Advisories
Vulnerability Database
PoC
Viruses
Research Lab

Research Lab

Positive Technologies Research Team and SecurityLab are willing to cooperate with independent researches in the analysis of the discovered vulnerabilities, in contacts with software vendors and CVE Number Reservation process. The vulnerabilities will be published in sections "Laboratory" and PT-advisory. The name of the researches will be preserved.

Our disclosure policy: en.securitylab.ru/lab/disclosure-policy.php

PT-2013-36: XML External Entity Injection in Wonderware Win-XML Exporter

Identifier: PT-2013-36

Vendor: Invensys Systems

Product:
Invensys Wonderware Win-XML Exporter

Exploitation vector: Remote

Severity: Medium (6.3)
(AV:L/AC:M/Au:N/C:C/I:N/A:C)

CVE ID: CVE-2012-4710

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 21-03-2013



Discovered by: Timur Yunusov, Alexey Osipov, Ilya Karpov, Positive Research Center (Positive Technologies Company)


PT-2013-35: Cross-Site Scripting in Siemens Simatic WinCC TIA Portal

Identifier: PT-2013-35

Vendor: Siemens

Product:
Siemens SIMATIC WinCC TIA Portal 11.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2013-0668

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2013-34: Cross-Site Scripting in Siemens Simatic WinCC TIA Portal

Identifier: PT-2013-34

Vendor: Siemens

Product:
Siemens SIMATIC WinCC TIA Portal 11.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2013-0667

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Artem Chaykin, Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2013-33: CRLF Injection in Siemens Simatic WinCC TIA Portal

Identifier: PT-2013-33

Vendor: Siemens

Product:
Siemens SIMATIC WinCC TIA Portal 11.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2013-0670

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2013-32: Directory Traversal in Siemens Simatic WinCC TIA Portal

Identifier: PT-2013-32

Vendor: Siemens

Product:
Siemens SIMATIC WinCC TIA Portal 11.x

Exploitation vector: Remote

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVE ID: CVE-2013-0671

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Sergey Bobrov, Roman Ilin, Ilya Karpov, Positive Research Center (Positive Technologies Company)


PT-2013-31: Cross-Site Scripting in Siemens Simatic WinCC TIA Portal

Identifier: PT-2013-31

Vendor: Siemens

Product:
Siemens SIMATIC WinCC TIA Portal 11.x

Exploitation vector: Remote

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:N/I:P/A:N)

CVE ID: CVE-2013-0672

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2013-30: Denial of Service in Siemens Simatic WinCC TIA Portal

Identifier: PT-2013-30

Vendor: Siemens

Product:
Siemens SIMATIC WinCC TIA Portal 11.x

Exploitation vector: Remote

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVE ID: CVE-2013-0669

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Roman Ilin, Artem Chaykin, Ilya Karpov, Positive Research Center (Positive Technologies Company)


PT-2013-29: Information Disclosure in Siemens Simatic WinCC and PCS 7

Identifier: PT-2013-29

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x
Siemens SIMATIC PCS 7 8.x

Exploitation vector: Remote

Severity: Medium (5.8)
(AV:N/AC:M/Au:N/C:P/I:N/A:P)

CVE ID: CVE-2013-0677

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Alexey Osipov, Timur Yunusov, Positive Research Center (Positive Technologies Company)


PT-2013-28: Buffer Overflow in Siemens Simatic WinCC and PCS 7

Identifier: PT-2013-28

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x
Siemens SIMATIC PCS 7 8.x

Exploitation vector: Remote

Severity: Medium (6.8)
(AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2013-0674

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Gleb Gritsai, Dmitry Nagibin, Positive Research Center (Positive Technologies Company)


PT-2013-27: Directory Traversal in Siemens Simatic WinCC and PCS 7

Identifier: PT-2013-27

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x
Siemens SIMATIC PCS 7 8.x

Exploitation vector: Remote

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVE ID: CVE-2013-0679

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2013-26: Information Disclosure in Siemens Simatic WinCC and PCS 7

Identifier: PT-2013-26

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x
Siemens SIMATIC PCS 7 8.x

Exploitation vector: Remote

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVE ID: CVE-2013-0676

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Sergey Gordeychik, Positive Research Center (Positive Technologies Company)


PT-2013-25: Information Disclosure in Siemens Simatic WinCC and PCS 7

Identifier: PT-2013-25

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x
Siemens SIMATIC PCS 7 8.x

Exploitation vector: Remote

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVE ID: CVE-2013-0678

Vulnerability status: Patched

Advisory published: 21 march, 2013

Fix issued: 15-03-2013



Discovered by: Gleb Gritsai, Sergey Gordeychik, Positive Research Center (Positive Technologies Company)


PT-2013-24 - SAP

Vulnerability status: Unpatched

Timeline:
20.03.2013 - Vendor gets vulnerability details

Severity: Low ()

Exploitation vector: Remote


Days since vendor notification:


30
60
63

Discovered by: Dmitry Gutsko, Positive Research Center (Positive Technologies Company)


PT-2013-23 - SAP

Vulnerability status: Unpatched

Timeline:
20.03.2013 - Vendor releases fixed version and details

Severity: Medium (4.6)
(AV:N/AC:H/AU:S/C:P/I:P/A:P)

Exploitation vector: Remote


Days since vendor notification:


30
60
63

Discovered by: Dmitry Sklyarov, Dmitry Gutsko, Positive Research Center (Positive Technologies Company)


PT-2013-22: XML External Entity Injection in Trustwave ModSecurity

Identifier: PT-2013-22

Vendor: Trustwave

Product:
ModSecurity 2.x

Exploitation vector: Remote

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 27 february, 2013

Fix issued: 29-03-2013



Discovered by: Timur Yunusov, Alexey Osipov, Positive Research Center (Positive Technologies Company)


PT-2013-21 - Oracle

Vulnerability status: Unpatched

Timeline:
26.02.2013 - Vendor gets vulnerability details

Severity: High (8.0)
(AV:N/AC:L/Au:S/C:P/I:P/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
85

Discovered by: Timur Yunusov, Alexey Osipov, Positive Research Center (Positive Technologies Company)


PT-2013-18: Variables Overwriting in mnoGoSearch

Identifier: PT-2013-18

Vendor: mnoGoSearch

Product:
mnoGoSearch 3.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 15 february, 2013

Fix issued: 05-03-2013



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2013-17: Arbitrary Files Reading in mnoGoSearch

Identifier: PT-2013-17

Vendor: mnoGoSearch

Product:
mnoGoSearch 3.x

Exploitation vector: Remote

Severity: High (7.8)
(AV:N/AC:L/Au:N/C:C/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 15 february, 2013

Fix issued: 05-03-2013



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2013-16 - Microsoft

Vulnerability status: Unpatched

Timeline:
13.02.2013 - Vendor gets vulnerability details

Severity: Low (3.5)
(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
98

Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2013-15 - Jelsoft Enterprises

Vulnerability status: Unpatched

Timeline:
07.02.2013 - Vendor gets vulnerability details

Severity: High (9.3)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
104

Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2013-14: XML External Entities Injection in PHP

Identifier: PT-2013-14

Vendor: PHP

Product:
PHP 5.4.x
PHP 5.3.x

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVE ID: CVE-2013-1643

Vulnerability status: Patched

Advisory published: 07 february, 2013

Fix issued: 14-03-2013



Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2013-12: open_basedir bypass in PHP

Identifier: PT-2013-12

Vendor: PHP

Product:
PHP 5.4.x
PHP 5.3.x

Exploitation vector: Remote

Severity: High (7.5)
(AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2013-1635

Vulnerability status: Patched

Advisory published: 07 february, 2013

Fix issued: 14-03-2013



Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2013-11 - Oracle

Vulnerability status: Unpatched

Timeline:
05.02.2013 - Vendor gets vulnerability details

Severity: High (8.5)
(AV:N/AC:L/Au:S/C:C/I:N/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
106

Discovered by: Positive Research Center (Positive Technologies Company)


PT-2013-10 - Oracle

Vulnerability status: Unpatched

Timeline:
05.02.2013 - Vendor gets vulnerability details

Severity: Medium (5.5)
(AV:N/AC:L/Au:S/C:P/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
106

Discovered by: Dmitry Serebryannikov, Positive Research Center (Positive Technologies Company)


