| Threat Type | Multiple Vulnerabilities |
IPS Definition
DB Versions | 2.672 - 2.677 |
| Coverage Release Date | Aug 04, 2009 - Aug 14, 2009 |
| Published Date | Monday, August 17, 2009 |
| Version # | 1 |
| |
| Severity | Number of
Vulnerabilities | Active
Exploitation |
| Critical | 32 | 7 | | High | 22 | 11 | | Medium | 15 | 5 | | Low | 1 | - | | Info | 1 | n/a | | Total | 71 | 23 |
|
Foreword
The FortiGuard Global Threat Research Team has released new security content to cover multiple vulnerabilities. The FortiGuard Team has observed 23 active exploitations of these vulnerabilities to date.
For more information, visit the FortiGuard Center at www.fortiguardcenter.com.
Threat Remediation
Fortinet provides coverage for the vulnerabilities described below as of the 2.677 IPS Definitions database update. A brief description of each vulnerability is provided as follows, in order of severity.
 Critical ( 21 )
Description:
This indicates an attack attempt against a buffer-overflow vulnerability in Computer Associates BrightStor ARCserve Backup.
The vulnerability is due to the software's inability to propery handle specialy crafted RPC requests to the Tape Engine. A remote attacker may exploit this to execute arbitrary code on the system with SYSTEM privileges.
Affected Products:
CA BrightStor ARCserve Backup r11.5
CA BrightStor ARCserve Backup r11.1
CA BrightStor ARCserve Backup for Windows r11
CA BrightStor Enterprise Backup r10.5
CA BrightStor ARCserve Backup 9.01
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
Reference IDs:
|
Description:
This indicates an attempt to exploit a memory-corruption vulnerability in Mozilla Firefox.
The vulnerability is caused by an error when the 'Tracemonkey' component handles a mailicous web page using the Escape method. A remote attacker may exploit this to execute arbitrary code.
Affected Products:
Mozilla Firefox 3.5
Reference IDs:
|
Description:
This indicates an attack attempt against a memory corruption vulnerability in Microsoft Active Template Library (ATL).
The vulnerability is caused by an error when the ATL headers handles a malicious variant read from a stream. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products:
Microsoft Windows 2000 Service Pack 4
Windows XP Media Center Edition 2005
Windows XP Service Pack 2 and Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Reference IDs:
|
Description:
This indicates an attack attempt against a remote code-execution vulnerability in Microsoft Excel.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Office Excel 2003 SP2
Microsoft Office Excel Viewer 2003
Microsoft Office Excel 2002
Microsoft Office Excel 2000
Microsoft Excel 2004 for Mac
Reference IDs:
|
Description:
This indicates an attack attempt against a remote code-execution vulnerability in Microsoft Excel.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted Excel file. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Excel 2000 Service Pack 3
Microsoft Excel 2002 Service Pack 3
Microsoft Excel 2003 Service Pack 2
Microsoft Excel 2007
Reference IDs:
|
Description:
This indicates an attack attempt against a code execution vulnerability in Microsoft Office.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted Office file. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office Excel Viewer 2003
Microsoft Office Excel Viewer 2003 Service Pack 3
Microsoft Office 2004 for Mac
Reference IDs:
|
Description:
This indicates an attempt to exploit a memory-corruption vulnerability in the ActiveX Control of Microsoft Office Web Components.
Affected Products:
Microsoft Office Web Components Library 10/11
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer overflow vulnerability in Microsoft Office Web Components which is a collection of Component Object Model controls.
Affected Products:
Office Web Components Library 9
Reference IDs:
|
Description:
This indicates an attack attempt towards a memory corruption vulnerability in Microsoft Office Web Components, which could lead to arbitrary code execution.
Affected Products:
Microsoft Office Web Components Library 10/11
Reference IDs:
|
Description:
This indicates an attack attempt against a heap overflow vulnerability in Remote Desktop Connection.
The vulnerability is caused by an error when the vulnerable software Activex Control handles a malicious property assign. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products:
Windows XP Service Pack 2
Windows XP Service Pack 3
Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Reference IDs:
|
Description:
This indicates an attack attempt against a heap Overflow vulnerability in Microsoft Remote Desktop Connection (formerly known as Terminal Services Client).
