DB Version:
4.314
Num New:
2
New:
MS.Active.Template.Library.Header.Memcopy.Code.Execution^critical
VLC.Media.Player.SMB.URI.Handling.Buffer.Overflow^critical
Num Enhanced:
13
Enhanced:
Cisco.Secure.ACS.LoginProxy.CGI.XSS^medium
DataLife.Engine.Catlist.Parameter.PHP.Code.Injection^high
EMC.AlphaStor.Library.Manager.Arbitrary.Command.Execution^high
Foxit.Reader.Firefox.Plugin.URL.String.Stack.Buffer.Overflow^high
HP.LoadRunner.XUpload.MakeHttpRequest.ActiveX.Control.Access^critical
MS.Excel.EDG.Publisher.Code.Execution^critical
MS.IE.JPEG.Rendering.Buffer.Overflow^high
MS.Message.Queuing.Remote.Buffer.Overflow^critical
MS.Windows.Movie.Maker.Producer.Heap.Overflow^critical
Novell.GroupWise.Client.Windows.ActiveX.Code.Execution^medium
Portable.SDK.UPnP.SSDP.Buffer.Overflow^critical
Schneider.Electric.Interactive.Graphical.SCADA.Buffer.Overflow^critical
Trend.Micro.InterScan.Viruswall.Directory.Traversal^high
Num Renamed:
39
Renamed:
Advantech.WebAccess.HMI.SCADA.Software.XSS^Previous name: "Advantech.WebAccess.HMI.SCADA.Software.XSS.Vulnerability"
BASE.Base.QRY.Common.Remote.File.Inclusion^Previous name: "BASE.Base.QRY.Common.Remote.File.Include"
BlackBoard.NewsBoard.Remote.File.Inclusion^Previous name: "BlackBoard.NewsBoard.Remote.File.Include"
EvoBB.Path.Parameter.Remote.File.Inclusion^Previous name: "EvoBB.Path.Parameter.Remote.File.Include"
EZTicket.Common.PHP.Remote.File.Inclusion^Previous name: "EZTicket.Common.PHP.Remote.File.Include"
Foing.Module.phpBB.phpbb_root_path.File.Inclusion^Previous name: "Foing.Module.phpBB.phpbb_root_path.File.Include"
GrayCMS.error.php.Remote.File.Inclusion^Previous name: "GrayCMS.error.php.Remote.File.Include"
Jshop.Server.PHP.Remote.File.Inclusion^Previous name: "Jshop.Server.PHP.Remote.File.Include"
Linux.Kernel.Local.Privilege.Escalation^Previous name: "Linux.Kernel.Local.Privilege.Escalation.Vulnerability"
Mambo.Gallery.Manager.Remote.File.Inclusion^Previous name: "Mambo.MosConfig.Absolute.Path.Remote.File.Include"
MS.Excel.Formula.Parsing.Remote.Code.Execution^Previous name: "MS.Excel.Formula.Parsing.Vulnerability.Code.Execution"
NaboCorp.Softwares.NaboPoll.Remote.File.Inclusion^Previous name: "NaboCorp.Softwares.NaboPoll.Remote.File.Include"
OABoard.Forum.Script.Remote.File.Inclusion^Previous name: "OABoard.Forum.Script.Remote.File.Include"
PHP.APA.apaphpinclude.inc.php.Remote.File.Inclusion^Previous name: "PHP.APA.apaphpinclude.inc.php.Remote.File.Include"
PHP.BITRIX.Site.Manager.Remote.File.Inclusion^Previous name: "PHP.BITRIX.Site.Manager.Remote.File.Include"
PHP.Blackboard.Newsboard.Remote.File.Inclusion^Previous name: "PHP.Blackboard.Newsboard.Remote.File.Include"
PHP.CaLogic.Remote.File.Inclusion^Previous name: "PHP.CaLogic.Remote.File.Include.Vuln"
PHP.Greetz.Remote.File.Inclusion^Previous name: "PHP.Greetz.Remote.File.Include"
PHP.iPhotoAlbum.Remote.File.Inclusion^Previous name: "PHP.iPhotoAlbum.Remote.File.Include"
PHP.JAWS.BlogModel.php.Remote.File.Inclusion^Previous name: "PHP.JAWS.BlogModel.php.Remote.File.Include"
PHP.Jinzora.IncludePath.Remote.File.Inclusion^Previous name: "PHP.Jinzora.IncludePath.Remote.File.Include"