PT-2013-09 - Oracle

Vulnerability status: Unpatched

Timeline:
05.02.2013 - Vendor gets vulnerability details

Severity: Medium (5.5)
(AV:N/AC:L/Au:S/C:P/I:N/A:P)

Exploitation vector: Remote


Days since vendor notification:


30
60
106

Discovered by: Sergey Scherbel, Vyacheslav Egoshin, Denis Baranov, Positive Research Center (Positive Technologies Company)


PT-2013-08 - Oracle

Vulnerability status: Unpatched

Timeline:
05.02.2013 - Vendor gets vulnerability details

Severity: High (8.5)
(AV:N/AC:M/Au:S/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
106

Discovered by: Positive Research Center (Positive Technologies Company)


PT-2013-07 - Oracle

Vulnerability status: Unpatched

Timeline:
05.02.2013 - Vendor gets vulnerability details

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
106

Discovered by: Positive Research Center (Positive Technologies Company)


PT-2013-06 - Oracle

Vulnerability status: Unpatched

Timeline:
05.02.2013 - Vendor gets vulnerability details

Severity: High (9.0)
(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
106

Discovered by: Alexander Tlyapov, Dmitry Sklyarov, Positive Research Center (Positive Technologies Company)


PT-2013-05 - Cisco

Vulnerability status: Unpatched

Timeline:
01.02.2013 - Vendor gets vulnerability details

Severity: High (7.1)
(AV:N/AC:H/Au:S/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
110

Discovered by: Dmitry Sklyarov, Sergey Pavlov, Ilya Safronov, Positive Research Center (Positive Technologies Company)


PT-2013-04 - Microsoft

Vulnerability status: Unpatched

Timeline:
25.01.2013 - Vendor gets vulnerability details

Severity: High (7.8)
(AV:N/AC:L/Au:N/C:C/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
117

Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2013-19 - HP

Vulnerability status: Unpatched

Timeline:
24.01.2013 - Vendor gets vulnerability details

Severity: High (9.4)
(AV:N/AC:L/Au:N/C:C/I:N/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
118

Discovered by: Timur Yunusov, Alexey Osipov and Sergey Pavlov, Positive Research Center (Positive Technologies Company)


PT-2013-03 - PunBB

Vulnerability status: Unpatched

Timeline:
17.01.2013 - Vendor gets vulnerability details

Severity: High (9.3)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
125

Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2013-02: Password Reset Token Prediction in FluxBB

Identifier: PT-2013-02

Vendor: FluxBB

Product:
FluxBB 1.x

Exploitation vector: Remote

Severity: High (9.3)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 17 january, 2013

Fix issued: 22-02-2013



Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2013-01 - GNOME

Vulnerability status: Unpatched

Timeline:
14.01.2013 - Vendor gets vulnerability details

Severity: Medium (6.6)
(AV:L/AC:L/Au:N/C:C/I:N/A:C)

Exploitation vector: Local


Days since vendor notification:


30
60
128

Discovered by: Timur Yunusov, Alexey Osipov, Positive Research Center (Positive Technologies Company)


PT-2012-61 - SAP Software

Vulnerability status: Unpatched

Timeline:
27.12.2012 - Vulnerability details were sent to CERT

Severity: Low (2.7)
(AV:A/AC:L/Au:S/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
146

Discovered by: Igor Bulatenko, Positive Research Center (Positive Technologies Company)


PT-2012-60: Arbitrary File Reading in Dolphin Browser

Identifier: PT-2012-60

Vendor: Dolphin Browser for Android 9.x

Product:
Dolphin Browser for Android 9.x

Exploitation vector: Remote

Severity: Medium (5.8)
(AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 18 december, 2012

Fix issued: 07-03-2013



Discovered by: Mikhail Firstov, Positive Research Center (Positive Technologies Company)


PT-2012-59: XML External Entity Injection in Zend Framework

Identifier: PT-2012-59

Vendor: Zend Technologies

Product:
Zend Framework 1.x

Exploitation vector: Remote

Severity: Medium (6.4)
(AV:N/AC:L/Au:N/C:P/I:N/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 13 december, 2012

Fix issued: 17-12-2012



Discovered by: Yury Dyachenko, Positive Research Center (Positive Technologies Company)


PT-2012-58 - mongoDB

Vulnerability status: Unpatched

Timeline:
27.11.2012 - Vendor is notified
27.11.2012 - Vendor gets vulnerability details

Severity: Medium (6.3)
(AV:N/AC:M/Au:S/C:C/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
176

Discovered by: Mikhail Firstov, Positive Research Center (Positive Technologies Company)


PT-2012-57 - Bitrix

Vulnerability status: Unpatched

Timeline:
03.09.2012 - Vendor is notified
03.09.2012 - Vendor gets vulnerability details

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
189

Discovered by: Timur Yunusov, Positive Research Center (Positive Technologies Company)


PT-2012-56 - VMWare

Vulnerability status: Unpatched

Timeline:
11.11.2012 - Vendor is notified
11.11.2012 - Vendor gets vulnerability details

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
192

Discovered by: Evgeniy Tolmachev, Positive Research Center (Positive Technologies Company)


PT-2012-55: Remote code execution in Siemens Teamcenter

Identifier: PT-2012-55

Vendor: Siemens

Product:
Siemens Teamcenter 2007.x

Exploitation vector: Remote

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 30 october, 2012



Discovered by: Ilya Smit, Dmitry Efanov, Positive Research Center (Positive Technologies Company)


PT-2012-54: Denial of Service in Siemens Teamcenter

Identifier: PT-2012-54

Vendor: Siemens

Product:
Siemens Teamcenter 2007.x

Exploitation vector: Remote

Severity: High (7.8)
(AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 30 october, 2012



Discovered by: Ilya Smit, Dmitry Efanov, Positive Research Center (Positive Technologies Company)


PT-2012-53: Privilege Gaining in DataLife Engine

Identifier: PT-2012-53

Vendor: Softnews Media Group

Product:
DataLife Engine 9.x

Exploitation vector: Remote

Severity: Medium (6.8)
(AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 30 october, 2012

Fix issued: 19-01-2013



Discovered by: Timur Yunusov, Positive Research Center (Positive Technologies Company)


PT-2012-52: Open Redirect in DokuWiki

Identifier: PT-2012-52

Vendor: DokuWiki

Product:
DokuWiki

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 22 october, 2012

Fix issued: 06-03-2013



Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2012-50: Multiple vulnerabilities in Siemens SIMATIC S7-1200 Web interface

Identifier: PT-2012-50

Vendor: Siemens

Product:
Siemens SIMATIC S7-1200 2.x
Siemens SIMATIC S7-1200 3.x

Exploitation vector: Remote

Severity: High (8.3)
(AV:N/AC:M/Au:N/C:P/I:P/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 october, 2012

Fix issued: 08-10-2012



Discovered by: Dmitry Serebryannikov, Artem Chaikin, Yury Goltsev, Timur Yunusov, Positive Research Center (Positive Technologies Company)


PT-2012-49 - Oracle

Vulnerability status: Unpatched

Timeline:
26.09.2012 - Vendor is notified
26.09.2012 - Vendor gets vulnerability details

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
238

Discovered by: Pavel Toporkov, Positive Research Center (Positive Technologies Company)


PT-2012-48: Insecure storage of HTTPS CA certificate and private key in Siemens SIMATIC S7-1200

Identifier: PT-2012-48

Vendor: Siemens

Product:
Siemens SIMATIC S7-1200 2.x

Exploitation vector: Remote

Severity: High (9.3)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVE ID: CVE-2012-3037

Vulnerability status: Patched

Advisory published: 19 september, 2012

Fix issued: 13-09-2012



Discovered by: Dmitry Sklyarov, Positive Research Center (Positive Technologies Company)


PT-2012-47: Information disclosure in Google Chrome on Android

Identifier: PT-2012-47

Vendor: Google

Product:
Google Chrome for Android 18.x

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVE ID: CVE-2012-4903

Vulnerability status: Patched

Advisory published: 19 september, 2012

Fix issued: 12-09-2012



Discovered by: Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-46: Cross-application scripting in Google Chrome on Android

Identifier: PT-2012-46

Vendor: Google

Product:
Google Chrome for Android 18.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2012-4904