The vulnerability is caused by an error when the vulnerable software handles a malicious server response packet. It allows a remote attacker to execute arbitrary code via sending a crafted response packet.
Affected Products:
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2
Windows XP Service Pack 2
Windows XP Service Pack 2
Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista
Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Mac OS X Remote Desktop Connection Client for Mac 2.0.1
Reference IDs:
|
Description:
This indicates an attack attempt against a remote code execution vulnerability in the Microsoft Windows system library "avifil32.dll".
The vulnerability is caused by an error when the "AVIFile" API handles a specially crafted AVI file with a chunk with an invalid length specified in the header. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Windows Vista
Microsoft Windows Vista Service Pack 1
Microsoft Windows Vista Service Pack 2
Microsoft Windows Vista x64 Edition
Microsoft Windows Vista x64 Edition Service Pack 1
Microsoft Windows Vista x64 Edition Service Pack 2
Microsoft Windows Server 2008 for 32-bit Systems
Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Windows Server 2008 for x64-based Systems
Microsoft Windows Server 2008 for x64-based Systems Service Pack 2
Microsoft Windows Server 2008 for Itanium-based Systems
Microsoft Windows Server 2008 for Itanium-based Systems Service Pack 2
Reference IDs:
|
Description:
This indicates an attack attempt against a remote code execution vulnerability in the Microsoft Windows system library "avifil32.dll".
The vulnerability is caused by an error when the "AVIFile" API handles a specially crafted AVI file with a truncated AVHI chunk. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Windows Vista
Microsoft Windows Vista Service Pack 1
Microsoft Windows Vista Service Pack 2
Microsoft Windows Vista x64 Edition
Microsoft Windows Vista x64 Edition Service Pack 1
Microsoft Windows Vista x64 Edition Service Pack 2
Microsoft Windows Server 2008 for 32-bit Systems
Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Windows Server 2008 for x64-based Systems
Microsoft Windows Server 2008 for x64-based Systems Service Pack 2
Microsoft Windows Server 2008 for Itanium-based Systems
Microsoft Windows Server 2008 for Itanium-based Systems Service Pack 2
Reference IDs:
|
Description:
This indicates an attack attempt against an integer overflow vulnerability in the Windows Internet Name Service (WINS) on Windows.
The vulnerability exists because the affected software doesn't check user-supplied data which is used to allocate buffer. It may allow a remote attacker to execute arbitrary code via sending a malformed packet.
Affected Products:
Windows 2000 Server
Reference IDs:
|
Description:
This indicates an attack attempt against an integer overflow vulnerability in the Windows Internet Name Service (WINS) on Windows.
The vulnerability exists because the affected software doesn't check user-supplied data which is used to calculate buffer size to allocate. It may allow a remote attacker to execute arbitrary code via sending a crafted packet.
Affected Products:
Windows 2000 Server
Windows 2003 Server
Reference IDs:
|
Description:
This indicates an attack attempt against a remote code execution vulnerability in Microsoft Word.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted DOC file. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Word 2000 Service Pack 3
Microsoft Word 2002 Service Pack 3
Microsoft Word 2003 Service Pack 2
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer overflow vulnerability in Novell Client.
The vulnerability is caused by an error when the vulnerable software handles a malicious RPC request that may allow remote attackers to execute arbitrary code.
Affected Products:
Novell NetIdentity Client before 1.2.4
Reference IDs:
|
Description:
Novell eDirectory allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1.
Affected Products:
Novell eDirectory 8.7.3 and below.
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer overflow vulnerability in the Novell GroupWise.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted SMTP request. It allows a remote attacker to execute arbitrary code.
Affected Products:
Novell Groupwise 7.0
Novell Groupwise 8.0 HP1
Novell Groupwise 8.0
Novell Groupwise 7.03HP1a
Novell Groupwise 7.03 HP2
Novell Groupwise 7.03
Novell Groupwise 7.02x
Novell Groupwise 7.01
Novell Groupwise 7.0.0 SP3
Novell Groupwise 7.0.0 SP2
Novell Groupwise 7.0.0 SP1
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer-overflow vulnerability in the sadmind service within the Sun Solaris operating system.