PHP.Live.Helper.Global.PHP.Remote.File.Inclusion^Previous name: "PHP.Live.Helper.Global.PHP.Remote.File.Include"
PHP.MooseGallery.Display.php.Remote.File.Inclusion^Previous name: "PHP.MooseGallery.Display.php.Remote.File.Include"
PHP.MyGuestbook.Form.inc.php3.Remote.File.Inclusion^Previous name: "PHP.MyGuestbook.Form.inc.php3.Remote.File.Include"
PHP.PHPAdsNew.PhpAdsPath.File.Inclusion^Previous name: "PHP.PHPAdsNew.PhpAdsPath.File.Include"
PHP.PPA.PpaRootPath.Remote.File.Inclusion^Previous name: "PHP.PPA.PpaRootPath.Remote.File.Include"
PHP.SimplicityOfUpload.Download.php.Remote.File.Inclusion^Previous name: "PHP.SimplicityOfUpload.Download.php.Remote.File.Include"
PHP.XOOPS.Mainfile.Local.File.Inclusion^Previous name: "PHP.XOOPS.Mainfile.Local.File.Include"
PHP.Yawp.ConfPath.Remote.File.Inclusion^Previous name: "PHP.Yawp.ConfPath.Remote.File.Include"
PHPMyGallery.Commontplvars.php.Script.File.Inclusion^Previous name: "PHPMyGallery.Commontplvars.php.Script.File.Include"
PHPNews.auth.Remote.File.Inclusion^Previous name: "PHPNews.auth.Remote.File.Include"
pMachinePro.mail_autocheck.Remote.File.Inclusion^Previous name: "pMachinePro.mail_autocheck.Remote.File.Include"
RaXnet.Cacti.ConfigSettings.PHP.Remote.File.Inclusion^Previous name: "RaXnet.Cacti.ConfigSettings.PHP.Remote.File.Include"
Sabdrimer.CMS.Advanced1.PHP.Remote.File.Inclusion^Previous name: "Sabdrimer.CMS.Advanced1.PHP.Remote.File.Include"
SPiD.LangPath.File.Inclusion^Previous name: "SPiD.LangPath.File.Include"
Squito.Gallery.Photolist.inc.php.File.Inclusion^Previous name: "Squito.Gallery.Photolist.inc.php.File.Include"
TurnkeyWebTools.PHP.Simple.Shop.Multiple.Remote.File.Inclusion^Previous name: "TurnkeyWebTools.PHP.Simple.Shop.Multiple.Remote.File.Include"
WMNews.Multiple.Remote.File.Inclusion^Previous name: "WMNews.Multiple.Remote.File.Include"
YaBB.SE.Packages.php.Remote.File.Inclusion^Previous name: "YaBB.SE.Packages.php.Remote.File.Include"
Num Deprecated:
1
Deprecated:
HTML.Email.Creator.HTML.Tags.Overflow^medium
Num Attribute Changed:
50
Attribute Changed:
Adobe.Acrobat.Reader.JPEG2000.JP2K.Parsing.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Acrobat.Reader.TrueType.Font.TTC.Table.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Flash.PCM.Parsing.Heap.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.DefineButton.Tag.Handling.Memory.Corruption^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.DoInitAction.Tag.Parsing.Memory.Corruption^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.IE.Plugin.Use.After.Free^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.JPEG.Parsing.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.Memory.Corruption^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.Privilege.Escalation^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.Stack.Memory.Re.Allocation.Memory.Corruption^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.SymbolClass.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.TextField.Properties.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Flash.Player.Traits.Structure.Handling.Code.Execution^Default_action updated to 'drop' from 'pass'