Vulnerability status: Patched

Advisory published: 19 september, 2012

Fix issued: 12-09-2012



Discovered by: Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-45: Username and password disclosure in ActiveX control in Siemens Simatic WinCC WebNavigator

Identifier: PT-2012-45

Vendor: Siemens

Product:
Siemens Simatic WinCC WebNavigator 7.x

Exploitation vector: Remote

Severity: High (8.3)
(AV:N/AC:M/Au:N/C:C/I:P/A:P)

CVE ID: CVE-2012-3034

Vulnerability status: Patched

Advisory published: 13 september, 2012

Fix issued: 10-09-2012



Discovered by: Denis Baranov, Positive Research Center (Positive Technologies Company)


PT-2012-44: SQL Injection in SOAP Web interfaces in Siemens Simatic WinCC WebNavigator

Identifier: PT-2012-44

Vendor: Siemens

Product:
Siemens Simatic WinCC WebNavigator 7.x

Exploitation vector: Remote

Severity: High (9.0)
(AV:N/AC:L/Au:N/C:P/I:P/A:C)

CVE ID: CVE-2012-3032

Vulnerability status: Patched

Advisory published: 13 september, 2012

Fix issued: 10-09-2012



Discovered by: Denis Baranov, Vladimir Kochetkov, Positive Research Center (Positive Technologies Company)


PT-2012-43: Arbitrary Files Reading in Siemens Simatic WinCC WebNavigator

Identifier: PT-2012-43

Vendor: Siemens

Product:
Siemens Simatic WinCC WebNavigator 7.x

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVE ID: CVE-2012-3030

Vulnerability status: Patched

Advisory published: 13 september, 2012

Fix issued: 10-09-2012



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2012-42: Multiple Cross Site Scripting and Cross Site Request Forgery vulnerabilities in Siemens Simatic WinCC WebNavigator

Identifier: PT-2012-42

Vendor: Siemens

Product:
Siemens Simatic WinCC WebNavigator 7.x

Exploitation vector: Remote

Severity: High (8.3)
(AV:N/AC:M/Au:N/C:P/I:P/A:C)

CVE ID: CVE-2012-3031 CVE-2012-3028

Vulnerability status: Patched

Advisory published: 13 september, 2012

Fix issued: 10-09-2012



Discovered by: Sergey Bobrov, Timur Yunusov, Artem Chaykin, Pavel Toporkov, Vladimir Kochetkov, Positive Research Center (Positive Technologies Company)


PT-2012-41 - mongoDB

Vulnerability status: Unpatched

Timeline:
10.09.2012 - Vendor is notified
10.09.2012 - Vendor gets vulnerability details

Severity: Medium (5.5)
(AV:L/AC:M/Au:S/C:C/I:P/A:P)

Exploitation vector: Local


Days since vendor notification:


30
60
254

Discovered by: Mikhail Firstov, Positive Research Center (Positive Technologies Company)


PT-2012-40 - mongoDB

Vulnerability status: Unpatched

Timeline:
10.09.2012 - Vendor is notified
10.09.2012 - Vendor gets vulnerability details

Severity: High (8.3)
(AV:AN/AC:L/AU:N/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
254

Discovered by: Mikhail Firstov, Positive Research Center (Positive Technologies Company)


PT-2012-39 - mongoDB

Vulnerability status: Unpatched

Timeline:
10.09.2012 - Vendor is notified
10.09.2012 - Vendor gets vulnerability details

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
254

Discovered by: Mikhail Firstov, Positive Research Center (Positive Technologies Company)


PT-2012-38 - Oracle

Vulnerability status: Unpatched

Timeline:
06.09.2012 - Vendor is notified
06.09.2012 - Vendor gets vulnerability details

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
258

Discovered by: Pavel Toporkov, Positive Research Center (Positive Technologies Company)


PT-2012-37 - Oracle

Vulnerability status: Unpatched

Timeline:
06.09.2012 - Vendor is notified
06.09.2012 - Vendor gets vulnerability details

Severity: High (9.3)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
258

Discovered by: Pavel Toporkov, Positive Research Center (Positive Technologies Company)


PT-2012-36 - Oracle

Vulnerability status: Unpatched

Timeline:
06.09.2012 - Vendor is notified
06.09.2012 - Vendor gets vulnerability details

Severity: Medium (6.4)
(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
258

Discovered by: Pavel Toporkov, Positive Research Center (Positive Technologies Company)


PT-2012-35 - PHP

Vulnerability status: Unpatched

Timeline:
28.08.2012 - Vendor is notified
28.08.2012 - Vendor gets vulnerability details

Severity: Medium (5.8)
(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
267

Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2012-34: Multiple Vulnerabilities in Random Numbers Generation in OpenCart

Identifier: PT-2012-34

Vendor: OpenCart Limited

Product:
OpenCart 1.x

Exploitation vector: Remote

Severity: High (9.3)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 28 august, 2012

Fix issued: 29-11-2012



Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2012-33: Multiple vulnerabilities in Sanuel Family

Identifier: PT-2012-33

Vendor: Sanuel Co.

Product:
Sanuel Family 11.х

Exploitation vector: Remote

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 27 august, 2012



Discovered by: Denis Gorchakov, Positive Research Center (Positive Technologies Company)


PT-2012-32: User data disclosure in Sanuel Family

Identifier: PT-2012-32

Vendor: Sanuel Co.

Product:
Sanuel Family 11.х

Exploitation vector: Remote

Severity: High (8.5)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 27 august, 2012



Discovered by: Denis Gorchakov, Positive Research Center (Positive Technologies Company)


PT-2012-31 - PHP

Vulnerability status: Unpatched

Timeline:
24.08.2012 - Vendor is notified
24.08.2012 - Vendor gets vulnerability details

Severity: Medium ()

Exploitation vector: Local


Days since vendor notification:


30
60
271

Discovered by: Timur Yunusov, Positive Research Center (Positive Technologies Company)


PT-2012-30: Administrator Privilege Gaining in OpenCart

Identifier: PT-2012-30

Vendor: OpenCart Limited

Product:
OpenCart 1.x

Exploitation vector: Remote

Severity: High (9.3)
(AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 23 august, 2012

Fix issued: 23-08-2012



Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2012-29: Administrator Privilege Gaining in Simple Machines Forum

Identifier: PT-2012-29

Vendor: Simple Machines

Product:
Simple Machines Forum 2.x

Exploitation vector: Remote

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 23 august, 2012

Fix issued: 01-02-2013



Discovered by: Arseniy Reutov, Positive Research Center (Positive Technologies Company)


PT-2012-28: Administrator Privilege Gaining in DataLife Engine

Identifier: PT-2012-28

Vendor: Softnews Media Group

Product:
DataLife Engine 9.x

Exploitation vector: Remote

Severity: High (9.0)
(AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 17 august, 2012

Fix issued: 12-09-2012



Discovered by: Timur Yunusov, Arseny Reutov, Positive Research Center (Positive Technologies Company)


PT-2012-27: Privilege Gaining in UMI.CMS

Identifier: PT-2012-27

Vendor: Umisoft

Product:
UMI.CMS 2.x

Exploitation vector: Remote

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 16 august, 2012

Fix issued: 20-11-2012



Discovered by: Timur Yunusov, Positive Research Center (Positive Technologies Company)


PT-2012-26 - qutIM

Vulnerability status: Unpatched

Timeline:
14.08.2012 - Vendor is notified
14.08.2012 - Vendor gets vulnerability details

Severity: Medium (5.4)
(AV:A/AC:M/Au:N/C:P/I:P/A:P)

Exploitation vector: Remote


Days since vendor notification:


30
60
281

Discovered by: Mikhail Firstov, Positive Research Center (Positive Technologies Company)


PT-2012-25 - FreeBSD

Vulnerability status: Unpatched

Timeline:
23.07.2012 - Vendor is notified

Severity: Medium (5.2)
(AV:L/AC:L/Au:S/C:N/I:C/A:P)

Exploitation vector: Local


Days since vendor notification:


30
60
303

Discovered by: Vladislav Roskov during the Positive Hack Days CTF 2012


PT-2012-24 - SAP

Vulnerability status: Unpatched

Timeline:
16.07.2012 - Vendor is notified
16.07.2012 - Vendor gets vulnerability details