The vulnerability is caused by an error when the vulnerable service handles a specially crafted RPC request. It allows a remote attacker to execute arbitrary code.
Affected Products:
Sun Solaris 8
Sun Solaris 9
Reference IDs:
|
Description:
This indicates an attack attempt against an integer-overflow vulnerability in the sadmind service within the Sun Solaris operating system.
The vulnerability is caused by an error when the vulnerable service handles a specially crafted RPC request. It allows a remote attacker to execute arbitrary code.
Affected Products:
Sun Solaris 8
Sun Solaris 9
Reference IDs:
|
High ( 12 )
Description:
This indicates an attack attempt against a Local File Include vulnerability in Dokuwiki.
The vulnerability is caused by an error when the vulnerable software handles a malicious request. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products:
Dokuwiki 2009-02-14, rc2009-02-06, and rc2009-01-30 are vulnerable;
other versions may also be affected.
Reference IDs:
|
Description:
This indicates an attack attempt against a code execution vulnerability in Drupal software.
The vulnerability is due to improper validation of user input from certain content fields. It allows a remote attacker to execute arbitrary code via sending a crafted web request.
Affected Products:
Drupal 5.x before 5.11 and 6.x before 6.5
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer overflow vulnerability in GoodTech SSH Server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted SFTP command. It allows a remote attacker to execute arbitrary code.
Affected Products:
GoodTech SSH Server 6.4
Reference IDs:
|
Description:
This indicates an attack attempt to exploit a Double-Free vulnerability in the Microsoft Windows Server service. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated privileges in the affected system.
Affected Products:
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer-overflow vulnerability in Microsoft Word.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted Microsoft Word document. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Word 2007
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer-overflow vulnerability in Microsoft Works File Converter.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted WPS file. It allows a remote attacker to execute arbitrary code.
Affected Products:
Microsoft Works 6 File Converter
Reference IDs:
|
Description:
This indicates an attack attempt against a vulnerability in Opera.
If successfully exploited, this vulnerability could lead to the configuration in Opera to be overwritten. It could also lead to arbitrary code execution.
Affected Products:
Opera <=9.10
|
Description:
This indicates an attempt to exploit a buffer-overflow vulnerability in Real Networks Helix Universal server.
Real Networks Helix Universal server is a media application server used for streaming media files such as audio and video files.
Affected Products:
RealNetworks Helix Universal Server 9.0.2 .794 and earlier versions
RealSystem Server 8, 7
RealServer G2
Reference IDs:
|
Description:
This indicates an attack attempt against a code execution vulnerability in SugarCRM.
The vulnerability is caused by an error when the vulnerable software handles a upload check. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products:
SugarCRM 5.2.0e and possibly earlier versions are vulnerable.
Reference IDs:
|
Description:
This indicates an attack attempt against an integer overflow vulnerability in Sun Java Runtime Environment software.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted Type1 font file. It allows a remote attacker to execute arbitrary code.
Affected Products:
HP JDK and JRE version 6.0.03 and prior
HP JDK and JRE version 5.0.16 and prior
Reference IDs:
|
Description:
This indicates an attack attempt against an integer-overflow vulnerability in SUN RPC XDR library.
The vulnerability is caused by an error in the xdrmem_getbytes() routine when handling malicious procedure arguments. By sending a specially crafted RPC call packet, a remote attacker could execute arbitrary code on a vulnerable system.
Affected Products:
Sun Microsystems Network Services Library (libnsl)
BSD-derived libraries with XDR/RPC routines (libc)
GNU C library with sunrpc (glibc)
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer-overflow vulnerability in Symantec WinFax.
The vulnerability is in DCCFAXVW.DLL, an ActiveX control used in Symantec WinFax Pro, and is caused when the software handles malformed user-supplied input. A remote attacker may exploit this to execute arbitrary code.
Affected Products:
Symantec WinFax Pro 10.03 is vulnerable; other versions may also be affected.