Adobe.Reader.JPEG.Parsing.Heap.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Reader.openDoc.Security.Bypass^Default_action updated to 'drop' from 'pass'
Adobe.Reader.PDF.Parsed.DoS^Default_action updated to 'drop' from 'pass'
Adobe.Reader.StructTreeRoot.Parsing.Stack.Overflow^Default_action updated to 'drop' from 'pass'
Adobe.Reader.TTF.CMAP.Handling.Memory.Corruption^Default_action updated to 'drop' from 'pass'
Android.Kernel.Level.SD.Card.Write.DoS^Default_action updated to 'drop' from 'pass'
Cisco.Wireless.Lan.Controller.DoS^Default_action updated to 'drop' from 'pass'
Cisco.Wireless.Lan.Controller.XSS^Default_action updated to 'drop' from 'pass'
Contaware.FreeVimager.GIF.LZWMinimumCodeSize.Memory.Corruption^Default_action updated to 'drop' from 'pass'
DLink.DSL.redpass.cgi.XSS^Default_action updated to 'drop' from 'pass'
FreeFloat.FTP.Server.Arbitrary.File.Upload^Default_action updated to 'drop' from 'pass'
FTP.Server.PORT.Command.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
GIMP.XWD.File.Handling.Stack.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
IBM.System.Director.Remote.System.Level.Code.Execution^Default_action updated to 'drop' from 'pass'
IrfanView.IMXCF.Plugin.XCF.File.Parsing.Buffer.Overflow^Default_action updated to 'drop' from 'pass'
Microsoft.Office.OneNote.2010.DoS^Default_action updated to 'drop' from 'pass'
MS.IE9.Table.Tag.Handling.Stack.Overflow^Default_action updated to 'drop' from 'pass'
MS.MSXML.XSLT.Pointer.Handling.Remote.Code.Execution^Default_action updated to 'drop' from 'pass'
MS.SCOM.Web.Console.XSS^Default_action updated to 'drop' from 'pass'
MS.Windows.OpenType.Font.Remote.Code.Execution^Default_action updated to 'drop' from 'pass'
MS.Windows.System.Center.Operations.Manager.Web.Console.XSS^Default_action updated to 'drop' from 'pass'
MS.Word.RTF.Listoverridecount.Remote.Code.Execution^Default_action updated to 'drop' from 'pass'
MySQL.Remote.Preauth.User.Enumeration^Default_action updated to 'drop' from 'pass'
MySQL.UpdateXML.Function.DoS^Default_action updated to 'drop' from 'pass'
MySQL.Windows.Remote.Root.Privilege.Code.Execution^Default_action updated to 'drop' from 'pass'
MySQL.Windows.Remote.System.Level.Exploit^Default_action updated to 'drop' from 'pass'
Nagios.XI.Network.Monitor.Graph.Explorer.Command.Injection^Default_action updated to 'drop' from 'pass'
Netwin.SurgeFTP.Remote.Command.Execution^Default_action updated to 'drop' from 'pass'
Nullsoft.Shoutcast.Logfile.HTML.Injection^Default_action updated to 'drop' from 'pass'
Oracle.Java.MethodHandles.Lookup.Remote.Code.Execution^Default_action updated to 'drop' from 'pass'
Oracle.OpenSSO.XSS.POST.Injection^Default_action updated to 'drop' from 'pass'
Splunk.5.Custom.App.Remote.Code.Execution^Default_action updated to 'drop' from 'pass'
TeeChart.Professional.ActiveX.Code.Execution^Default_action updated to 'drop' from 'pass'
TWiki.MAKETEXT.Remote.Command.Execution^Default_action updated to 'drop' from 'pass'
VCard.Pro.Create.PHP.XSS^Default_action updated to 'drop' from 'pass'
VMware.OVF.Tool.ovf.File.Parsing.Format.String^Default_action updated to 'drop' from 'pass'
Wordpress.PHP.Application.XSS^Default_action updated to 'drop' from 'pass'