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
310

Discovered by: Pavel Toporkov, Positive Research Center (Positive Technologies Company)


PT-2012-23: SQL Injection in Dr.Web Anti-virus

Identifier: PT-2012-23

Vendor: Dr.Web

Product:
Dr.Web Antivirus

Exploitation vector: Local

Severity: Low (2.1)
(AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 july, 2012

Fix issued: 13-07-2012



Discovered by: Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-22: Format String Vulnerability in SQLite

Identifier: PT-2012-22

Vendor: SQLite

Product:
SQLite 3.x

Exploitation vector: Local

Severity: Medium (5.5)
(AV:L/AC:M/Au:S/C:C/I:P/A:P)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 10 july, 2012



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2012-21: Denial of Service in NetIQ eDirectory

Identifier: PT-2012-21

Vendor: NetIQ

Product:
eDirectory

Exploitation vector: Remote

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVE ID: CVE-2012-0429

Vulnerability status: Patched

Advisory published: 06 july, 2012

Fix issued: 18-12-2012



Discovered by: Dmitry Serebryannikov, Positive Research Center (Positive Technologies Company)


PT-2012-20: Authorization Mechanism Bypassing in NetIQ eDirectory

Identifier: PT-2012-20

Vendor: NetIQ

Product:
eDirectory

Exploitation vector: Remote

Severity: Medium (6.4)
(AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVE ID: CVE-2012-0430

Vulnerability status: Patched

Advisory published: 06 july, 2012

Fix issued: 18-12-2012



Discovered by: Dmitry Serebryannikov, Positive Research Center (Positive Technologies Company)


PT-2012-19: Cross-Site Scripting in NetIQ eDirectory

Identifier: PT-2012-19

Vendor: NetIQ

Product:
eDirectory

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2012-0428

Vulnerability status: Patched

Advisory published: 06 july, 2012

Fix issued: 18-12-2012



Discovered by: Dmitry Serebryannikov, Positive Research Center (Positive Technologies Company)


PT-2012-18 - Microsoft

Vulnerability status: Unpatched

Timeline:
04.07.2012 - Vendor is notified
04.07.2012 - Vendor gets vulnerability details

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitation vector: Remote


Days since vendor notification:


30
60
322

Discovered by: Alexander Polunin, Positive Research Center (Positive Technologies Company)


PT-2012-17 - Oracle

Vulnerability status: Unpatched

Timeline:
29.06.2012 - Vendor is notified
29.06.2012 - Vendor gets vulnerability details

Severity: Medium (6.4)
(AV:N/AC:L/Au:N/C:P/I:N/A:P)

Exploitation vector: Remote


Days since vendor notification:


30
60
327

Discovered by: Pavel Toporkov, Positive Research Center (Positive Technologies Company)


PT-2012-16 - Python Software Foundation

Vulnerability status: Unpatched

Timeline:
25.06.2012 - Vendor is notified
18.07.2012 - Vulnerability details were sent to CERT

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitation vector: Remote


Days since vendor notification:


30
60
331

Discovered by: Pavel Toporkov, Positive Research Center (Positive Technologies Company)


PT-2012-15: Multiple vulnerabilities in IBM InfoSphere Guardium

Identifier: PT-2012-15

Vendor: IBM

Product:
InfoSphere Guardium 8.x

Exploitation vector: Remote

Severity: Medium (6.8)
(AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2012-3309, CVE-2012-3312

Vulnerability status: Patched

Advisory published: 25 june, 2012

Fix issued: 15-08-2012



Discovered by: Igor Bulatenko, Positive Research Center (Positive Technologies Company)


PT-2012-14: Security Restrictions Bypass in PHP

Identifier: PT-2012-14

Vendor: PHP

Product:
PHP 5.4.x
PHP 5.3.x

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2012-3365

Vulnerability status: Patched

Advisory published: 22 june, 2012

Fix issued: 19-07-2012



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2012-13: Cross-Site Scripting in PHP

Identifier: PT-2012-13

Vendor: PHP

Product:
PHP 5.4.x

Exploitation vector: Local

Severity: Low (1.7)
(AV:L/AC:L/Au:S/C:P/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 22 june, 2012

Fix issued: 14-09-2012



Discovered by: Sergey Bobrov, Positive Research Center (Positive Technologies Company)


PT-2012-12: Multiple Cross-Site Scripting in WinCC (SCADA)

Identifier: PT-2012-12

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2012-3003

Vulnerability status: Patched

Advisory published: 20 june, 2012

Fix issued: 05-06-2012



Discovered by: Sergey Scherbel, Yury Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov, Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-11: Multiple Cross-Site Scripting in WinCC (SCADA)

Identifier: PT-2012-11

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2012-2595

Vulnerability status: Patched

Advisory published: 20 june, 2012

Fix issued: 05-06-2012



Discovered by: Sergey Scherbel, Yury Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov, Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-10: Buffer overflow in the DiagAgent web server in WinCC (SCADA)

Identifier: PT-2012-10

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE ID: CVE-2012-2598

Vulnerability status: Patched

Advisory published: 20 june, 2012

Fix issued: 05-06-2012



Discovered by: Sergey Scherbel, Yury Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov, Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-09: Multiple File Path Traversal in WinCC (SCADA)

Identifier: PT-2012-09

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x

Exploitation vector: Remote

Severity: Medium (6.8)
(AV:N/AC:L/Au:S/C:C/I:N/A:N)

CVE ID: CVE-2012-2597

Vulnerability status: Patched

Advisory published: 20 june, 2012

Fix issued: 05-06-2012



Discovered by: Sergey Scherbel, Yury Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov, Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-08: XPath Injection in WinCC (SCADA)

Identifier: PT-2012-08

Vendor: Siemens

Product:
Siemens SIMATIC WinCC 7.x

Exploitation vector: Remote

Severity: Medium (5.5)
(AV:N/AC:L/Au:S/C:P/I:P/A:N)

CVE ID: CVE-2012-2596

Vulnerability status: Patched

Advisory published: 20 june, 2012

Fix issued: 05-06-2012



Discovered by: Sergey Scherbel, Yury Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov, Artem Chaykin, Positive Research Center (Positive Technologies Company)


PT-2012-06: Security restrictions bypass in nginx for Windows

Identifier: PT-2012-06

Vendor: nginx

Product:
nginx 1.2.0
nginx 1.3.0

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVE ID: CVE-2011-4963

Vulnerability status: Patched

Advisory published: 15 may, 2012

Fix issued: 05-06-2012



Discovered by: Vladimir Kochetkov, Positive Research Center (Positive Technologies Company)


PT-2012-05: Multiple Vulnerabilities in Quercus

Identifier: PT-2012-05

Vendor: Quercus on Resin 4.x

Product:
Quercus on Resin 4.x

Exploitation vector: Remote

Severity: High (7.5)
(AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2012-2965

Vulnerability status: Patched

Advisory published: 23 march, 2012

Fix issued: 13-07-2012



Discovered by: Sergey Scherbel, Positive Research Center (Positive Technologies Company)


PT-2012-04 - Cisco

Vulnerability status: Unpatched

Timeline:
13.01.2012 - Vendor is notified
13.01.2012 - Vendor gets vulnerability details

Severity: Medium (4.0)
(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
495

Discovered by: Kirill Mosolov, Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2012-03 - Cisco

Vulnerability status: Unpatched

Timeline:
13.01.2012 - Vendor is notified
13.01.2012 - Vendor gets vulnerability details

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
495

Discovered by: Kirill Mosolov, Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2012-02 - Cisco

Vulnerability status: Unpatched

Timeline:
13.01.2012 - Vendor is notified
13.01.2012 - Vendor gets vulnerability details

Severity: High (9.0)
(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
495

Discovered by: Kirill Mosolov, Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2012-01 - Cisco

Vulnerability status: Unpatched

Timeline:
13.01.2012 - Vendor is notified
13.01.2012 - Vendor gets vulnerability details

Severity: High (7.1)
(AV:N/AC:M/Au:N/C:N/I:C/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
495

Discovered by: Kirill Mosolov, Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-48: Multiple Vulnerabilities in AtMail

Identifier: PT-2011-48

Vendor: AtMail

Product:
AtMail

Exploitation vector: Remote

Severity: High (9.0)
(AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 06 december, 2011