Reference IDs:
|
Medium ( 10 )
Description:
This indicates an attack attempt against a buffer-overflow vulnerability in the Server Side Includes (SSI) functionality of Apache Web Server.
The vulnerability is caused by an error when the mod_include handles a specially crafted SSI document. It allows a remote attacker to execute arbitrary code.
Affected Products:
Apache 1.3.32 and prior
Reference IDs:
|
Description:
This indicates an attack attempt against Access Validation vulnerability in the Cisco VPN Concentrator 3000 series.
This vulnerability could allow attackers to execute some FTP commands (CWD, RNFR, MKD, RMD, SIZE, CDUP) without any authentication.
Affected Products:
Cisco VPN Concentrator 3000 series
Reference IDs:
|
Description:
This indicates a possible exploit of a cross-site scripting vulnerability in D-Link SOHO router.
The vulnerability is due to the firmware's inability to properly validate user-supplied input. A remote attacker may exploit this to execute arbitrary code.
Affected Products:
D-Link Dl-704 2.60 b2
D-Link Dl-704 2.56 b6
D-Link Dl-704 2.56 b5
D-Link DI-624 SOHO Router 1.28
D-Link DI-614+ 2.18
D-Link DI-614+ 2.10
D-Link DI-614+ 2.0 f
D-Link DI-614+ 2.0 3g
D-Link DI-614+ 2.0 3
D-Link DI-614+ 2.0
Reference IDs:
|
Description:
This indicates an attack attempt to access a Coldfusion web shell.
This malicious file may has been uploaded to your server using a flaw in FCKEditor (which is enabled by default in ColdFusion 8.0.1).
Affected Products:
ColdFusion 8.0.1
Reference IDs:
|
Description:
This indicates an attack attempt against a denial-of-service vulnerability in ISC BIND.
The vulnerability is caused by an error when the vulnerable software handles a DNS "dynamic update" packet including malicious prerequisite sections. It allows a remote attacker to crash the vulnerable system via sending a crafted DNS packet.
Affected Products:
ISC BIND 9.6 P1
ISC BIND 9.6
ISC BIND 9.5.1 P1
ISC BIND 9.5 P2-W2
ISC BIND 9.5 P2-W1
ISC BIND 9.5 P2
ISC BIND 9.5 a2
ISC BIND 9.5 a1
ISC BIND 9.4.3 P1
ISC BIND 9.4.3
ISC BIND 9.4.3
ISC BIND 9.4.2 P2-W2
ISC BIND 9.4.2 P2-W1
ISC BIND 9.4.2 P2
ISC BIND 9.4.1 -P1
ISC BIND 9.4.1
ISC BIND 9.4 rc2
ISC BIND 9.4 rc1
ISC BIND 9.4 b4
ISC BIND 9.4 b3
ISC BIND 9.4 b3
ISC BIND 9.4 b2
ISC BIND 9.4 b1
ISC BIND 9.4 a6
ISC BIND 9.4 a5
ISC BIND 9.4 a4
ISC BIND 9.4 a3
ISC BIND 9.4 a2
ISC BIND 9.4 a1
ISC BIND 9.4
ISC BIND 9.3.6 P1
ISC BIND 9.3.6
ISC BIND 9.3.5 P2-W2
ISC BIND 9.3.5 P2-W1
ISC BIND 9.3.5 P2
ISC BIND 9.3.5
ISC BIND 9.3.4
ISC BIND 9.3.3 rc3
ISC BIND 9.3.3 rc2
ISC BIND 9.3.3 rc1
ISC BIND 9.3.3 rc1
ISC BIND 9.3.3 b1
ISC BIND 9.3.3 b
ISC BIND 9.3.3
ISC BIND 9.3.2 -P2
ISC BIND 9.3.2 -P1
ISC BIND 9.3.2
ISC BIND 9.3.1
ISC BIND 9.3
ISC BIND 9.2.8
ISC BIND 9.2.7 rc3
ISC BIND 9.2.7 rc2
ISC BIND 9.2.7 rc1
ISC BIND 9.2.7 b1
ISC BIND 9.2.7
ISC BIND 9.2.6 -P2
ISC BIND 9.2.6 -P1
ISC BIND 9.2.6
ISC BIND 9.2.5
ISC BIND 9.2.4
ISC BIND 9.2.3
ISC BIND 9.2.2
ISC BIND 9.2.1
ISC BIND 9.2
ISC BIND 9.1.3
ISC BIND 9.1.2
ISC BIND 9.1.1
ISC BIND 9.1
ISC BIND 9.0.1
ISC BIND 9.0
ISC BIND 9.5.1b1
ISC BIND 9.5.0b2
ISC BIND 9.5.0b1
ISC BIND 9.5.0a7
ISC BIND 9.5.0a6
ISC BIND 9.5.0a5
ISC BIND 9.5.0a4
ISC BIND 9.5.0a3
ISC BIND 9.5.0a3
ISC BIND 9.4.3b2
Reference IDs:
|
Description:
This indicates an attack attempt against a buffer-overflow vulnerability in the LCDproc LCDd server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted packet. It allows a remote attacker to cause a denial of service or execute arbitrary code.
