Overview

Advisories

Research

Forums

Create Profile

Our Commitment

About the Team

Disclosure Policy

SVCRP

Vulnerabilities Discovered or Coordinated by Secunia Research

Below shows a complete listing of current Secunia Research Advisories.

2013 Total Vulnerabilities: 48 Total Advisories: 36 [-] [-] Discovered by Secunia ( 8 vulnerabilities, 4 advisories ) Time to Patch Discovered by Vulnerabilities WordPress Mingle Forum Plugin Four SQL Injection Vulnerabilities 99 days Secunia Research 4 WordPress Mingle Forum Plugin Two Cross-Site Scripting Vulnerabilities 112 days Secunia Research 2 Oracle Outside In Technology Paradox Database Handling Buffer Overflow 97 days Dmitriy Pletnev 1 Oracle Outside In Technology Paradox Database Handling Denial of Service 97 days Dmitriy Pletnev 1 [-] Coordinated by Secunia ( 40 vulnerabilities, 32 advisories ) Time to Patch Discovered by Vulnerabilities SA51344 WordPress Video Gallery Plugin "playid" SQL Injection Vulnerability Unpatched (183 days) Charlie Eriksen 1 SA52953 WordPress Easy AdSense Lite Plugin Cross-Site Request Forgery Vulnerability 11 days Charlie Eriksen 1 SA51725 ERDAS ER Viewer "ERM_convert_to_correct_webpath()" Buffer Overflow Vulnerability 55 days Parvez Anwar 1 SA51647 ERDAS APOLLO ECWP Browser Plugin Buffer Overflow Vulnerability 84 days Parvez Anwar 1 SA53151 WordPress FourSquare Checkins Plugin Cross-Site Request Forgery Vulnerability 3 days Charlie Eriksen 1 SA51510 Global Mapper Insecure Library Loading Vulnerability Unpatched (132 days) Parvez Anwar 1 SA52962 WordPress Facebook Members Plugin Cross-Site Request Forgery Vulnerability 3 days Charlie Eriksen 1 SA52877 WordPress All in One Webmaster Plugin Cross-Site Request Forgery Vulnerability 3 days Charlie Eriksen 1 SA51501 Oracle WebLogic Server "SNMPMonitoringTablePortlet[SNMPMonitoringTable]sortby" Cross-Site Scripting Vulnerability 118 days Fernando Munoz 1 SA52864 WordPress WP Symposium Plugin "u" Cross-Site Scripting Vulnerability 8 days Charlie Eriksen 1 SA52925 WordPress WP Symposium Plugin "u" Redirection Weakness Unpatched (48 days) Charlie Eriksen 1 SA52863 WordPress WP-DownloadManager Plugin Cross-Site Request Forgery Vulnerability 3 days Charlie Eriksen 1 SA52876 WordPress WP125 Plugin Cross-Site Request Forgery Vulnerability 1 days Charlie Eriksen 1 SA52878 WordPress WP-Print Plugin Cross-Site Request Forgery Vulnerability 1 days Charlie Eriksen 1 SA52396 Chamilo Multiple Cross-Site Scripting and Script Insertion Vulnerabilities 3 days Fernando Muñoz 3 SA51652 Google Picasa TIFF Image Handling Buffer Underflow Vulnerability 77 days Juan Pablo Lopez Yacubian 1 SA51652 Google Picasa BMP "biBitCount" Handling Buffer Overflow Vulnerability 71 days Kaveh Ghaemmaghami 1 SA51410 TripAdvisor for iOS Login Credentials Disclosure Security Issue Unpatched (158 days) Charlie Eriksen 1 SA51917 WordPress MailUp Plugin Ajax Functions Security Bypass Unpatched (91 days) Charlie Eriksen 1 SA51791 Adobe Acrobat PCX Image Conversion Buffer Overflow Vulnerability 78 days ADLab 1 SA51088 WordPress Car Demon Plugin Multiple Script Insertion Vulnerabilities Unpatched (208 days) Zhao Liang 1 SA50836 WordPress WP Online Store Plugin File Disclosure and File Inclusion Vulnerabilities 105 days Charlie Eriksen 2 SA51921 Newscoop URL Cross-Site Scripting Vulnerability 11 days Pawel Haldrzynski 1 SA50260 Lockstep Systems Backup for Workgroups Login Buffer Overflow Vulnerability 175 days worstenbrood 1 SA51923 PostgreSQL "enum_recv()" Denial of Service Vulnerability 3 days Sumit Soni 1 SA51855 PDF-XChange Viewer JPEG Stream Processing Buffer Overflow Vulnerability 3 days Fernando Muñoz 1 SA50674 WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities 116 days Charlie Eriksen 6 SA51531 WordPress DVS Custom Notification Plugin Cross-Site Request Forgery Vulnerability Unpatched (159 days) Zhao Liang 1 SA51602 Cool PDF Reader PDF Processing Buffer Overflow Vulnerability Unpatched (144 days) Francis Provencher 1 SA50833 WordPress Zingiri Forum Plugin "url" Arbitrary File Disclosure Vulnerability 93 days Charlie Eriksen 1 SA50832 WordPress Google Doc Embedder Plugin Arbitrary File Disclosure Vulnerability 76 days Charlie Eriksen 1 SA51366 Call of Duty Elite for iOS Certificate Verification Security Issue Unpatched (154 days) Charlie Eriksen 1 2012 Total Vulnerabilities: 261 Total Advisories: 180 [+] [+] Discovered by Secunia ( 61 vulnerabilities, 31 advisories ) Time to Patch Discovered by Vulnerabilities Adobe Camera Raw Plug-in TIFF Image Processing Integer Overflow 146 days Dmitriy Pletnev 1 Novell GroupWise iCalendar Date/Time Parsing Denial of Service 333 days Carsten Eiram 1 Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow 156 days Carsten Eiram 1 Baby Gekko URL Cross-Site Scripting Vulnerability 29 days Secunia Research 1 Citrix Access Gateway Plug-in for Windows nsepacom ActiveX Control Buffer Overflow 388 days Dmitriy Pletnev 1 Citrix Access Gateway Plug-in for Windows nsepacom ActiveX Control Integer Overflow 388 days Dmitriy Pletnev 1 Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow Unpatched (424 days) Carsten Eiram 1 DokuWiki "ns" Cross-Site Scripting Vulnerability 6 days Secunia Research 1 GEAR CD DVD Filter Driver GEARAspiWDM.sys IOCTL Handling Integer Overflow Unpatched (363 days) Dmitriy Pletnev 1 SyndeoCMS "newsletter_email" SQL Injection Vulnerability 300 days Secunia Research 1 Network Instruments Observer SNMP Processing Buffer Overflows 96 days Dmitriy Pletnev 2 Network Instruments Observer SNMP OID Processing Denial of Service Unpatched (438 days) Dmitriy Pletnev 1 Pligg CMS Four SQL Injection Vulnerabilities 10 days Kasper Lindgaard 4 Pligg CMS Six Cross-Site Scripting Vulnerabilities 10 days Kasper Lindgaard 6 Joomla! JCE Component Security Bypass Vulnerability 18 days Jon Butler 1 Joomla! JCE Component "search" Cross-Site Scripting Vulnerability 18 days Jon Butler 1 Joomla! JCE Component Arbitrary File Upload Vulnerability 11 days Jon Butler 1 Joomla! JCE Component "search" Cross-Site Scripting Vulnerability 11 days Jon Butler 1 Quest Toad for Data Analysts Insecure Default Directory Permissions Unpatched (407 days) Secunia Research 1 SyndeoCMS Six Local File Inclusion Vulnerabilities 164 days Secunia Research 6 SyndeoCMS CKEditor Arbitrary File Upload Vulnerability 164 days Secunia Research 1 SyndeoCMS Nine SQL Injection Vulnerabilities 164 days Secunia Research 9 Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities 257 days Dmitriy Pletnev 2 RealNetworks Helix Server Credentials Disclosure Security Issue 257 days Dmitriy Pletnev 1 Csound pv_import Integer Overflow Vulnerability Unpatched (488 days) Secunia Research 1 Csound lpci_import Integer Overflow Vulnerability 61 days Secunia Research 2 MinaliC Three