Fix issued: 26-03-2012



Discovered by: Sergey Scherbel, Positive Research Center (Positive Technologies Company)


PT-2011-47: Denial of Service in SAP

Identifier: PT-2011-47

Vendor: SAP

Product:
SAP

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 december, 2011

Fix issued: 08-05-2012



Discovered by: Vladimir Zarichny, Positive Research Center (Positive Technologies Company)


PT-2011-46: Information disclosure in SAP

Identifier: PT-2011-46

Vendor: SAP

Product:
SAP

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/AU:N/C:P/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 december, 2011

Fix issued: 03-08-2012



Discovered by: Ilya Smith, Maxim Tsoy, Kirill Mosolov, Evgeny Ryzhov, Positive Research Center (Positive Technologies Company)


PT-2011-45: Denial of Service in SAP

Identifier: PT-2011-45

Vendor: SAP

Product:
SAP

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 december, 2011

Fix issued: 08-05-2012



Discovered by: Vladimir Zarichny, Positive Research Center (Positive Technologies Company)


PT-2011-44: Denial of Service in SAP

Identifier: PT-2011-44

Vendor: SAP

Product:
SAP

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 december, 2011

Fix issued: 08-05-2012



Discovered by: Vladimir Zarichny, Positive Research Center (Positive Technologies Company)


PT-2011-43: Database information disclosure in Kayako Fusion

Identifier: PT-2011-43

Vendor: Kayako

Product:
Kayako Fusion

Exploitation vector: Remote

Severity: Medium (6.5)
(AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 25 november, 2011

Fix issued: 25-11-2011



Discovered by: Yuri Goltsev, Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-42 - Citrix

Vulnerability status: Unpatched

Timeline:
10.11.2011 - Vendor is notified
10.11.2011 - Vendor gets vulnerability details

Severity: High (7.1)
(AV:N/AC:M/Au:N/C:N/I:C/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
558

Discovered by: Kirill Mosolov, Positive Research Center (Positive Technologies Company)


PT-2011-41: Stored XSS vulnerability in Citrix License Administration Console

Identifier: PT-2011-41

Vendor: Citrix

Product:
Citrix License Administration Console 11.9

Exploitation vector: Remote

Severity: Medium (4.9)
(AV:N/AC:H/Au:S/C:C/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 13-03-2012



Discovered by: Maxim Tsoy, Kirill Mosolov, Positive Research Center (Positive Technologies Company)


PT-2011-40: Multiple CSRF vulnerabilities in Citrix License Administration Console

Identifier: PT-2011-40

Vendor: Citrix

Product:
Citrix License Administration Console 11.9

Exploitation vector: Remote

Severity: High (7.1)
(AV:N/AC:M/Au:N/C:N/I:C/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 13-03-2012



Discovered by: Maxim Tsoy, Kirill Mosolov, Positive Research Center (Positive Technologies Company)


PT-2011-39: Denial of Service in Citrix XenServer Workload Balancer

Identifier: PT-2011-39

Vendor: Citrix

Product:
Citrix XenServer-6.0.0 WLB

Exploitation vector: Remote

Severity: High (7.8)
(AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 13-03-2012



Discovered by: Kirill Mosolov, Positive Research Center (Positive Technologies Company)


PT-2011-38: URL redirector abuse in Citrix XenServer Virtual Switch Controller

Identifier: PT-2011-38

Vendor: Citrix

Product:
Citrix XenServer Virtual Switch Controller 6.0.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 13-03-2012



Discovered by: Kirill Mosolov, Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-37: HTTP Response Splitting in Citrix XenServer Virtual Switch Controller

Identifier: PT-2011-37

Vendor: Citrix

Product:
Citrix XenServer Virtual Switch Controller 6.0.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 13-03-2012



Discovered by: Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-36: Insufficient authorization in Citrix XenServer Virtual Switch Controller

Identifier: PT-2011-36

Vendor: Citrix

Product:
Citrix XenServer Virtual Switch Controller 6.0.x

Exploitation vector: Local

Severity: High (9.0)
(AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 13-03-2012



Discovered by: Maxim Tsoy, Kirill Mosolov, Positive Research Center (Positive Technologies Company)


PT-2011-35: Multiple CSRF vulnerabilities in Citrix XenServer Virtual Switch Controller

Identifier: PT-2011-35

Vendor: Citrix

Product:
Citrix XenServer Virtual Switch Controller 6.0.x

Exploitation vector: Remote

Severity: High (7.1)
(AV:N/AC:M/Au:N/C:N/I:C/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 13-03-2012



Discovered by: Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-34: HTTP Response Splitting in Citrix XenServer Web Self Service

Identifier: PT-2011-34

Vendor: Citrix

Product:
Citrix XenServer 6.0 Web Self Service 1.1

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 10-03-2012



Discovered by: Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-33: URL redirector abuse in Citrix XenServer Web Self Service

Identifier: PT-2011-33

Vendor: Citrix

Product:
Citrix XenServer 6.0 Web Self Service 1.1

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 10-03-2012



Discovered by: Ilya Smith, Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-32: Cross-site scripting in Citrix XenServer Web Self Service

Identifier: PT-2011-32

Vendor: Citrix

Product:
Citrix XenServer 6.0 Web Self Service 1.1

Exploitation vector: Remote

Severity: Medium (4.9)
(AV:N/AC:H/Au:S/C:C/I:N/A:N)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 11 november, 2011

Fix issued: 10-03-2012



Discovered by: Kirill Mosolov, Positive Research Center (Positive Technologies Company)


PT-2011-31: Multiple Cross-Site Request Forgery vulnerabilities in Citrix XenServer Web Self Service

Identifier: PT-2011-31

Vendor: Citrix

Product:
Citrix XenServer 6.0 Web Self Service 1.1

Exploitation vector: Remote

Severity: High (7.1)
(AV:N/AC:M/Au:N/C:N/I:C/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 november, 2011

Fix issued: 10-04-2012



Discovered by: Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-30: Disclosure of sensitive information in D-Link DIR-300 Router

Identifier: PT-2011-30

Vendor: D-Link

Product:
D-Link DIR-300

Exploitation vector: Remote

Severity: Medium (6.8)
(AV:N/AC:L/Au:S/C:C/I:N/A:N)

CVE ID: CVE-2011-4723

Vulnerability status: Patched

Advisory published: 09 september, 2011

Fix issued: 19-09-2011



Discovered by: Sergey Scherbel, Positive Research Center (Positive Technologies Company)


PT-2011-29: Arbitrary file reading and arbitrary code execution in Router Manager for D-Link DIR-300

Identifier: PT-2011-29

Vendor: D-Link

Product:
D-Link DIR-300

Exploitation vector: Remote

Severity: High (10.0)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 09 september, 2011

Fix issued: 19-09-2011



Discovered by: Sergey Scherbel, Positive Research Center (Positive Technologies Company)


PT-2011-27: Multiple Vulnerabilities in Cisco ACS Web Interface

Identifier: PT-2011-27

Vendor: Cisco

Product:
Cisco Secure ACS 5.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2011-3317

Vulnerability status: Patched

Advisory published: 28 july, 2011

Fix issued: 13-02-2012



Discovered by: Maxim Tsoy, Yuriy Goltsev, Alexander Zaitsev and Evgeniy Tolmachev, Positive Research Center (Positive Technologies Company)


PT-2011-26: Multiple Cross-Site Request Forgery and "Stored XSS" Vulnerabilities in Cisco ACS

Identifier: PT-2011-26

Vendor: Cisco

Product:
Cisco Secure ACS 5.x

Exploitation vector: Remote

Severity: Medium (6.8)
(AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE ID: CVE-2011-3293

Vulnerability status: Patched

Advisory published: 19 july, 2011

Fix issued: 13-02-2012



Discovered by: Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-25: SQL injection vulnerabilities in Support Incident Tracker

Identifier: PT-2011-25

Vendor: Support Incident Tracker

Product:
Support Incident Tracker 3.x

Exploitation vector: Remote

Severity: High (6.5)
(AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 13 july, 2011

Fix issued: 17-07-2011



Discovered by: Yuri Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-24 - Arbor Networks

