4.314 - Released On 2013-03-08 10:07:08 -0800

Newly Added (2)

• MS.Active.Template.Library.Header.Memcopy.Code.Execution (critical)
• VLC.Media.Player.SMB.URI.Handling.Buffer.Overflow (critical)

Updated (13)

• Cisco.Secure.ACS.LoginProxy.CGI.XSS (medium)
• DataLife.Engine.Catlist.Parameter.PHP.Code.Injection (high)
• EMC.AlphaStor.Library.Manager.Arbitrary.Command.Execution (high)
• Foxit.Reader.Firefox.Plugin.URL.String.Stack.Buffer.Overflow (high)
• HP.LoadRunner.XUpload.MakeHttpRequest.ActiveX.Control.Access (critical)
• MS.Excel.EDG.Publisher.Code.Execution (critical)
• MS.IE.JPEG.Rendering.Buffer.Overflow (high)
• MS.Message.Queuing.Remote.Buffer.Overflow (critical)
• MS.Windows.Movie.Maker.Producer.Heap.Overflow (critical)
• Novell.GroupWise.Client.Windows.ActiveX.Code.Execution (medium)
• Portable.SDK.UPnP.SSDP.Buffer.Overflow (critical)
• Schneider.Electric.Interactive.Graphical.SCADA.Buffer.Overflow (critical)
• Trend.Micro.InterScan.Viruswall.Directory.Traversal (high)

Renamed (39)