Buffer Overflow Vulnerabilities Unpatched (439 days) Secunia Research 3 Csound lpci_import Buffer Overflow Vulnerability 61 days Secunia Research 1 Csound "getnum()" Function Two Buffer Overflow Vulnerabilities Unpatched (488 days) Secunia Research 2 NTR ActiveX Control "StopModule()" Input Validation Vulnerability 155 days Carsten Eiram 1 NTR ActiveX Control Four Buffer Overflow Vulnerabilities 155 days Carsten Eiram 4 [+] Coordinated by Secunia ( 200 vulnerabilities, 149 advisories ) Time to Patch Discovered by Vulnerabilities SA49929 Adobe Camera Raw Plug-in TIFF Image LZW Decoding Buffer Underflow Vulnerability 146 days Francis Provencher 1 SA50974 SmarterMail "txtDisplayAs_SettingText" Script Insertion Vulnerability 47 days Zhao Liang 1 SA51093 SBLIM "cmpi-base" UnixProcessProvider Shell Command Injection Vulnerability 8 days Luca Carettoni and Claudio Criscione 1 SA51037 WordPress Advanced Custom Fields Plugin "acf_abspath" Remote File Inclusion Vulnerability 29 days Kevin Biloski and Charlie Eriksen 1 SA50971 WordPress Amazon Associate Plugin "callback" Cross-Site Scripting Vulnerability Unpatched (220 days) Charlie Eriksen 1 SA50972 WordPress Buddystream Plugin "content" and "link" Cross-Site Scripting Vulnerabilities Unpatched (220 days) Charlie Eriksen 2 SA50982 WordPress post-views Plugin "search_input" Cross-Site Scripting Vulnerability Unpatched (217 days) Charlie Eriksen 1 SA49878 DotNetNuke Multiple Vulnerabilities 192 days Sunil Yadav 3 SA48572 Adobe InDesign Server "RunScript" SOAP Message Command Execution Vulnerability 204 days Hans-Martin Muench 1 SA49987 WibuKey Runtime for Windows ActiveX Control Buffer Overflow Vulnerability 131 days Francis Provencher 1 SA51082 WordPress DX-Contribute Plugin Cross-Site Request Forgery Vulnerability Unpatched (209 days) Zhao Liang 1 SA50976 WordPress WP125 Plugin "editad" Cross-Site Scripting Vulnerability 21 days Charlie Eriksen 1 SA49856 IrfanView RLE Decompression Buffer Overflow Vulnerability 170 days Francis Provencher 1 SA50993 Oracle Outside In Technology JPG Import Filter Denial of Service Vulnerability 99 days Francis Provencher 1 SA48430 CYME ChartFX Client Server ActiveX Control Array Indexing Vulnerability Unpatched (433 days) Francis Provencher 1 SA49856 IrfanView TIFF Image Decompression Buffer Overflow Vulnerability 112 days Francis Provencher 1 SA50980 WordPress Pretty Link Lite Plugin "search" Cross-Site Scripting Vulnerability 19 days Charlie Eriksen 1 SA50874 Wordpress All Video Gallery Plugin "vid" SQL Injection Vulnerabilities 25 days Charlie Eriksen 2 SA50873 WordPress FireStorm Professional Real Estate Plugin SQL Injection Vulnerabilities 17 days Charlie Eriksen 2 SA50834 WordPress Cimy User Manager Plugin "cimy_um_filename" Arbitrary File Disclosure Vulnerability Unpatched (219 days) Charlie Eriksen 1 SA50981 WordPress Spider Calendar Plugin "many_sp_calendar" Cross-Site Scripting Vulnerability 8 days Han Lee 1 SA50631 Winmail Server Multiple Script Insertion Vulnerabilities Unpatched (238 days) Zhao Liang 3 SA50975 WordPress Zingiri Bookings Plugin "error" Cross-Site Scripting Vulnerability 0 days Charlie Eriksen 1 SA50977 WordPress Thank You Counter Button Plugin "paged" Cross-Site Scripting Vulnerability 2 days Charlie Eriksen 1 SA50875 WordPress UnGallery Plugin "search" Arbitrary Command Execution Vulnerability 6 days Charlie Eriksen 1 SA50983 WordPress Zingiri Form Builder Plugin "error" Cross-Site Scripting Vulnerability 0 days Charlie Eriksen 1 SA51022 gpEasy CMS Two Cross-Site Scripting Vulnerabilities 39 days Stefan Schurtz 2 SA50804 WordPress Crayon Syntax Highlighter Plugin "wp_load" Remote File Inclusion Vulnerability 14 days Charlie Eriksen 1 SA50574 Zen Cart "zen_get_all_get_params()" Cross-Site Scripting Vulnerability 14 days Stefan Schurtz 1 SA49792 Novell Remote Manager Off-by-One Denial of Service Vulnerability 91 days Georgi Geshev 1 SA50595 TurboFTP Server PORT Command Processing Buffer Overflow Vulnerability Unpatched (251 days) Zhao Liang 1 SA50510 Piwigo "username_or_email" Cross-Site Scripting Vulnerability Unpatched (253 days) Stefan Schurtz 1 SA50526 Foxit Reader Insecure Library Loading Vulnerability 16 days Parvez Anwar 1 SA50622 Novell GroupWise Internet Agent "Content-Length" Integer Overflow Vulnerability 142 days Francis Provencher 1 SA50441 IceWarp Mail Server Information Disclosure Security Issue Unpatched (266 days) Robin François 1 SA49923 WordPress Mac Photo Gallery Plugin Two Security Bypass Security Issues 57 days Charlie Eriksen 2 SA47898 Observer SNMP SetRequest Denial of Service Vulnerability 125 days Francis Provencher 1 SA43012 HP System Management Homepage Cross-Site Request Forgery 451 days Sow Ching Shiong 1 SA43942 Oracle iPlanet Web Server Multiple Cross-Site Scripting Vulnerabilities 397 days Sow Ching Shiong 7 SA49791 WordPress WP Symposium Plugin Authentication Check Security Bypass 21 days Charlie Eriksen 1 SA47245 IBM Lotus Symphony Image Processing Integer Overflow Vulnerability 38 days Tielei Wang 1 SA46748 X3 CMS "admin/login" URL Cross-Site Scripting Vulnerability 63 days Stefan Schurtz 1 SA50001 concrete5 "fID" File Disclosure Vulnerability 35 days Martin Obiols 1 SA46805 Seo Panel Two Cross-Site Scripting Vulnerabilities Unpatched (558 days) Stefan Schurtz 2 SA49295 CyberLink PowerProducer Insecure Library Loading Vulnerability Unpatched (336 days) Parvez Anwar 1 SA49311 CyberLink KoanBox ActiveX Control Buffer Overflow Vulnerability Unpatched (336 days) Parvez Anwar 1 SA49290 CyberLink StreamAuthor Insecure Library Loading Vulnerability Unpatched (336 days) Parvez Anwar 1 SA49281 CyberLink LabelPrint Insecure Library Loading Vulnerability Unpatched (336 days) Parvez Anwar 1 SA49281 CyberLink LabelPrint Project File Processing Buffer Overflow Vulnerability Unpatched (336 days) Parvez Anwar 1 SA49141 Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerability 94 days Francis Provencher 1 SA49398 WordPress Zingiri Web Shop Plugin Cookie SQL Injection Vulnerability 70 days Charlie Eriksen 1 SA49999 ConcourseSuite Script Insertion and Cross-Site Request Forgery Vulnerabilities 14 days Matthew Joyce 8 SA49836 WordPress Mac Photo Gallery Plugin Multiple Script Insertion Vulnerabilities 13 days Charlie Eriksen 6 SA49850 WordPress GD Star Rating Plugin Export Security Bypass Security Issue 3 days Charlie Eriksen 1 SA49910 WordPress Flexi Quote Rotator Plugin Cross-Site Request Forgery and SQL Injection Vulnerabilities 4 days Charlie Eriksen 2 SA49091 XnView FPX Image Processing Buffer Overflow Vulnerability 31 days Francis Provencher 1 SA49176 IrfanView Formats PlugIn DjVu Image Decompression Buffer Overflow Vulnerability 30 days Francis Provencher 1 SA48571 DecisionTools SharpGrid ActiveX Control Code Execution