Vulnerability status: Unpatched

Timeline:
12.07.2011 - Vendor is notified
19.07.2011 - Vendor gets vulnerability details

Severity: High (6.8)
(AV:N/AC:L/Au:S/C:N/I:N/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
680

Discovered by: Dmitriy Gutsko, Positive Research Center (Positive Technologies Company)


PT-2011-23: Database information disclosure in GLPI

Identifier: PT-2011-23

Vendor: GLPI

Product:
GLPI 0.x

Exploitation vector: Remote

Severity: Medium (6.5)
(AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 11 july, 2011

Fix issued: 21-07-2011



Discovered by: Yuri Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-21: SQL injection vulnerability in OneOrZero AIMS

Identifier: PT-2011-21

Vendor: OneOrZero

Product:
OneOrZero AIMS 2.x

Exploitation vector: Remote

Severity: High (7.5)
(AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 08 july, 2011



Discovered by: Yuri Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-20: Authorization bypass vulnerability in OneOrZero AIMS

Identifier: PT-2011-20

Vendor: OneOrZero

Product:
OneOrZero AIMS 2.x

Exploitation vector: Remote

Severity: High (7.5)
(AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 08 july, 2011



Discovered by: Yuri Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-19: SQL injection vulnerability in Help Request System

Identifier: PT-2011-19

Vendor: Help Request System

Product:
Help Request System 1.x

Exploitation vector: Remote

Severity: High (7.5)
(AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 07 july, 2011

Fix issued: 16-07-2011



Discovered by: Yuri Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-18 - Arbor Networks

Vulnerability status: Unpatched

Timeline:
01.07.2011 - Vendor is notified
19.07.2011 - Vendor gets vulnerability details

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
691

Discovered by: Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-17 - Arbor Networks

Vulnerability status: Unpatched

Timeline:
01.07.2011 - Vendor is notified
19.07.2011 - Vendor gets vulnerability details

Severity: Medium (7.0)
(AV:N/AC:M/Au:S/C:C/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
691

Discovered by: Maxim Tsoy, Positive Research Center (Positive Technologies Company)


PT-2011-16: Denial Of Service in Mozilla Firefox

Identifier: PT-2011-16

Vendor: Mozilla

Product:
Mozilla Firefox 3.6.x
Mozilla Firefox 4.0.x
Mozilla Firefox 16.x

Exploitation vector: Remote

Severity: Medium (5.0)
(AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 29 june, 2011

Fix issued: 21-11-2012



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-14: SQL injection vulnerability in BoonEx Dolphin

Identifier: PT-2011-14

Vendor: BoonEx

Product:
Dolphin 6.x

Exploitation vector: Remote

Severity: High (7.5)
(AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 29 june, 2011



Discovered by: Yuri Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-22: Buffer overflow in Adobe Flash Player

Identifier: PT-2011-22

Vendor: Adobe Systems

Product:
Adobe Flash Player 10.x

Exploitation vector: Remote

Severity: High (10)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID: CVE-2011-2137

Vulnerability status: Patched

Advisory published: 28 june, 2011

Fix issued: 09-08-2011



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-13: Privilege Gaining in ManageEngine ServiceDesk Plus 8.0.0

Identifier: PT-2011-13

Vendor: ManageEngine ServiceDesk Plus 8.x

Product:
ManageEngine ServiceDesk Plus 8.x

Exploitation vector: Remote

Severity: Medium (6.5)
(AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 24 june, 2011

Fix issued: 29-03-2012



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-12: Information Disclosure in ManageEngine ServiceDesk Plus 8.0

Identifier: PT-2011-12

Vendor: ManageEngine ServiceDesk Plus 8.x

Product:
ManageEngine ServiceDesk Plus 8.x

Exploitation vector: Remote

Severity: Medium (6.3)
(AV:N/AC:M/Au:S/C:C/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 24 june, 2011

Fix issued: 29-11-2011



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-11: Arbitary Files Reading in ManageEngine ServiceDesk Plus 8.0

Identifier: PT-2011-11

Vendor: ManageEngine ServiceDesk Plus 8.x

Product:
ManageEngine ServiceDesk Plus 8.x

Exploitation vector: Remote

Severity: High (7.8)
(AV:N/AC:L/Au:N/C:C/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 24 june, 2011

Fix issued: 23-04-2012



Discovered by: Dmitry Evteev, Positive Research Center (Positive Technologies Company)


PT-2011-10: Abritrary Files Loading in ManageEngine ServiceDesk Plus 8.0

Identifier: PT-2011-10

Vendor: ManageEngine ServiceDesk Plus 8.x

Product:
ManageEngine ServiceDesk Plus 8.x

Exploitation vector: Remote

Severity: High (8.5)
(AV:N/AC:M/Au:S/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 24 june, 2011

Fix issued: 23-04-2012



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-09: Arbitrary Command Execution in ManageEngine ServiceDesk Plus 8.0.0

Identifier: PT-2011-09

Vendor: ManageEngine ServiceDesk Plus 8.x

Product:
ManageEngine ServiceDesk Plus 8.x

Exploitation vector: Remote

Severity: High (8.5)
(AV:N/AC:M/Au:S/C:C/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 24 june, 2011

Fix issued: 29-03-2012



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-08: Multiple vulnerabilities in Dlink DPH 150SE/E/F1

Identifier: PT-2011-08

Vendor: D-Link

Product:
D-Link DPH 150s IP Phone

Exploitation vector: Remote

Severity: High (9.7)
(AV:N/AC:L/Au:N/C:P/I:C/A:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 24 june, 2011

Fix issued: 20-07-2011



Discovered by: Alexander Zaitsev, Gleb Gritsai and Yuri Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-07: Cross-Site Scripting in Cisco Small Business Devices

Identifier: PT-2011-07

Vendor: Cisco

Product:
Cisco SPA8000 8-port IP Telephony Gateway 6.x
Cisco SPA8800 IP Telephony Gateway 6.x
Cisco SPA2102 Phone Adapter with Router 5.x
Cisco SPA3102 Voice Gateway with Router 5.x
Cisco Small Business SPA500 Series IP Phones 7.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2011-2545

Vulnerability status: Patched

Advisory published: 23 june, 2011

Fix issued: 12-06-2012



Discovered by: Alexander Zaitsev, Gleb Gritsai, Positive Research Center (Positive Technologies Company)


PT-2011-06 - VMWare

Vulnerability status: Unpatched

Timeline:
20.06.2011 - Vendor is notified
24.06.2011 - Vendor gets vulnerability details

Severity: Medium (5.8)
(AV:N/AC:M/Au:N/C:N/I:P/A:P)

Exploitation vector: Remote


Days since vendor notification:


30
60
702

Discovered by: Denis Baranov, Positive Research Center (Positive Technologies Company)


PT-2011-05: Cross-Site Scripting in Koha Library Software

Identifier: PT-2011-05

Vendor: Koha Library Software

Product:
Koha 3.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 31 may, 2011

Fix issued: 19-06-2011



Discovered by: Yuriy Goltsev, Positive Research Center (Positive Technologies Company)


PT-2011-04: Cross-Site Scripting in Kayako Support Suite

Identifier: PT-2011-04

Vendor: Kayako Web Solutions

Product:
Kayako SupportSuite 3.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 30 may, 2011

Fix issued: 25-08-2011



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-03: Information disclosure in Kayako Support Suite

Identifier: PT-2011-03

Vendor: Kayako Web Solutions

Product:
Kayako SupportSuite 3.x

Exploitation vector: Remote

Severity: Low (5.0)
(AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 30 may, 2011

Fix issued: 25-08-2011



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-02: PHP code Injection in Kayako Support Suite

Identifier: PT-2011-02

Vendor: Kayako Web Solutions

Product:
Kayako SupportSuite 3.x

Exploitation vector: Remote

Severity: High (6.5)
(AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 30 may, 2011

Fix issued: 25-08-2011



Discovered by: Alexander Zaitsev, Positive Research Center (Positive Technologies Company)


PT-2011-01: Cross-Site Scripting in Kayako Support Suite

Identifier: PT-2011-01

Vendor: Kayako Web Solutions

Product:
Kayako SupportSuite 3.x

Exploitation vector: Remote

Severity: Medium (4.3)
(AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 30 may, 2011