• Advantech.WebAccess.HMI.SCADA.Software.XSS (Previous name: "Advantech.WebAccess.HMI.SCADA.Software.XSS.Vulnerability")
• BASE.Base.QRY.Common.Remote.File.Inclusion (Previous name: "BASE.Base.QRY.Common.Remote.File.Include")
• BlackBoard.NewsBoard.Remote.File.Inclusion (Previous name: "BlackBoard.NewsBoard.Remote.File.Include")
• EvoBB.Path.Parameter.Remote.File.Inclusion (Previous name: "EvoBB.Path.Parameter.Remote.File.Include")
• EZTicket.Common.PHP.Remote.File.Inclusion (Previous name: "EZTicket.Common.PHP.Remote.File.Include")
• Foing.Module.phpBB.phpbb_root_path.File.Inclusion (Previous name: "Foing.Module.phpBB.phpbb_root_path.File.Include")
• GrayCMS.error.php.Remote.File.Inclusion (Previous name: "GrayCMS.error.php.Remote.File.Include")
• Jshop.Server.PHP.Remote.File.Inclusion (Previous name: "Jshop.Server.PHP.Remote.File.Include")
• Linux.Kernel.Local.Privilege.Escalation (Previous name: "Linux.Kernel.Local.Privilege.Escalation.Vulnerability")
• Mambo.Gallery.Manager.Remote.File.Inclusion (Previous name: "Mambo.MosConfig.Absolute.Path.Remote.File.Include")
• MS.Excel.Formula.Parsing.Remote.Code.Execution (Previous name: "MS.Excel.Formula.Parsing.Vulnerability.Code.Execution")
• NaboCorp.Softwares.NaboPoll.Remote.File.Inclusion (Previous name: "NaboCorp.Softwares.NaboPoll.Remote.File.Include")
• OABoard.Forum.Script.Remote.File.Inclusion (Previous name: "OABoard.Forum.Script.Remote.File.Include")
• PHP.APA.apaphpinclude.inc.php.Remote.File.Inclusion (Previous name: "PHP.APA.apaphpinclude.inc.php.Remote.File.Include")
• PHP.BITRIX.Site.Manager.Remote.File.Inclusion (Previous name: "PHP.BITRIX.Site.Manager.Remote.File.Include")
• PHP.Blackboard.Newsboard.Remote.File.Inclusion (Previous name: "PHP.Blackboard.Newsboard.Remote.File.Include")
• PHP.CaLogic.Remote.File.Inclusion (Previous name: "PHP.CaLogic.Remote.File.Include.Vuln")
• PHP.Greetz.Remote.File.Inclusion (Previous name: "PHP.Greetz.Remote.File.Include")
• PHP.iPhotoAlbum.Remote.File.Inclusion (Previous name: "PHP.iPhotoAlbum.Remote.File.Include")
• PHP.JAWS.BlogModel.php.Remote.File.Inclusion (Previous name: "PHP.JAWS.BlogModel.php.Remote.File.Include")
• PHP.Jinzora.IncludePath.Remote.File.Inclusion (Previous name: "PHP.Jinzora.IncludePath.Remote.File.Include")
• PHP.Live.Helper.Global.PHP.Remote.File.Inclusion (Previous name: "PHP.Live.Helper.Global.PHP.Remote.File.Include")
• PHP.MooseGallery.Display.php.Remote.File.Inclusion (Previous name: "PHP.MooseGallery.Display.php.Remote.File.Include")
• PHP.MyGuestbook.Form.inc.php3.Remote.File.Inclusion (Previous name: "PHP.MyGuestbook.Form.inc.php3.Remote.File.Include")
• PHP.PHPAdsNew.PhpAdsPath.File.Inclusion (Previous name: "PHP.PHPAdsNew.PhpAdsPath.File.Include")
• PHP.PPA.PpaRootPath.Remote.File.Inclusion (Previous name: "PHP.PPA.PpaRootPath.Remote.File.Include")
• PHP.SimplicityOfUpload.Download.php.Remote.File.Inclusion (Previous name: "PHP.SimplicityOfUpload.Download.php.Remote.File.Include")
• PHP.XOOPS.Mainfile.Local.File.Inclusion (Previous name: "PHP.XOOPS.Mainfile.Local.File.Include")
• PHP.Yawp.ConfPath.Remote.File.Inclusion (Previous name: "PHP.Yawp.ConfPath.Remote.File.Include")
• PHPMyGallery.Commontplvars.php.Script.File.Inclusion (Previous name: "PHPMyGallery.Commontplvars.php.Script.File.Include")
• PHPNews.auth.Remote.File.Inclusion (Previous name: "PHPNews.auth.Remote.File.Include")
• pMachinePro.mail_autocheck.Remote.File.Inclusion (Previous name: "pMachinePro.mail_autocheck.Remote.File.Include")
• RaXnet.Cacti.ConfigSettings.PHP.Remote.File.Inclusion (Previous name: "RaXnet.Cacti.ConfigSettings.PHP.Remote.File.Include")
• Sabdrimer.CMS.Advanced1.PHP.Remote.File.Inclusion (Previous name: "Sabdrimer.CMS.Advanced1.PHP.Remote.File.Include")
• SPiD.LangPath.File.Inclusion (Previous name: "SPiD.LangPath.File.Include")
• Squito.Gallery.Photolist.inc.php.File.Inclusion (Previous name: "Squito.Gallery.Photolist.inc.php.File.Include")
• TurnkeyWebTools.PHP.Simple.Shop.Multiple.Remote.File.Inclusion (Previous name: "TurnkeyWebTools.PHP.Simple.Shop.Multiple.Remote.File.Include")
• WMNews.Multiple.Remote.File.Inclusion (Previous name: "WMNews.Multiple.Remote.File.Include")
• YaBB.SE.Packages.php.Remote.File.Inclusion (Previous name: "YaBB.SE.Packages.php.Remote.File.Include")

Attribute Changed (50)