Vulnerability Unpatched (419 days) Francis Provencher 1 SA49204 IrfanView Formats PlugIn ECW Image Decompression Buffer Overflow Vulnerability 8 days Francis Provencher 1 SA49091 XnView ECW Image Processing Buffer Overflow Vulnerability 22 days Francis Provencher 1 SA49091 XnView RAS Image Processing Integer Truncation Vulnerability 22 days Francis Provencher 1 SA49936 Oracle Outside In LWP Buffer Overflow Vulnerability 14 days Francis Provencher 1 SA49936 Oracle Outside In FPX and JP2 Buffer Overflow Vulnerabilities 27 days Francis Provencher 2 SA49453 eXtplorer "lang" Cross-Site Scripting Vulnerability 25 days Han Lee 1 SA49630 WordPress Paid Memberships Pro Plugin Membership Information Disclosure Vulnerability 1 days Charlie Eriksen 1 SA49854 WordPress Global Content Blocks Plugin Multiple Vulnerabilities 2 days Charlie Eriksen 3 SA49200 Windows win32k.sys Hook Procedure Creation Privilege Escalation 91 days Lufeng Li 1 SA49534 WordPress WP Symposium Plugin Multiple SQL Injection Vulnerabilities 17 days Charlie Eriksen 13 SA49505 WordPress A Page Flip Book Plugin "pageflipbook_language" File Inclusion Vulnerability Unpatched (343 days) Charlie Eriksen 1 SA49506 WordPress Sendit Newsletter Plugin "id" SQL Injection Vulnerability Unpatched (334 days) Charlie Eriksen 1 SA49653 WordPress Quotes Collection Plugin Cross-Site Request Forgery Vulnerability 10 days Charlie Eriksen 1 SA49676 WordPress Zingiri Web Shop Plugin "abspath" Remote File Inclusion Vulnerability 3 days Charlie Eriksen 1 SA49103 Eaton Network Shutdown Module Accounts Database Insecure File Permissions 21 days Hans-Martin Munch 1 SA49103 Eaton Network Shutdown Module User Session Disclosure Security Issue 21 days Hans-Martin Munch 1 SA49103 Eaton Network Shutdown Module PHP Code Execution Vulnerability 21 days Hans-Martin Munch 1 SA46624 Winamp AVI "TSCC" Processing Buffer Overflow Vulnerability 296 days Hossein Lotfi 1 SA46624 Winamp AVI "UYVY" Processing Buffer Overflow Vulnerability 296 days Hossein Lotfi 1 SA46624 Winamp AVI "BI_RGB" Processing Buffer Overflow Vulnerability 296 days Hossein Lotfi 1 SA49650 WordPress Mac Photo Gallery Plugin "albid" Arbitrary File Disclosure Vulnerability 2 days Charlie Eriksen 1 SA49538 WordPress Nmedia MailChimp Plugin "abs_path" Remote File Inclusion Vulnerability 1 days Charlie Eriksen 1 SA48804 ACDsee Pro RLE Image Parsing Buffer Overflow Vulnerability 64 days Francis Provencher 1 SA48804 ACDsee Pro PCT Image Parsing Buffer Overflow Vulnerability 64 days Francis Provencher 1 SA48804 ACDsee Pro GIF Logical Screen Descriptor Parsing Vulnerability 64 days Francis Provencher 1 SA48804 ACDsee Pro CUR "ColorsImportant" Parsing Buffer Overflow Vulnerability 64 days Francis Provencher 1 SA48666 XnView GIF ImageDescriptor Structure Parsing Vulnerability 78 days Francis Provencher 1 SA48666 XnView PICT Image Decompression Vulnerability 73 days Francis Provencher 1 SA48666 XnView TIFF SGI32LogLum Decompression Two Vulnerabilities 83 days Francis Provencher 2 SA49652 WordPress TheCartPress Plugin Order Information Security Bypass 1 days Charlie Eriksen 1 SA49472 Oracle Java Printing Insecure Temporary File Permissions Security Issue 154 days Andrei Costin 1 SA48429 Microsoft Lync Client Insecure Library Loading Vulnerability 88 days hamburgers maccoy 1 SA49201 WordPress Profile Builder Plugin Recover Password Security Bypass Vulnerability 4 days Charlie Eriksen 1 SA47244 LibreOffice vclmi.dll Integer Overflow Vulnerability 154 days Tielei Wang 1 SA46992 OpenOffice.org vclmi.dll Integer Overflow Vulnerability 166 days Tielei Wang 1 SA48925 3D Life Player WebPlayer ActiveX Control Buffer Overflow Vulnerabilities Unpatched (398 days) Parvez Anwar 2 SA48924 3DVIA Composer Insecure Library Loading Vulnerability Unpatched (398 days) Parvez Anwar 1 SA48923 3D XML Player Insecure Library Loading Vulnerability Unpatched (398 days) Parvez Anwar 1 SA48741 PAC-Designer File Processing Buffer Overflow Vulnerability Unpatched (411 days) Anonymous 1 SA48740 ispVM System XCF File Processing Buffer Overflow Vulnerabilities Unpatched (411 days) Anonymous 2 SA48739 ispLEVER Classic Project File Processing Buffer Overflow Vulnerability Unpatched (411 days) Anonymous 1 SA48431 Lattice Diamond EPIC and Power Calculator File Processing Vulnerabilities Unpatched (411 days) Anonymous 2 SA47447 Apple QuickTime File Path Handling Buffer Overflow 125 days Tielei Wang 1 SA49050 Core FTP File Download Buffer Overflow Vulnerability 7 days Han Lee 1 SA47118 Adobe Illustrator JPEG Image Parsing Integer Overflow Vulnerability 153 days Tielei Wang 1 SA47116 Adobe Flash Professional JPG Processing Integer Overflow Vulnerability 152 days Tielei Wang 1 SA47363 JustSystems Multiple Products JPEG Image Parsing Integer Overflow 119 days Tielei Wang 1 SA48772 IrfanView FlashPix PlugIn Image Decompression Buffer Overflow 2 days Francis Provencher 1 SA48036 PrestaShop Socolissimo Module Parameter Names and Values Cross-Site Scripting Vulnerabilities 33 days Arnault Pachot 2 SA47023 Cisco WebEx Player atas32.dll Integer Overflow Vulnerability 124 days Damian Put 1 SA47023 Cisco WebEx Player atdl2006.dll WRF Decompression Vulnerability 124 days Damian Put 1 SA47855 Ghostscript "OutputFile" Buffer Overflow Vulnerability 36 days Andrei Costin 1 SA47333 IrfanView RLE Compressed Bitmap Image Parsing Buffer Overflow 98 days Parvez Anwar 1 SA48268 FreeType BDF Font Parsing Integer Overflow Vulnerability 0 days Byoungyoung Lee 1 SA47183 GNU Gnash "GnashImage::size()" Integer Overflow Vulnerability 90 days Tielei Wang 1 SA47934 Pluck Cross-Site Request Forgery Vulnerability Unpatched (483 days) Mario Gomes 1 SA46809 DAEMON Tools 222850h IOCTL Handling Privilege Escalation Vulnerability 95 days ADLab 1 SA47388 XnView PCX File Processing Buffer Overflow Vulnerability 108 days ADLab 1 SA47388 XnView Directory Parsing Buffer Overflow Vulnerability 101 days Tielei Wang 1 SA47388 XnView FlashPix Image Processing Signedness Error Vulnerability 66 days Francis Provencher 1 SA47284 moviEZ HD Insecure Library Loading Vulnerability Unpatched (516 days) Parvez Anwar 1 SA47283 Vegas Movie Studio HD Insecure Library Loading Vulnerability Unpatched (516 days) Parvez Anwar 1 SA47282 DVD Architect Pro / Studio Insecure Library Loading Vulnerability Unpatched (516 days) Parvez Anwar 1 SA47281 Jam Trax Express Insecure Library Loading Vulnerability Unpatched (516 days) Parvez Anwar 1 SA47661 2X Client TuxClientSystem ActiveX Control "InstallClient()" Unsafe Method 43 days Andrea Micalizzi (rgod) 1 SA45758 Apple Safari Plug-in Unloading Vulnerability Unpatched (628 days) Krystian Kloskowski 1 SA44976 Apple Safari "setInterval()" Address Bar Spoofing Vulnerability Unpatched (699 days) Krystian Kloskowski 1 SA47382 Redaxscript Cross-Site