Affected Products:
LCDProc LCDProc 4.4
LCDProc LCDProc 4.3
LCDProc LCDProc 4.2
LCDProc LCDProc 4.1
LCDProc LCDProc 4.0
LCDProc LCDProc 0.4.1 -r1
LCDProc LCDProc 0.4
LCDProc LCDProc 0.3
Reference IDs:
|
Description:
This indicates an attack attempt against a denial of service vulnerability in ASP.NET when running on IIS.
The vulnerability is caused by an error when ASP.NET doesn't decrement a counter used to determine how many requests and concurrently being processed. It allows a remote attacker to cause ASP.NET to stop processing requests.
Affected Products:
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Service Pack 1
Reference IDs:
|
Description:
This indicates an attack attempt against a Privilege Escalation vulnerability in MyBB.
The vulnerability is caused by an error when the vulnerable software incorrectly handles a "birthdayprivacy" parameter. It allows a remote attacker Privilege Escalation via sending a crafted web page.
Affected Products:
MyBB prior to 1.4.7
Reference IDs:
|
Description:
This indicates an attack attempt against a remote cross-site scripting vulnerability in Oracle BEA Weblogic.
This is possible because the user input filters fail to properly sanitize the searchQuery value that is passed to "console-help.portal". An attacker may include script by supplying an injection string through the URL.
Affected Products:
Oracle BEA Weblogic Server version 10.3
Reference IDs:
|
Description:
This indicates an attack attempt against a cross-site scripting vulnerability in Oracle Secure Enterprise Search.
This is possible because the user input filters fail to properly sanitize the search_p_groups value that is passed to "/search/query/search". An attacker may include script by supplying an injection string through the URL.
Affected Products:
Oracle Secure Enterprise Search 10.1.8
Reference IDs:
|
 Top of Section
Enhanced Coverage
The FortiGuard Threat Research team updates security content as new vectors of exploitation are discovered. The table below details the security content enhanced with this release.
Critical ( 41 )
High ( 23 )
Medium ( 12 )
Low ( 2 )
Info ( 1 )
Top of Section
Active Exploitation
The FortiGuard Threat Research team uses globally distributed probes to monitor exploit activity. Vulnerabilities can be classified as active and given a magnitude level. The magnitude level is the rate of activity across the probes. The value of the magnitude is set to low, medium or high.
The table below lists the vulnerabilities discussed in this bulletin (specifically new and enhanced detection) and their corresponding exploit activity magnitude. The data below is as of this writing.
Critical ( 7 of 32 )
High ( 11 of 22 )
Medium ( 5 of 15 )
Top of Section
Document History
| Revision Date | Version Number | |
|---|
| Monday, August 17, 2009 | 1 | Initial Documentation. |
About Fortinet ( www.fortinet.com )
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California.
Disclaimer
Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. Please note that no Fortinet statements herein constitute or contain any guarantee, warranty or legally binding representation. All materials contained in this publication are subject to change without notice, and Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Top of page
|