• Adobe.Acrobat.Reader.JPEG2000.JP2K.Parsing.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Acrobat.Reader.TrueType.Font.TTC.Table.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.PCM.Parsing.Heap.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.DefineButton.Tag.Handling.Memory.Corruption (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.DoInitAction.Tag.Parsing.Memory.Corruption (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.IE.Plugin.Use.After.Free (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.JPEG.Parsing.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.Memory.Corruption (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.Privilege.Escalation (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.Stack.Memory.Re.Allocation.Memory.Corruption (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.SymbolClass.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.TextField.Properties.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Flash.Player.Traits.Structure.Handling.Code.Execution (Default_action updated to 'drop' from 'pass')
• Adobe.Reader.JPEG.Parsing.Heap.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Reader.openDoc.Security.Bypass (Default_action updated to 'drop' from 'pass')
• Adobe.Reader.PDF.Parsed.DoS (Default_action updated to 'drop' from 'pass')
• Adobe.Reader.StructTreeRoot.Parsing.Stack.Overflow (Default_action updated to 'drop' from 'pass')
• Adobe.Reader.TTF.CMAP.Handling.Memory.Corruption (Default_action updated to 'drop' from 'pass')
• Android.Kernel.Level.SD.Card.Write.DoS (Default_action updated to 'drop' from 'pass')
• Cisco.Wireless.Lan.Controller.DoS (Default_action updated to 'drop' from 'pass')
• Cisco.Wireless.Lan.Controller.XSS (Default_action updated to 'drop' from 'pass')
• Contaware.FreeVimager.GIF.LZWMinimumCodeSize.Memory.Corruption (Default_action updated to 'drop' from 'pass')
• DLink.DSL.redpass.cgi.XSS (Default_action updated to 'drop' from 'pass')
• FreeFloat.FTP.Server.Arbitrary.File.Upload (Default_action updated to 'drop' from 'pass')
• FTP.Server.PORT.Command.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• GIMP.XWD.File.Handling.Stack.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• IBM.System.Director.Remote.System.Level.Code.Execution (Default_action updated to 'drop' from 'pass')
• IrfanView.IMXCF.Plugin.XCF.File.Parsing.Buffer.Overflow (Default_action updated to 'drop' from 'pass')
• Microsoft.Office.OneNote.2010.DoS (Default_action updated to 'drop' from 'pass')
• MS.IE9.Table.Tag.Handling.Stack.Overflow (Default_action updated to 'drop' from 'pass')
• MS.MSXML.XSLT.Pointer.Handling.Remote.Code.Execution (Default_action updated to 'drop' from 'pass')
• MS.SCOM.Web.Console.XSS (Default_action updated to 'drop' from 'pass')
• MS.Windows.OpenType.Font.Remote.Code.Execution (Default_action updated to 'drop' from 'pass')
• MS.Windows.System.Center.Operations.Manager.Web.Console.XSS (Default_action updated to 'drop' from 'pass')
• MS.Word.RTF.Listoverridecount.Remote.Code.Execution (Default_action updated to 'drop' from 'pass')
• MySQL.Remote.Preauth.User.Enumeration (Default_action updated to 'drop' from 'pass')
• MySQL.UpdateXML.Function.DoS (Default_action updated to 'drop' from 'pass')
• MySQL.Windows.Remote.Root.Privilege.Code.Execution (Default_action updated to 'drop' from 'pass')
• MySQL.Windows.Remote.System.Level.Exploit (Default_action updated to 'drop' from 'pass')
• Nagios.XI.Network.Monitor.Graph.Explorer.Command.Injection (Default_action updated to 'drop' from 'pass')
• Netwin.SurgeFTP.Remote.Command.Execution (Default_action updated to 'drop' from 'pass')
• Nullsoft.Shoutcast.Logfile.HTML.Injection (Default_action updated to 'drop' from 'pass')
• Oracle.Java.MethodHandles.Lookup.Remote.Code.Execution (Default_action updated to 'drop' from 'pass')
• Oracle.OpenSSO.XSS.POST.Injection (Default_action updated to 'drop' from 'pass')
• Splunk.5.Custom.App.Remote.Code.Execution (Default_action updated to 'drop' from 'pass')
• TeeChart.Professional.ActiveX.Code.Execution (Default_action updated to 'drop' from 'pass')
• TWiki.MAKETEXT.Remote.Command.Execution (Default_action updated to 'drop' from 'pass')
• VCard.Pro.Create.PHP.XSS (Default_action updated to 'drop' from 'pass')
• VMware.OVF.Tool.ovf.File.Parsing.Format.String (Default_action updated to 'drop' from 'pass')
• Wordpress.PHP.Application.XSS (Default_action updated to 'drop' from 'pass')

Deprecated (1)

• HTML.Email.Creator.HTML.Tags.Overflow