Request Forgery Vulnerability 59 days Russ McRee 1 SA47912 Ricoh DC Software DL-10 FTP Server Buffer Overflow Vulnerability Unpatched (468 days) Julien Ahrens 1 SA47450 ACDSee BMP Image Processing Integer Overflow Vulnerability Unpatched (501 days) Tielei Wang 1 SA47666 Lenovo ThinkManagement Console Web Services Arbitrary File Deletion Unpatched (481 days) Andrea Micalizzi (rgod) 1 SA47666 Lenovo ThinkManagement Console Web Services Arbitrary File Upload Unpatched (481 days) Andrea Micalizzi (rgod) 1 SA47477 PhotoLine JPEG2000 Image Processing Buffer Overflow Vulnerability 23 days Parvez Anwar 1 SA47587 GForge Advanced Server "startdate" and "enddate" Cross-Site Scripting Vulnerabilities 18 days Mateusz Krzeszowiec 2 SA44063 Avaya Interaction Center ORB Service Buffer Overflow Vulnerability 256 days AbdulAziz Hariri 1 SA47386 Hancom Office Hanword PNG Image Processing Integer Overflow Vulnerability Unpatched (511 days) Tielei Wang 1 SA47386 Hancom Office Hanword "ImportGR()" Integer Overflow Vulnerability Unpatched (511 days) Tielei Wang 1 SA47362 IvanView JPEG2000 Image Processing Buffer Overflow Vulnerability Unpatched (503 days) Parvez Anwar 1 SA47352 XnView JPEG2000 Image Processing Buffer Overflow Vulnerability Unpatched (505 days) Parvez Anwar 1 SA47657 2X ApplicationServer TuxSystem ActiveX Control "ExportSettings()" Insecure Method Unpatched (484 days) Andrea Micalizzi (rgod) 1 SA47175 JasPer "jpc_dec_cp_setfromqcx()" Buffer Overflow Vulnerability Unpatched (503 days) Parvez Anwar 1 SA47831 LuraWave JP2 Browser Plug-In File Processing Buffer Overflow Vulnerability 29 days Parvez Anwar 1 SA47350 LuraWave JP2 ActiveX Control File Processing Buffer Overflow Vulnerability 29 days Parvez Anwar 1 SA46091 Caminova DjVu Browser Plug-in "Sjbz" Chunk Parsing Buffer Overflow Vulnerability 118 days Parvez Anwar 1 SA47314 RenRen Talk Image Parsing Two Vulnerabilities Unpatched (512 days) Tielei Wang 2 SA47360 IrfanView PlugIns JPEG2000 Image Processing Buffer Overflow Vulnerability 13 days Parvez Anwar 1 SA47041 Yahoo Messenger JPG Photo Sharing Integer Overflow Vulnerability 21 days Tielei Wang 1 SA45852 Adobe Reader/Acrobat BMP Image Parsing Signedness Vulnerability 127 days Hossein Lotfi 1 SA45189 Microsoft Windows Object Packager Insecure Executable Loading Vulnerability 180 days Parvez Anwar 1 SA46748 X3 CMS "username" and "password" Cross-Site Scripting Vulnerability 62 days Stefan Schurtz 1 SA47122 HP PKI ActiveX Control Arbitrary Process Termination Weakness 9 days Parvez Anwar 1 2011 Total Vulnerabilities: 435 Total Advisories: 225 [+] [+] Discovered by Secunia ( 182 vulnerabilities, 91 advisories ) Time to Patch Discovered by Vulnerabilities WordPress WP Symposium Plugin Two Arbitrary File Upload Vulnerabilities 17 days Secunia Research 2 Notepad++ NppFTP "PASV" Buffer Overflow Vulnerabilities Unpatched (582 days) Stefan Cornelius 3 Wuzly Authentication Bypass Vulnerability Unpatched (540 days) Morten Bartvig 1 Wuzly Four SQL Injection Vulnerabilities Unpatched (540 days) Morten Bartvig 4 Wuzly "preview" Local File Inclusion Vulnerability Unpatched (540 days) Morten Bartvig 1 Wuzly "username" Script Insertion Vulnerability Unpatched (540 days) Morten Bartvig 1 Wuzly Cross-Site Request Forgery Vulnerability Unpatched (540 days) Morten Bartvig 1 Wuzly Twenty Four Cross-Site Scripting Vulnerabilities Unpatched (540 days) Morten Bartvig 24 Sterling Trader Data Processing Buffer Overflow Vulnerability Unpatched (543 days) Dmitriy Pletnev 1 Winamp AVI Parsing Two Integer Overflow Vulnerabilities 26 days Dmitriy Pletnev 2 WordPress WP Symposium Plugin "uid" Cross-Site Scripting 1 days Secunia Research 1 DVR Remote ActiveX Control DVRobot Library Loading Vulnerability Unpatched (576 days) Carsten Eiram 1 Support Incident Tracker Arbitrary File Upload Vulnerability Unpatched (576 days) Secunia Research 1 Support Incident Tracker "eval()" PHP Code Execution Vulnerability Unpatched (576 days) Secunia Research 1 Support Incident Tracker File Name SQL Injection Vulnerability Unpatched (576 days) Secunia Research 1 Support Incident Tracker "search_string" Cross-Site Scripting Unpatched (576 days) Secunia Research 1 Support Incident Tracker Attachments Path Disclosure Weakness Unpatched (576 days) Secunia Research 1 KaiBB Three SQL Injection Vulnerabilities Unpatched (600 days) Morten Bartvig 5 KaiBB Two Cross-Site Scripting Vulnerabilities Unpatched (600 days) Morten Bartvig 2 KaiBB Two SQL Injection Vulnerabilities Unpatched (600 days) Morten Bartvig 2 Autonomy Keyview Ichitaro Object Reconstruction Logic Vulnerability 164 days Secunia Research 1 Autonomy Keyview Ichitaro Text Parsing Buffer Overflow 164 days Secunia Research 1 Autonomy Keyview Ichitaro QLST Integer Overflow Vulnerability 164 days Secunia Research 1 Cyrus IMAPd NNTP Authentication Bypass Vulnerability 16 days Stefan Cornelius 1 Novell GroupWise Internet Agent HTTP Interface Buffer Overflow 200 days Carsten Eiram 1 Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability 206 days Carsten Eiram 1 phpList "findby" SQL Injection Vulnerability 42 days Secunia Research 1 phpList Two Script Insertion Vulnerabilities 42 days Secunia Research 2 phpList Two Cross-Site Scripting Vulnerabilities 41 days Secunia Research 2 GEAR CD DVD Filter Driver GEARAspiWDM.sys Two Array-Indexing Vulnerabilities 70 days Dmitriy Pletnev 2 InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities 82 days Dmitriy Pletnev 3 UUSee UUPlayer ActiveX Control "SendLogAction()" Buffer Overflow Unpatched (658 days) Secunia Research 1 UUSee UUPlayer ActiveX Control "Play()" Code Execution Vulnerability Unpatched (658 days) Secunia Research 1 Provideo PAxPlayer ActiveX Control Two Buffer Overflows Unpatched (680 days) Secunia Research 2 Provideo GMAXPlayer ActiveX Control Two Buffer Overflows Unpatched (680 days) Secunia Research 2 Provideo alarm ActiveX Control "voice()" Buffer Overflow Unpatched (680 days) Secunia Research 1 Foxit Reader ActiveX Control "OpenFile()" Buffer Overflow Vulnerability 31 days Secunia Research 1 Enano CMS "name" User Enumeration Weakness Unpatched (688 days) Secunia Research 1 Enano CMS Five Cross-Site Scripting Vulnerabilities 15 days Secunia Research 5 Enano CMS Cross-Site Request Forgery Vulnerability 15 days Secunia Research 1 Enano CMS "subject" Script Insertion Vulnerability 15 days Secunia Research 1 RSLinx OPC Automation ActiveX Control Buffer Overflow 8 days Dmitriy Pletnev 1 NNT Change Tracker / Remote Angel Insecure File Permissions 25 days Secunia Research 1 Drupal Color Module Script Insertion Vulnerability 27 days Kasper Lindgaard 1 Adobe Shockwave Player DEMX Data Size Calculation Integer Overflows 63 days Carsten Eiram 6 Adobe Shockwave Player DEMX Structure Creation Integer Overflow 