advisories/50932/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Cisco WebEx Recording Format Player Multiple Vulnerabilities

by Carol~ Moderator - 10/11/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Highly critical
Impact: System access
Where : From remote
Solution Status : Vendor Patch

Software: WebEx Recording Format Player

Description:
Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

4) An unspecified error can be exploited to corrupt memory via a specially crafted WRF file.

5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

The vulnerabilities are reported in the following versions:
* T28 client builds prior to T28.4 (28.4)
* T27 client builds prior to T27LDSP32EP10 (27.32.10)

Solution:
Update to version 28.4 or 27.32.10.

Provided and/or discovered by:
The vendor credits Beyond Security, Core Security, Codenomicon, and TELUS.

Original Advisory:
Cisco:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex

http://secunia.com/advisories/50905/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for bind

by Carol~ Moderator - 10/11/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Moderately critical
Impact: DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04
Ubuntu Linux 8.04

Description:
Ubuntu has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1601-1:
http://www.ubuntu.com/usn/usn-1601-1/

http://secunia.com/advisories/50956/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Cisco Firewall Services Module DCERPC Three Vulnerabilities

by Carol~ Moderator - 10/11/12 8:45 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Moderately critical
Impact: DoS
System access
Where : From local network
Solution Status : Vendor Patch

Software: Cisco Firewall Services Module (FWSM) 4.x

Description:
Some vulnerabilities have been reported in Cisco FWSM (Firewall Services Module) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) Insufficient input validation of transit DCERPC traffic within the DCERPC inspection engine can be exploited to cause a stack-based buffer overflow.

This vulnerability affects versions prior to 4.1(9).

2) Insufficient input validation of transit DCERPC traffic within the DCERPC inspection engine can be exploited to cause a device reload.

This vulnerability affects versions prior to 4.1(7).

3) Insufficient input validation of transit DCERPC traffic within the DCERPC inspection engine can be exploited to cause a device reload.

This vulnerability affects versions prior to 4.1(7).

Solution:
Update to version 4.1(9).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
CSCtr27522, CSCtr27524, CSCtr27521:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm

http://secunia.com/advisories/50857/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Cisco ASA Products Multiple Vulnerabilities

by Carol~ Moderator - 10/11/12 8:45 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Moderately critical
Impact: DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Cisco Adaptive Security Appliance (ASA) 7.x
Cisco Adaptive Security Appliance (ASA) 8.x
Cisco ASA 5500 Series Adaptive Security Appliances

Description:
Multiple vulnerabilities have been reported in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module (ASASM), which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) An error during memory allocation for an internal DHCP data structure when processing DHCP requests can be exploited to cause a device reload via a specially crafted transit or direct DHCP request.

Successful exploitation requires the DHCP relay or DHCP server feature to be enabled.

2) An error in the AAA (Authentication, Authorization, and Accounting) code when handling SSL VPN authentication can be exploited to cause a device reload via a specially crafted authentication challenge-response.

Successful exploitation requires Cisco ASA software configured for Clientless or AnyConnect SSL VPN.

3) An error within the SIP (Session Initiation Protocol) inspection engine can be exploited to cause a device reload via a specially crafted SIP media update packet.

Successful exploitation requires that SIP inspection is enabled.

4) Some vulnerabilities exist in the DCERPC inspection engine.

Solution:
Update to version 7.2(5.8), 8.0(5.28), 8.1(2.56), 8.2(5.33), 8.3(2.34), 8.4(4.5), 8.5(1.14), or 8.6(1.5).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
CSCtw84068, CSCtz04566, CSCtr63728, CSCtr21359, CSCtr21376, CSCtr21346:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa

http://secunia.com/advisories/50871/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Web Help Desk Two Script Insertion Vulnerabilities

by Carol~ Moderator - 10/11/12 8:45 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Moderately critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Web Help Desk 11.x

Description:
Two vulnerabilities have been reported in Web Help Desk, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via Subject and Request Details fields in the tickets system is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected product if malicious data is viewed.

The vulnerabilities are reported in version 11.0.7. Prior versions may also be affected.

Solution:
Update to version 11.0.8.

Provided and/or discovered by:
loneferret

Original Advisory:
Web Help Desk:
http://www.webhelpdesk.com/11-0-8-100412/

loneferret:
http://www.exploit-db.com/exploits/21809/

http://secunia.com/advisories/50880/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Web Help Desk "email.eml" Script Insertion Vulnerability

by Carol~ Moderator - 10/11/12 8:45 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Moderately critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Web Help Desk 11.x

Description:
A vulnerability has been reported in Web Help Desk, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via e-mails when viewing rejected e-mails is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected product when the malicious data is being viewed.

The vulnerability is reported in version 11.0.8. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret

Original Advisory:
Web Help Desk:
http://www.webhelpdesk.com/11-0-8-100412/

loneferret:
http://www.exploit-db.com/exploits/21809/

http://secunia.com/advisories/50899/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal ShareThis Module JavaScript Setting Script Insertion

by Carol~ Moderator - 10/11/12 8:45 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Drupal ShareThis Module JavaScript Setting Script Insertion Vulnerability

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Drupal ShareThis Module 7.x

Description:
A vulnerability has been reported in the ShareThis module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

Certain input related to JavaScript settings is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

Successful exploitation requires the "administer sharethis" permission.