Fix issued: 25-08-2011



Discovered by: Yuriy Goltsev, Positive Research Center (Positive Technologies Company)


PT-2010-11 - IrisvisiaCMS

Vulnerability status: Unpatched

Timeline:
11.09.2010 - Sent email to vendor

Severity: High (10.0)
(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitation vector: Remote


Days since vendor notification:


30
60
925

Discovered by: Yuri Goltsev, Positive Research


PT-2010-09 - Newton CMS

Vulnerability status: Unpatched

Timeline:
10.09.2010 - vendor notified
11.09.2010 - Status request sent

Severity: Medium (6.4)
(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
985

Discovered by: Yuri Goltsev, Positive Research


PT-2010-05 - OpenSSL Project

Vulnerability status: Unpatched

Timeline:
09/07/2010 - Vendor notified

Severity: Medium (6.4)
(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
988

Discovered by: Sergey Rublev, Positive Research


PT-2010-08 - Quantum Art

Vulnerability status: Unpatched

Timeline:
08.19.2010 - Vendor notified
11.09.2010 - Status request sent

Severity: Medium (6.4)
(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitation vector: Remote


Days since vendor notification:


30
60
1007

Discovered by: Dmitry Evteev, Positive Research


PT-2009-44: Multiple vulnerabilities in Kayako Support Suite - Kayako

Vulnerability status: Unpatched

Timeline:
10/12/2009 - Vendor notified
10/13/2009 - Vendor response

Severity: Medium (6.4)
AV:N/AC:H/Au:M/C:C/I:C/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1317

Discovered by: Timur Yunusov, Positive Research


PT-2009-43: Session predictability in Kayako Support Suite

Identifier: PT-2009-43

Vendor: Kayako

Product:
Kayako SupportSuite 3.x

Exploitation vector: Remote

Severity: Low (4.3)
AV:N/AC:M/Au:N/C:P/I:N

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 13 october, 2009

Fix issued: 12-03-2010



Discovered by: Timur Yunusov, Positive Research


PT-2009-42: Cross-Site Request Forgery in Kayako Support Suite

Identifier: PT-2009-42

Vendor: Kayako

Product:
Kayako SupportSuite 3.x

Exploitation vector: Remote

Severity: Medium (7.0)
AV:N/AC:M/Au:S/C:C/I:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 13 october, 2009

Fix issued: 09-02-2010



Discovered by: Timur Yunusov, Positive Research


PT-2009-41: Multiple vulnerabilities in Kayako Support Suite

Identifier: PT-2009-41

Vendor: Kayako

Product:
Kayako SupportSuite 3.x

Exploitation vector: Remote

Severity: Low (6.4)
AV:N/AC:L/Au:N/C:P/I:N/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 13 october, 2009

Fix issued: 12-03-2010



Discovered by: Timur Yunusov, Positive Research


PT-2009-40: JIRA sensitive information disclosure

Identifier: PT-2009-40

Vendor: Atlassian

Product:
JIRA 3.13.4

Exploitation vector: Remote

Severity: Low (0.0)
(AV:N/AC:L/Au:N/C:N/I:N/A:N/E:P/RL:W/RC:C)

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 june, 2009

Fix issued: 24-06-2009



Discovered by: Dmitry Evteev, Positive Research


PT-2009-39 - Avaya

Vulnerability status: Unpatched

Timeline:
04.08.2009 - Vendor notified 04.13.2009 - Vendor response 04.14.2009 - Sent detail information

Severity: Medium (6.9)
AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1503

Discovered by: Nikita Tarakanov, Positive Research


PT-2009-38 - Citrix

Vulnerability status: Unpatched

Timeline:
04.10.2009 - Vendor notified 04.16.2009 - Vendor response 04.16.2009 - Sent detail information

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1503

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-37 - Cisco

Vulnerability status: Unpatched

Timeline:
04.10.2009 - Vendor notified

Severity: Medium (6.9)
AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1503

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-36: Neo CMS SQL Injection Vulnerability

Identifier: PT-2009-36

Product:
Neo CMS

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 27 march, 2009

Fix issued: 27-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-32 Cross-Site Scripting Vulnerability - N/A

Vulnerability status: Unpatched

Timeline:
03/25/2009 - Vendor is notified
03/25/2009 - Vendor response

Severity: Medium (4.3)
AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitation vector: Remote


Days since vendor notification:


30
60
1519

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-35: SQL Injection Vulnerability - N/A

Vulnerability status: Unpatched

Timeline:
03/25/2009 - Vendor is notified
03/26/2009 - Vendor response

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1519

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-34: AKmedia CMS SQL Injection Vulnerability

Identifier: PT-2009-34

Product:
AKmedia CMS

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 25 march, 2009

Fix issued: 26-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-33 iNTERNET.cms Cross-Site Scripting Vulnerability

Identifier: PT-2009-33

Product:
iNTERNET.cms

Exploitation vector: Remote

Severity: Medium (4.3)
AV:N/AC:M/Au:N/C:N/I:P/A:N

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 25 march, 2009

Fix issued: 18-05-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-29: Tribiq CMS Multiple Vulnerabilities

Identifier: PT-2009-29

Product:
Tribiq CMS 5.0.11

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 24 march, 2009

Fix issued: 29-09-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-28: SQL Injection Vulnerability - N/A

Vulnerability status: Unpatched

Timeline:
03/24/2009 - Vendor is notified
03/24/2009 - Vendor response

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1520

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-27: Multiple Vulnerabilities - Huberspace

Vulnerability status: Unpatched

Timeline:
03/24/2009 - Vendor notified

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1520

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-30: Multiple Vulnerabilities - N/A

Vulnerability status: Patched

Timeline:
03.12.2009 - Vendor notified
no response
03.24.2009 - Second notification

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1532

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-31: Multiple Vulnerabilities - N/A

Vulnerability status: Unpatched

Timeline:
03.11.2009 - Vendor notified
no response
03.24.2009 - Second notification

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1533

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-26 Cross-Site Scripting Vulnerability - Cupid Systems

Vulnerability status: Unpatched

Timeline:
03/11/2009 - Vendor is notified
03/11/2009 - Vendor response
03/24/2009 - Requested status update from vendor

Severity: Medium (4.3)
AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitation vector: Remote


Days since vendor notification:


30
60
1533

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-25: Multiple Vulnerabilities - N/A

Vulnerability status: Unpatched

Timeline:
03/11/2009 - Vendor notified
03/11/2009 - Vendor response
03/24/2009 - Requested status update from vendor

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1533

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-19 - Cisco

Vulnerability status: Unpatched

Timeline:
03.10.2009 - Vendor notified

Severity: Medium (6.9)
AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1534

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-24: ELDORADO CMS Multiple Vulnerabilities

Identifier: PT-2009-24

Product:
ELDORADO CMS 3.x

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 04 march, 2009

Fix issued: 13-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-13: TinX CMS SQL Injection Vulnerability

Identifier: PT-2009-13

Product:
TinX/cms 3.x

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: CVE-2009-0825

Vulnerability status: Patched

Advisory published: 04 march, 2009

Fix issued: 05-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-23: Multiple Vulnerabilities - N/A

Vulnerability status: Unpatched

Timeline:
03/04/2009 - Vendor notified
03/04/2009 - Vendor response
03/04/2009 - Requested status update from vendor
03/24/2009 - Second requested status update from vendor

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation vector: Remote


Days since vendor notification:


30
60
1540

Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-16: Subrion CMS Multiple Vulnerabilities

Identifier: PT-2009-16

Product:
Subrion CMS 1.x

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 04 march, 2009

Fix issued: 25-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-12: UMI.CMS Cross-Site Scripting Vulnerability

Identifier: PT-2009-12

Vendor: Umisoft

Product:
UMI.CMS 2.x

Exploitation vector: Remote

Severity: Medium (4.3)
AV:N/AC:M/Au:N/C:N/I:P/A:N

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 04 march, 2009

Fix issued: 06-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-22: EXcms Root directory disclosure vulnerability

Identifier: PT-2009-22

Product:
EXcms 2.x

Exploitation vector: Remote

Severity: Low (0.0)
AV:N/AC:L/Au:N/C:N/I:N/A:N

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 03 march, 2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-15 Living CMS Cross-Site Scripting Vulnerability