63 days Carsten Eiram 1 Adobe Shockwave Player DEMX Input Validation Vulnerability 63 days Carsten Eiram 1 Adobe Shockwave Player DEMX Memory Reallocation Vulnerability 63 days Carsten Eiram 1 Adobe Shockwave Player Memory Allocation Logic Vulnerability 63 days Carsten Eiram 1 Adobe Shockwave Player DEMX Invalid Loop Count Vulnerability 63 days Carsten Eiram 1 Adobe Reader/Acrobat ACE.dll ICC Chunk Parsing Integer Overflow 120 days Secunia Research 1 Adobe Shockwave Player "rcsL" Chunk Parsing Vulnerability 84 days Carsten Eiram 1 Avaya IP Office Manager TFTP Directory Traversal Vulnerability 80 days Secunia Research 1 MuPDF Firefox Plugin Buffer Overflow Vulnerability Unpatched (851 days) Stefan Cornelius 1 Advantech Studio ISSymbol ActiveX Control Buffer Overflow Vulnerabilities Unpatched (839 days) Dmitriy Pletnev 4 InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities 76 days Dmitriy Pletnev 4 CA Output Management Web Viewer PPSViewer ActiveX Control Buffer Overflow 41 days Dmitriy Pletnev 1 CA Output Management Web Viewer UOMWV_Helper ActiveX Control Buffer Overflow 41 days Dmitriy Pletnev 1 Microsoft Windows Wordpad Word 97 Converter Vulnerabilities 186 days Carsten Eiram 2 Microsoft Excel External Record Parsing Signedness Vulnerability 379 days Alin Rad Pop 1 Microsoft Excel Substream Parsing Integer Underflow Vulnerability 379 days Alin Rad Pop 1 RunCMS "topicmanager.php" Cross-Site Scripting Vulnerability Unpatched (798 days) Secunia Research 1 RunCMS Cross-Site Request Forgery Vulnerability Unpatched (798 days) Secunia Research 1 RunCMS Multiple SQL Injection Vulnerabilities Unpatched (798 days) Secunia Research 15 RunCMS File Upload Vulnerability Unpatched (798 days) Secunia Research 1 Achievo Three Cross-Site Scripting Vulnerabilities Unpatched (915 days) Secunia Research 3 Achievo Six SQL Injection Vulnerabilities Unpatched (915 days) Secunia Research 6 Achievo "owner" Scheduler Security Bypass Vulnerability Unpatched (550 days) Secunia Research 1 Achievo Two Local File Inclusion Vulnerabilities Unpatched (915 days) Secunia Research 2 Honeywell ScanServer ActiveX Control Use-After-Free Vulnerability 167 days Carsten Eiram 1 LotusCMS Two PHP Code Execution Vulnerabilities Unpatched (804 days) Secunia Research 2 LotusCMS Cross-Site Request Forgery Vulnerability Unpatched (804 days) Secunia Research 1 LotusCMS Backup File Disclosure Vulnerability Unpatched (804 days) Secunia Research 1 LotusCMS Arbitrary File Upload Vulnerability Unpatched (804 days) Secunia Research 1 LotusCMS Two Cross-Site Scripting Vulnerabilities 6 days Secunia Research 2 LotusCMS "page" User Enumeration Weakness 6 days Secunia Research 1 LotusCMS Two File Disclosure Vulnerabilities 6 days Secunia Research 2 Foxit Reader/Phantom ICC Chunk Parsing Integer Overflow 10 days Secunia Research 1 SumatraPDF Two Integer Overflow Vulnerabilities 34 days Stefan Cornelius 2 MuPDF Two Integer Overflow Vulnerabilities 34 days Stefan Cornelius 2 Dell DellSystemLite.Scanner ActiveX Control "GetData()" Directory Traversal Unpatched (846 days) Dmitriy Pletnev 1 Panda Products APPFLT.SYS 6660E18h IOCTL Vulnerability 7 days Carsten Eiram 1 Panda Products APPFLT.SYS IOCTL Handling Array-Indexing Vulnerabilities 7 days Carsten Eiram 4 Panda Products APPFLT.SYS IOCTL Input Data Buffer Overflow 7 days Carsten Eiram 1 Adobe Shockwave Player CSWV Integer Overflow Vulnerability 96 days Carsten Eiram 1 Adobe Shockwave Player CSWV Signedness Error Vulnerability 97 days Carsten Eiram 1 Adobe Shockwave Player CSWV Input Validation Vulnerability 98 days Carsten Eiram 1 SigPlus Pro ActiveX Control Buffer Overflow Vulnerabilities 27 days Dmitriy Pletnev 3 SigPlus Pro ActiveX Control "SetLogFilePath()" Unsafe Method 27 days Dmitriy Pletnev 1 Panda Products APPFLT.SYS 6660D6Ch/6660D70h IOCTL Buffer Overflow 7 days Carsten Eiram 1 Dell DellSystemLite.Scanner ActiveX Control "WMIAttributesOfInterest" Unsafe Property Unpatched (846 days) Dmitriy Pletnev 1 [+] Coordinated by Secunia ( 253 vulnerabilities, 134 advisories ) Time to Patch Discovered by Vulnerabilities SA46780 pfSense "style" Cross-Site Scripting Vulnerability 38 days Jan Fischbach 1 SA46706 e107 "link" BBCode User Signature Script Insertion Vulnerability 47 days mghack 1 SA46893 Simple PHP Blog "entry" and "category" Cross-Site Scripting Vulnerabilities Unpatched (550 days) mghack 2 SA46706 e107 "username" SQL Injection Vulnerability 42 days mghack 1 SA46706 e107 Cross-Site Scripting Vulnerabilities 47 days mghack 3 SA47322 IrfanView FlashPix PlugIn Double-Free Vulnerability 6 days Francis Provencher 1 SA47246 libfpx "Free_All_Memory()" Double-Free Vulnerability 1 days Francis Provencher 1 SA47065 IrfanView TIFF Image Processing Buffer Overflow Vulnerability 13 days Francis Provencher 1 SA45665 RSA SecurID Software Token Insecure Library Loading Vulnerability 118 days Parvez Anwar 1 SA46881 Seotoaster "selectUserIdByLoginPass()" SQL Injection Vulnerability 28 days Stefan Schurtz 1 SA46766 PHP-SCMS "lang" Cross-Site Scripting Vulnerability Unpatched (559 days) Stefan Schurtz 1 SA46872 WinMount 87342000h IOCTL NULL Pointer Dereference Denial of Service Unpatched (552 days) ADLab 1 SA46882 Winamp IT File Parsing Buffer Overflow Vulnerability 19 days Hossein Lotfi 1 SA46864 PunBB "linkedin" Script Insertion Vulnerability 20 days mghack 1 SA47010 Meditate "username_input" SQL Injection Vulnerability 3 days Stefan Schurtz 1 SA46831 LimeSurvey Survey Text Field Tooltip Script Insertion Vulnerability 1 days Joshua Tiago 1 SA43046 web@all Cross-Site Scripting and SQL Injection Vulnerabilities 4 days Russ McRee 3 SA42390 LightNEasy Mini Cross-Site Scripting and Script Insertion Vulnerabilities Unpatched (901 days) Russ McRee 2 SA37920 Xoops Cross-Site Scripting and SQL Injection Vulnerabilities 7 days Stefano Angaran 2 SA37822 Snitz Forums 2000 "X-Forwarded-For" SQL Injection Vulnerability 26 days Stefano Angaran 1 SA38026 IBM Lotus Domino Web Access Cross-Site Scripting Vulnerabilities 203 days Matt Farey 3 SA38222 WebCalendar Cross-Site Scripting and Request Forgery Vulnerabilities 15 days Russ McRee 5 SA36634 Microsoft Windows Paint JPEG Parsing Integer Overflow Vulnerability 152 days Tielei Wang 1 SA38422 Docebo Cross-Site Request Forgery Vulnerability 244 days Russ McRee 1 SA38635 DFD Cart Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities 34 days Russ McRee 4 SA38307 eclime Multiple Vulnerabilities 41 days Russ McRee 4 SA39128 Webessence CMS Cross-Site Scripting and Request Forgery Vulnerabilities 16 days Russ McRee 2 SA39098 Axon Virtual PBX Multiple Vulnerabilities Unpatched (1155 days) Ivan Markovic 4 SA39164 Elastix "id_nodo" Local File Inclusion Vulnerability 31 days Ivan Markovic 1 SA39464 GetSimple CMS Multiple Cross-Site Scripting