The vulnerability is reported in 7.x-2.x versions prior to 7.x-2.5.

Solution:
Update to version 7.x-2.5.

Provided and/or discovered by:
The vendor credits Jake Bell.

Original Advisory:
SA-CONTRIB-2012-155:
http://drupal.org/node/1808856

http://secunia.com/advisories/50898/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ActivePerl Insecure File System Permissions Security Issue

by Carol~ Moderator - 10/11/12 9:08 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Privilege escalation
Where : Local system
Solution Status : Unpatched

Software: ActivePerl 5.x
ActiveState ActivePerl 5.x

Description:
A security issue has been discovered in ActivePerl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application setting insecure file system permissions on the installation directory and can be exploited to overwrite files (e.g. "C:\Perl\Site\bin") and execute programs with privileges of another user.

The security issue is confirmed in version 5.16.1 Build 1601. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
High-Tech Bridge

http://secunia.com/advisories/50937/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ActiveTcl Insecure File System Permissions Security Issue

by Carol~ Moderator - 10/11/12 9:08 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Privilege escalation
Where : Local system
Solution Status : Unpatched

Software: ActiveTcl 8.x

Description:
A security issue has been discovered in ActiveTcl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application setting insecure file system permissions on the installation directory and can be exploited to overwrite files (e.g. "C:\Tcl\bin") and execute programs with privileges of another user.

The security issue is confirmed in version 8.5.12.0. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
High-Tech Bridge

http://secunia.com/advisories/50938/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Python Insecure File System Permissions Security Issue

by Carol~ Moderator - 10/11/12 9:08 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Privilege escalation
Where : Local system
Solution Status : Unpatched

Software: Python 3.x

Description:
A security issue has been discovered in Python, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application setting insecure file system permissions on the installation directory and can be exploited to overwrite files (e.g. "C:\Python33") and execute programs with privileges of another user.

The security issue is confirmed in version 3.3.0. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Originally reported by High-Tech Bridge in ActivePython.

http://secunia.com/advisories/50960/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ActivePython Insecure File System Permissions Security Issue

by Carol~ Moderator - 10/11/12 11:18 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Privilege escalation
Where : Local system
Solution Status : Unpatched

Software: ActivePython 2.x
ActivePython 3.x

Description:
A security issue has been discovered in ActivePython, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application setting insecure file system permissions on the installation directory and can be exploited to overwrite files (e.g. "C:\Python27\" or "C:\Python32\") and execute programs with privileges of another user.

The security issue is confirmed in version 2.7.2.5 and 3.2.2.3. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
High-Tech Bridge

http://secunia.com/advisories/50939/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

RubyInstaller Insecure File System Permissions Security

by Carol~ Moderator - 10/11/12 11:20 AM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

RubyInstaller Insecure File System Permissions Security Issue

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Privilege escalation
Where : Local system
Solution Status : Unpatched

Software: RubyInstaller 1.x

Description:
A security issue has been discovered in RubyInstaller, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application setting insecure file system permissions on the installation directory and can be exploited to overwrite files (e.g. "C:\Ruby193\bin") and execute programs with privileges of another user.

The security issue is confirmed in version 1.9.3-p194. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
High-Tech Bridge

http://secunia.com/advisories/50940/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for MoinMoin

by Carol~ Moderator - 10/11/12 12:57 PM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Security Bypass
Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for MoinMoin. This fixes two vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

Solution:
Apply updated packages.

Original Advisory:
USN-1604-1:
http://www.ubuntu.com/usn/usn-1604-1/

http://secunia.com/advisories/50885/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for ruby

by Carol~ Moderator - 10/11/12 12:58 PM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Less critical
Impact: Security Bypass
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for ruby. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Apply updated packages.

Original Advisory:
USN-1603-1:
http://www.ubuntu.com/usn/usn-1603-1/

http://secunia.com/advisories/50944/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Basic webmail Module Multiple Vulnerabilities

by Carol~ Moderator - 10/11/12 2:00 PM

In Reply to: VULNERABILITIES / FIXES - October 11, 2012 by Carol~ Moderator

Release Date : 2012-10-11

Criticality level : Moderately critical
Impact: Cross Site Scripting
Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch

Software: Drupal Basic webmail Module 6.x

Description:
A weakness and two vulnerabilities have been reported in the Basic webmail module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting and script insertion attacks.

1) An error related to permissions can be exploited to disclose other users email addresses.

Successful exploitation of this weakness requires the "access basic_webmail" permission.

2) Certain input related to the page title is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

3) Certain input passed via emails is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

The weakness and vulnerabilities are reported in 6.x-1.x versions prior to 6.x-1.2.

Solution:
Update to version 6.x-1.2.

Provided and/or discovered by:
Hunter Fox, provisional member of the Drupal Security Team.

Original Advisory:
SA-CONTRIB-2012-154:
http://drupal.org/node/1808852

http://secunia.com/advisories/50902/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close