Identifier: PT-2009-15

Product:
Living CMS 1.x

Exploitation vector: Remote

Severity: Medium (4.3)
AV:N/AC:M/Au:N/C:N/I:P/A:N

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 03 march, 2009

Fix issued: 11-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-14: BLOG CMS Cross-Site Scripting Vulnerability

Identifier: PT-2009-14

Product:
BLOG:CMS 4.x

Exploitation vector: Remote

Severity: Medium (4.3)
AV:N/AC:M/Au:N/C:N/I:P/A:N

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 03 march, 2009

Fix issued: 03-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-21: CMS.Pilot SQL Injection Vulnerability

Identifier: PT-2009-21

Product:
CMS.Pilot 1.x

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Unpatched

Advisory published: 02 march, 2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-20: A.CMS Multiple Vulnerabilities

Identifier: PT-2009-20

Product:
A.CMS 1.x

Exploitation vector: Remote

Severity: Medium (4.3)
AV:N/AC:M/Au:N/C:N/I:P/A:N

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 march, 2009

Fix issued: 04-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-18: Cetera CMS SQL Injection Vulnerability

Identifier: PT-2009-18

Product:
Cetera CMS

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 march, 2009

Fix issued: 24-03-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-17: ABO.CMS Multiple Vulnerabilities

Identifier: PT-2009-17

Product:
ABO.CMS 5.x

Exploitation vector: Remote

Severity: High (7.5)
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE ID: N/A

Vulnerability status: Patched

Advisory published: 02 march, 2009

Fix issued: 05-04-2009



Discovered by: Dmitry Evteev, Positive Technologies Research Team


PT-2009-11: SlySoft Multiple Products ElbyCDIO.sys Denial of Service

Identifier: PT-2009-11

Vendor: SlySoft

Product:
AnyDVD 6.x
Virtual CloneDrive 5.x
CloneDVD 2.x
CloneCD 5.x

Exploitation vector: Local

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

CVE ID: CVE-2009-0824

Vulnerability status: Patched

Advisory published: 11 february, 2009

Fix issued: 06-03-2009



Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-09: Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege Escalation Vulnerabilities

Identifier: PT-2009-09

Vendor: Trend Micro

Product:
Trend Micro Internet Security Pro 2009
Trend Micro Internet Security 2008
Trend Micro Internet Security Pro 2008

Exploitation vector: Local

Severity: Medium (6.9)
AV:L/AC:M/Au:N/C:C/I:C/A:C

CVE ID: CVE-2009-0686

Vulnerability status: Unpatched

Advisory published: 04 february, 2009



Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-08 - Sunbelt Software

Vulnerability status: Unpatched

Timeline:
02.04.2009 - Vendor notified
no response
02.12.2009 - Second notification
no response

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1568

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-07 - PC Tools

Vulnerability status: Unpatched

Timeline:
02.04.2009 - Vendor notified
02.11.2009 - Vendor replied
02.24.2009 - Sent detailed information

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1568

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-06 - F-Secure

Vulnerability status: Unpatched

Timeline:
02.04.2009 - Vendor notified
02.11.2009 - Vendor replied
02.16.2009 - Sent detailed information
02.16.2009 - Vendor replied

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1568

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-05: CA Internet Security Suite Denial of Service Vulnerability

Identifier: PT-2009-05

Vendor: Computer Associates (CA)

Product:
CA Internet Security Suite Plus 2009
CA Internet Security Suite Plus 2008
CA Internet Security Suite 2007

Exploitation vector: Local

Severity: Medium (4.9)
AV:L/AC:L/Au:N/C:N/I:N/A:C

CVE ID: CVE-2009-0682

Vulnerability status: Patched

Advisory published: 04 february, 2009

Fix issued: 18-08-2009



Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-04 - Tall Emu

Vulnerability status: Unpatched

Timeline:
02.04.2009 - Vendor notified
02.04.2009 - Vendor replied
02.04.2009 - Sent detailed information

Severity: Medium (6.9)
AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1568

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-03 - Tall Emu

Vulnerability status: Unpatched

Timeline:
02.04.2009 - Vendor notified
02.04.2009 - Vendor replied
02.04.2009 - Sent detailed information

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1568

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-02 - Tall Emu

Vulnerability status: Unpatched

Timeline:
02.04.2009 - Vendor notified
02.04.2009 - Sent detailed information

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1568

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2009-01: PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities

Identifier: PT-2009-01

Vendor: PGP

Product:
PGP Corporate Desktop 9.x

Exploitation vector: Local

Severity: Medium (6.2)
AV:L/AC:H/Au:N/C:C/I:C/A:C

CVE ID: CVE-2009-0681

Vulnerability status: Patched

Advisory published: 04 february, 2009

Fix issued: 02-04-2009



Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2008-09: Microsoft Windows MSMQ Privilege Escalation Vulnerability

Identifier: PT-2008-09

Vendor: Microsoft

Product:
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Storage Server 2003
Microsoft Windows Vista

Exploitation vector: Local

Severity: High (7.2)
AV:L/AC:M/Au:S/C:C/I:C/A:C

CVE ID: CVE-2009-1922

Vulnerability status: Patched

Advisory published: 19 november, 2008

Fix issued: 11-08-2009



Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2008-08 - Microsoft

Vulnerability status: Unpatched

Timeline:
11.19.2008 - Vendor notified
11.21.2008 - Vendor replied

Severity: Medium (4.7)
AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1645

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2008-07: VMware Multiple Products hcmon.sys Denial of Service Vulnerability

Identifier: PT-2008-07

Vendor: VMWare

Product:
VMware Workstation 6.x
VMWare Player 2.x
VMWare ACE 2.x
VMware Server 2.x

Exploitation vector: Local

Severity: Medium (4.4)
AV:L/AC:M/Au:S/C:N/I:N/A:C

CVE ID: CVE-2009-1146

Vulnerability status: Patched

Advisory published: 14 october, 2008

Fix issued: 31-03-2009



Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2008-06 VMware Multiple Products Denial of Service Vulnerability - VMWare

Vulnerability status: Patched

Timeline:
10.14.2008 - Vendor notified
10.16.2008 - Vendor replied
10.16.2008 - Sent detailed information
05.28.2009 - Vendor releases fixed version and details

Severity: Medium (4.4)
AV:L/AC:M/Au:S/C:N/I:N/A:C

Exploitation vector: Local


Days since vendor notification:


30
60
1681

Discovered by: Nikita Tarakanov, Positive Technologies Research Team


PT-2008-05: VMware Multiple Products vmci.sys Privilege Escalation Vulnerability

Identifier: PT-2008-05

Vendor: VMWare

Product:
VMware Workstation 6.x
VMWare Player 2.x
VMware Server 2.x
VMWare ACE 2.x

Exploitation vector: Local

Severity: Medium (6.6)
AV:L/AC:M/Au:S/C:C/I:C/A:C

CVE ID: CVE-2009-1147

Vulnerability status: Patched

Advisory published: 14 october, 2008

Fix issued: 03-04-2009



Discovered by: Nikita Tarakanov, Positive Technologies Research Team


Search
Cisco

Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities

Cisco Security Agent is affected by vulnerabilities that could allow an unauthenticated attacker to ...

27 october, 2011

Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 24 ...

27 october, 2011

Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability

Cisco Unified Contact Center Express (UCCX or Unified CCX) and Cisco Unified IP Interactive ...

27 october, 2011

Microsoft

MS13-046: Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2840221)

This security update resolves three privately reported vulnerabilities in Microsoft Windows.

14 may, 2013

MS13-045: Vulnerability in Windows Essentials Could Allow Information Disclosure (2813707)

This security update resolves a privately reported vulnerability in Windows Essentials.

14 may, 2013

MS13-043: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)

This security update resolves one privately reported vulnerability in Microsoft Office.

14 may, 2013

Sun Microsystems

This Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product

This Sun Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product.

14 april, 2010

This Alert Covers CVE-2010-0893 for the Mail Component of the Sun Convergence Product

This Alert covers CVE-2010-0893 for the mail component of the Sun Convergence product.

14 april, 2010

SunOS 5.10_x86: ucode driver patch

6905530 processor microcode code can panic when retrieving microcode revision.

02 february, 2010

AdvertismentAbout ProjectContact UsCopyrightExportRSSMy SettingsMap