Vulnerabilities 169 days Ivan Markovic 6 SA39261 Apache Tomcat Web Application Manager / Host Manager Cross-Site Request Forgery 4 days Swatej Kumar 1 SA39320 TomatoCMS Multiple Script Insertion Vulnerabilities 33 days Russ McRee 3 SA39843 FileCOPA Directory Traversal Vulnerability 1 days Sow Ching Shiong 1 SA39866 SnugServer FTP Directory Traversal Vulnerabilities 7 days Sow Ching Shiong 9 SA39852 CompleteFTP Server Two Vulnerabilities 13 days Sow Ching Shiong 2 SA39860 Horde Groupware / Horde Groupware Webmail Edition Cross-Site Request Forgery 135 days Russ McRee 1 SA39680 TomatoCMS Cross-Site Request Forgery Vulnerability Unpatched (1108 days) Russ McRee 1 SA39680 TomatoCMS Cross-Site Scripting Vulnerabilities Unpatched (1108 days) Russ McRee 5 SA39942 odCMS Cross-Site Request Forgery Vulnerability Unpatched (1092 days) Russ McRee 1 SA39942 odCMS Multiple Cross-Site Scripting Vulnerabilities Unpatched (1092 days) Russ McRee 6 SA40015 eBox Platform Cross-Site Request Forgery Vulnerability 15 days Russ McRee 1 SA39395 OneCMS Multiple SQL Injection Vulnerabilities Unpatched (1127 days) Russ McRee 4 SA39395 OneCMS Cross-Site Scripting Vulnerabilities Unpatched (1127 days) Russ McRee 2 SA39562 Various Snare Agents Cross-Site Request Forgery Vulnerabilities 63 days Russ McRee 1 SA40974 Explorer Suite CFF Explorer Name Identifier Buffer Overflow Vulnerability Unpatched (1013 days) Josh Mitchell 1 SA40471 InterPhoto Gallery Arbitrary File Upload Vulnerability Unpatched (1051 days) Russ McRee 1 SA41108 DivX Plus Player Insecure Library Loading Vulnerability Unpatched (1000 days) Parvez Anwar 1 SA41209 Sophos Free Encryption / SafeGuard PrivateCrypto Insecure Library Loading Vulnerability Unpatched (995 days) Parvez Anwar 1 SA41253 L0phtCrack Insecure Library Loading Vulnerability Unpatched (993 days) Parvez Anwar 1 SA41560 SkyBlueCanvas Cross-Site Request Forgery Vulnerability Unpatched (973 days) Russ McRee 1 SA41619 Pluck Cross-Site Request Forgery Vulnerability 14 days Russ McRee 1 SA41764 Avactis Shopping Cart "User-Agent" SQL Injection Vulnerability Unpatched (954 days) Russ McRee 1 SA41712 4images Cross-Site Request Forgery Vulnerability 34 days Russ McRee 1 SA40670 Seo Panel Multiple Cross-Site Scripting Vulnerabilities Unpatched (1037 days) Russ McRee 8 SA40670 Seo Panel Cross-Site Request Forgery Vulnerability Unpatched (1037 days) Russ McRee 1 SA41717 SilverStripe Cross-Site Request Forgery Vulnerability 28 days Russ McRee 1 SA41945 KaiBB Multiple Vulnerabilities 20 days Russ McRee 3 SA42270 WonderCMS "page" Cross-Site Scripting and File Disclosure Vulnerabilities 1 days Russ McRee 2 SA42081 The Bug Genie Cross-Site Scripting and Request Forgery Vulnerabilities 16 days Russ McRee 2 SA42233 Phire CMS Multiple Vulnerabilities 10 days Russ McRee 21 SA42074 NibbleBlog Cross-Site Request Forgery Vulnerability Unpatched (931 days) Russ McRee 1 SA42179 TinyWebGallery Multiple Cross-Site Scripting Vulnerabilities 12 days Russ McRee 9 SA42139 webApp.secure "Content-Length" Denial of Service Vulnerability 14 days Aleksandar Nikolic 1 SA41482 McAfee VirusScan Enterprise Insecure Library Loading Vulnerability 77 days Parvez Anwar 1 SA41348 WebEx Meeting Manager WebexUCFObject ActiveX Control Insecure Library Loading 82 days Parvez Anwar 1 SA42391 LightNEasy "page" and "id" SQL Injection Vulnerabilities 280 days Russ McRee 2 SA42487 XOOPS xNews Module Cross-Site Scripting Vulnerabilities 13 days Stefano Angaran 2 SA42308 Snitz Forums 2000 "M_NAME" Cross-Site Scripting and SQL Injection Vulnerabilities 25 days Stefano Angaran 2 SA41439 IrfanView LuraDocument Format PlugIn Memory Corruption Vulnerability 30 days BraniX 1 SA41020 IrfanView LuraWave Format PlugIns Multiple Vulnerabilities 108 days BraniX 4 SA42503 PrestaShop Cross-Site Scripting Vulnerability 15 days Sow Ching Shiong 1 SA42369 TheHostingTool "updateResource()" SQL Injection Vulnerability 30 days Russ McRee 1 SA38733 RemoteExec Computers List Buffer Overflow Vulnerability 15 days Parvez Anwar 1 SA40217 Microsoft Windows Common Control Library Integer Truncation Vulnerability 112 days Krystian Kloskowski (h07) 1 SA40729 QuickTime Player Streaming Debug Error Logging Buffer Overflow 18 days Krystian Kloskowski (h07) 1 SA43058 HP Power Manager Cross-Site Request Forgery Vulnerability Unpatched (846 days) Sow Ching Shiong 1 SA42112 Adobe Shockwave Player "Shockwave Settings" Use-After-Free Vulnerability 98 days Krystian Kloskowski (h07) 1 SA40669 Xinha Arbitrary File Upload Vulnerability Unpatched (896 days) Russ McRee 1 SA40669 Xinha URL Appending Cross-Site Scripting Vulnerability Unpatched (896 days) Russ McRee 1 SA43176 CMME "page" Cross-Site Scripting Vulnerability Unpatched (895 days) Russ McRee 1 SA43176 CMME Arbitrary File Read Vulnerability Unpatched (895 days) Russ McRee 1 SA43152 Newscoop "request" Cross-Site Scripting Vulnerability 19 days Russ McRee 1 SA43049 F-Secure Policy Manager Web Reporting Path Disclosure Weakness 31 days Sow Ching Shiong 1 SA43049 F-Secure Policy Manager Web Reporting Cross-Site Scripting Vulnerability 31 days Sow Ching Shiong 1 SA41865 Avactis Shopping Cart Cross-Site Request Forgery 137 days Russ McRee 1 SA42805 PDF-Pro Insecure Library Loading Vulnerability Unpatched (860 days) Parvez Anwar 1 SA42805 PDF-Pro PDF Reader ActiveX Control Unsafe Methods Unpatched (860 days) Parvez Anwar 3 SA42805 PDF-Pro Dictionary Array Parsing Use-After-Free Vulnerability Unpatched (860 days) Parvez Anwar 1 SA42805 PDF-Pro PDF Reader ActiveX Control "open()" Method Buffer Overflow Unpatched (860 days) Parvez Anwar 1 SA42805 PDF-Pro PDF Reader ActiveX Control "open_stream()" Method Buffer Overflows Unpatched (860 days) Parvez Anwar 2 SA42805 PDF-Pro PDF Reader ActiveX Control "open_stream()" Use-After-Free Vulnerability Unpatched (860 days) Parvez Anwar 1 SA43293 TeamViewer Insecure Directory Permissions Security Issue 26 days Dennis P. Nikolaenko 1 SA43058 HP Power Manager Four Cross-Site Scripting Vulnerabilities Unpatched (846 days) Sow Ching Shiong 4 SA38748 Citrix Products ActiveSync Service Denial of Service Vulnerability 381 days AbdulAziz Hariri 1 SA44033 IT Dashboard "value" Cross-Site Scripting Vulnerability 4 days Ivan Markovic 1 SA43349 ISIS Papyrus AFP Viewer ActiveX Control Buffer Overflow Vulnerabilities 52 days Parvez Anwar 2 SA43421 BoltWire "p" Cross-Site Scripting Vulnerability Unpatched (819 days) Russ McRee 1 SA43474 Data Dynamics ActiveBar ActiveX Control "SetLayoutData()" Vulnerability Unpatched (817 days) Parvez Anwar 1 SA43399 IBM Rational System Architect ActiveBar ActiveX Control Vulnerabilities 63 days Parvez Anwar 4 SA45279 Winamp in_nsv.dll NSV Header Parsing Buffer Overflow 86 days Hossein Lotfi 1 SA45279 Winamp in_mod.dll AMF Header Parsing Buffer Overflow 93 days Hossein Lotfi 1 SA45279 Winamp in_midi.dll CMF Header Parsing Buffer Overflow 93 days Hossein Lotfi 1 SA44144 MDaemon WorldClient Email Subject Script Insertion Vulnerability 16 days Dejan Levaja 1 SA44062 Avaya WinPDM Multiple Buffer Overflow Vulnerabilities 35 days Abdul-Aziz Hariri 5 SA43562 ACDSee Picture Frame Manager Insecure Library Loading Vulnerability Unpatched (812 days) Parvez Anwar 1 SA43563 ACDSee Photo Editor 2008 Insecure Library Loading Vulnerability Unpatched (812 days) Parvez Anwar 1 SA43564 ACDSee FotoSlate Insecure Library Loading Vulnerability Unpatched (811 days) Parvez Anwar 1 SA43756 Silex "id_site" Cross-Site Scripting Vulnerability 85 days Russ McRee 1 SA43013 Adobe ColdFusion Cross-Site Request Forgery Vulnerability 144 days Sow Ching Shiong 1 SA44134 Trend Micro Control Manager "ApHost" Cross-Site Scripting Vulnerability 48 days Sow Ching Shiong 1 SA45125 libsndfile PAF File Processing Integer Overflow Vulnerability 9 days Hossein Lotfi 1 SA45080 Winamp PAF File Parsing Integer Overflow Vulnerability 7 days Hossein Lotfi 1 SA44525 MaxDB Handshake Packet Processing Denial of Service Vulnerability 64 days Abdul-Aziz Hariri 1 SA45066 VLC Media Player RealMedia File Parsing Integer Overflow Vulnerability 17 days Hossein Lotfi 1 SA45066 VLC Media Player AVI File Parsing Integer Underflow Vulnerability 17 days Hossein Lotfi 1 SA44970 Trend Micro Control Manager "module" File Disclosure Vulnerability 74 days Sow Ching Shiong 1 SA40183 Oracle Business Intelligence Integer Overflow Vulnerability 399 days Abdul-Aziz Hariri 1 SA43011 Oracle Secure Backup "mode" Cross-Site Scripting Vulnerability 176 days Sow Ching Shiong 1 SA43011 Oracle Secure Backup Cross-Site Request Forgery 176 days Sow Ching Shiong 1 SA38176 Microsoft Windows OpenType Compact Font Format Driver Vulnerability 143 days Chris Carton 1 SA38435 Google Picasa JPEG Processing Integer Overflow Vulnerability 21 days Tielei Wang 1 SA38753 Google Picasa for Mac JPEG Processing Memory Corruption 21 days Tielei Wang 1 SA40820 Novell GroupWise WebAccess Agent/Document Viewer Agent Arbitrary File Download 92 days Mehul Revankar 1 SA45079 HP Operations / Performance Agent OV Communication Broker Arbitrary File Deletion 90 days Abdul-Aziz Hariri 1 SA45131 libmodplug Multiple Vulnerabilities 27 days Hossein Lotfi 3 SA43662 Symantec Endpoint Protection Manager Two Cross-Site Scripting Vulnerabilities 153 days Sow Ching Shiong 2 SA43662 Symantec Endpoint Protection Manager Cross-Site Request Forgery 153 days Sow Ching Shiong 1 SA45264 KMPlayer Playlist Processing Buffer Overflow Vulnerability Unpatched (672 days) ADLab 1 SA44722 ACDSee FotoSlate PLP File Processing Buffer Overflow Vulnerability Unpatched (714 days) Parvez Anwar 1 SA45020 Microsoft Office Insecure Library Loading Vulnerability 74 days Parvez Anwar 1 SA45550 DivX Plus Web Player "file://" Buffer Overflow Vulnerability Unpatched (651 days) Krystian Kloskowski (h07) 1 SA45978 Adobe Reader / Acrobat BMP Image Parsing Buffer Overflow 7 days Hossein Lotfi 1 SA43513 Novell GroupWise WebAccess Three Script Insertion Vulnerabilities 95 days Joshua Tiago 3 SA43157 Symantec IM Manager Multiple Cross-Site Scripting Vulnerabilities 217 days Sow Ching Shiong 4 2010 Total Vulnerabilities: 403 Total Advisories: 153 [+] [+] Discovered by Secunia ( 403 vulnerabilities, 153 advisories ) Time to Patch Discovered by Vulnerabilities Microsoft Word LFO Parsing Double-Free Vulnerability 140 days Alin Rad Pop 1 Microsoft Office FlashPix Tile Data Two Buffer Overflows 505 days Dyon Balding 2 Microsoft Office FlashPix Property Set Parsing Buffer Overflow 505 days Dyon Balding 1 Microsoft Office Document Imaging Endian Conversion Vulnerability 523 days Carsten Eiram 1 Microsoft Office TIFF Image Converter Endian Conversion Vulnerability 158 days Carsten Eiram 1 RealPlayer "cook" Arbitrary Free Vulnerability 287 days Alin Rad Pop 1 RealPlayer AAC Spectral Data Parsing Vulnerability 284 days Carsten Eiram 1 RealPlayer "cook" Uninitialised Memory Vulnerability 289 days Alin Rad Pop 1 SAP Crystal Reports Print ActiveX Control Buffer Overflow Unpatched (914 days) Dmitriy Pletnev 1 QuickTime Track Dimensions Buffer Overflow Vulnerability 218 days Carsten Eiram 1 Winamp NSV Table of Contents Parsing Integer Overflow 29 days Carsten Eiram 1 webERP Multiple Cross-Site Scripting Vulnerabilities Unpatched (1028 days) Secunia Research 8 QuickTime Sorenson Video 3 Array-Indexing Vulnerability 211 days Carsten Eiram 1 Microsoft Office Drawing Shape Container Parsing Vulnerability 270 days Dyon Balding 1 Microsoft PowerPoint PP7X32.DLL Record Parsing Vulnerability 209 days Alin Rad Pop 1 Seo Panel One Hundred and One SQL Injection Vulnerabilities 128 days Secunia Research 101 Seo Panel Two Script Insertion Vulnerabilities Unpatched (1037 days) Secunia Research 2 Seo Panel Ten Cross-Site Scripting Vulnerabilities Unpatched (1037 days) Secunia Research 10 Seo Panel Two Security Bypass Vulnerabilities 128 days Secunia Research 2 Seo Panel "file" File Disclosure Vulnerability 128 days Secunia Research 1 Subtitle Translation Wizard Buffer Overflow Vulnerabilities 5 days Secunia Research 3 4images "show_form_header()" Cross-Site Scripting Vulnerability 34 days Secunia Research 1 SonicWALL SSL-VPN End-Point ActiveX Control Buffer Overflow 28 days Dmitriy Pletnev 1 Adobe Shockwave Player "DEMX" Chunk Parsing Vulnerability 52 days Carsten Eiram 1 Adobe Shockwave Player "pamm" Chunk Parsing Vulnerability 56 days Carsten Eiram 1 Winamp VP6 Content Parsing Buffer Overflow Vulnerability 134 days Carsten Eiram 1 PhreeBooks Eight Cross-Site Scripting Vulnerabilities Unpatched (972 days) Secunia Research 8 PhreeBooks "my_note" Script Insertion Vulnerability Unpatched (972 days) Secunia Research 1 PhreeBooks Forty Eight SQL Injection Vulnerabilities Unpatched (972 days) Secunia Research 48 PhreeBooks Six Local File Inclusion Vulnerabilities Unpatched (972 days) Secunia Research 6 RealPlayer QCP Sample Chunk Parsing Buffer Overflow 234 days Carsten Eiram 1 Microsoft Excel Ghost Record Type Parsing Vulnerability 176 days Carsten Eiram 1 Microsoft Excel Extra Out of Boundary Record Vulnerability 172 days Alin Rad Pop 1 Microsoft Excel Record Parsing Integer Overflow Vulnerability 197 days Alin Rad Pop 1 Microsoft Excel Lotus 1-2-3 File Parsing Vulnerability 186 days Carsten Eiram 1 FreePBX Filename Command Injection Vulnerability Unpatched (968 days) Secunia Research 1 Nagios XI "grab_request_var()" Cross-Site Scripting Vulnerability 19 days Secunia Research 1 Microsoft Outlook Content Parsing Integer Underflow Vulnerability 566 days Dyon Balding 1 MailEnable SMTP Service Two Denial of Service Vulnerabilities 10 days Dmitriy Pletnev 2 RealPlayer QCP Audio Content Parsing Buffer Overflow 184 days Carsten Eiram 1 RealPlayer YUV420 Transformation Processing Vulnerability 189 days Carsten Eiram 1 RealPlayer QCP Parsing Integer Overflow Vulnerability 196 days Alin Rad Pop 1 KDE Okular PDB Parsing RLE Decompression Buffer Overflow 14 days Stefan Cornelius 1 phpBugTracker "add_attachment()" Arbitrary File Upload Unpatched (1016 days) Secunia Research 1 phpBugTracker "bugid" SQL Injection Vulnerability Unpatched (1016 days) Secunia Research 1 Mono libgdiplus Image Processing Three Integer Overflows Unpatched (1014 days) Stefan Cornelius 3 Novell iPrint Client "call-back-url" Buffer Overflow Vulnerability 17 days Carsten Eiram 1 InterPhoto Gallery "file" Directory Traversal Vulnerability 37 days Secunia Research 1 KubeBlog "website" Script Insertion Vulnerability Unpatched (1024 days) Secunia Research 1 SWFTools Two Integer Overflow Vulnerabilities Unpatched (1077 days) Stefan Cornelius 2 Pligg Two SQL Injection Vulnerabilities 1 days Secunia Research 2 Opera "Download" Dialog File Execution Security Issue 28 days Jakob Balle and Sven Krewitt 1 glpng PNG Processing Two Integer Overflow Vulnerabilities Unpatched (1063 days) Secunia Research 2 Windows Movie Maker String Parsing Buffer Overflow 148 days Dyon Balding 1 MantisBT "Add Category" Script Insertion Vulnerability 43 days Secunia Research 1 Symantec Products wkssr.dll String Indexing Vulnerability 132 days Carsten Eiram 1 Symantec Products wkssr.dll Record Parsing Buffer Overflows 134 days Carsten Eiram 2 Symantec Products wkssr.dll Floating Point Conversion Buffer Overflow 137 days Carsten Eiram 1 Symantec Products Compound File Parsing Buffer Overflow 144 days Carsten Eiram 1 IBM Lotus Notes wkssr.dll Floating Point Conversion Buffer Overflow 140 days Carsten Eiram 1 IBM Lotus Notes Compound File Parsing Buffer Overflow 146 days Carsten Eiram 1 Autonomy KeyView wkssr.dll Record Parsing Buffer Overflows 134 days Carsten Eiram 2 Autonomy KeyView wkssr.dll String Indexing Vulnerability 132 days Carsten Eiram 1 Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow 133 days Dyon Balding 1 Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error 134 days Dyon Balding 1 Autonomy KeyView wkssr.dll Floating Point Conversion Buffer Overflow 140 days Carsten Eiram 1 Autonomy KeyView Compound File Parsing Buffer Overflow 148 days Carsten Eiram 1 GIGABYTE Dldrv2 ActiveX Control Array Indexing Vulnerability Unpatched (1069 days) Carsten Eiram 1 GIGABYTE Dldrv2 ActiveX Control Unsafe Methods Unpatched (1069 days) Carsten Eiram 2 Joomla BookLibrary From Same Author Module "id" SQL Injection 21 days Secunia Research 1 Joomla CKForms Component Two SQL Injection Vulnerabilities 150 days Secunia Research 2 Website Baker Four Local File Inclusion Vulnerabilities 413 days Secunia Research 4 Website Baker Two File Enumeration Vulnerabilities 413 days Secunia Research 2 Website Baker Nine SQL Injection Vulnerabilities 413 days Secunia Research 9 Website Baker "username" Cross-Site Scripting Vulnerability 413 days Secunia Research 1 Joomla BookLibrary Component Four SQL Injection Vulnerabilities 14 days Secunia Research 4 TaskFreak "tznMessage" Cross-Site Scripting Vulnerability 18 days Secunia Research 1 TaskFreak "password" SQL Injection Vulnerability 18 days Secunia Research 1 Creative Software AutoUpdate Engine 2 ActiveX Control Buffer Overflow Unpatched (1150 days) Carsten Eiram 1 Microsoft Excel String Parsing Uninitialised Variable Vulnerability 168 days Carsten Eiram 1 Microsoft Excel Record Parsing Input Validation Vulnerability 185 days Carsten Eiram 1 TomatoCMS Arbitrary File Upload Vulnerability Unpatched (1139 days) Secunia Research 1 Ziproxy Two Integer Overflow Vulnerabilities 1 days Stefan Cornelius 2 aria2 metalink "name" Directory Traversal Vulnerability 13 days Stefan Cornelius 1 Free Download Manager metalink "name" Directory Traversal 22 days Stefan Cornelius 1 Free Download Manager Four Buffer Overflow Vulnerabilities 22 days Stefan Cornelius 4 KDE KGet metalink "name" Directory Traversal Vulnerability 13 days Stefan Cornelius 1 KDE KGet Insecure File Operation Vulnerability 13 days Stefan Cornelius 1 IrfanView PSD RLE Decompression Buffer Overflow 54 days Stefan Cornelius 1 IrfanView PSD Image Parsing Sign-Extension Vulnerability 54 days Stefan Cornelius 1 TomatoCMS "q" SQL Injection Vulnerability 25 days Secunia Research 1 TomatoCMS Script Insertion Vulnerabilities 25 days Secunia Research 3 Adobe Shockwave Player Font Processing Buffer Overflow 49 days Alin Rad Pop 1 Adobe Shockwave Player Asset Entry Parsing Vulnerability 55 days Alin Rad Pop 1 Adobe Shockwave Player Integer Overflow Vulnerability 64 days Alin Rad Pop 1 Adobe Shockwave Player Array Indexing Vulnerability 69 days Alin Rad Pop 1 Adobe Shockwave Player Signedness Error Vulnerability 69 days Alin Rad Pop 1 Adobe Shockwave Player 3D Parsing Memory Corruption 70 days Alin Rad Pop 1 Internet Download Manager FTP Buffer Overflow Vulnerability 11 days Stefan Cornelius 1 imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error Unpatched (1141 days) Stefan Cornelius 1 e107 Avatar/Photograph Image File Upload Vulnerability 31 days Secunia Research 1 e107 Content Management Plugin Script Insertion Vulnerability 31 days Secunia Research 1 Visualization Library DAT File Parsing Vulnerabilities Unpatched (1238 days) Secunia Research 16 Pulse CMS Cross-Site Request Forgery 19 days Secunia Research 1 Pulse CMS Arbitrary File Upload Vulnerability 19 days Secunia Research 1 Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow 139 days Dyon Balding 1 Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow 139 days Dyon Balding 1 ViewVC Regular Expression Search Cross-Site Scripting 18 days Secunia Research 1 Pulse CMS login.php Arbitrary File Writing Vulnerability 5 days Secunia Research 1 Pulse CMS Arbitrary File Deletion Vulnerability 5 days Secunia Research 1 Pulse CMS Arbitrary File Writing Vulnerability 5 days Secunia Research 1 Quicksilver Forums Cross-Site Request Forgery Vulnerability Unpatched (1182 days) Secunia Research 1 Quicksilver Forums Backup Information Disclosure Unpatched (1182 days) Secunia Research 1 Quicksilver Forums "mysqldump" Password Disclosure Unpatched (1182 days) Secunia Research 1 XnView DICOM Parsing Integer Overflow Vulnerability 79 days Stefan Cornelius 1 Employee Timeclock Software "mysqldump" Password Disclosure Unpatched (1181 days) Secunia Research 1 Employee Timeclock Software Backup Information Disclosure Unpatched (1181 days) Secunia Research 1 Bournal Insecure Temporary Files Security Issue 10 days Secunia Research 1 Bournal ccrypt Information Disclosure Security Issue Unpatched (1194 days) Secunia Research 1 Mozilla Firefox Memory Corruption Vulnerability 106 days by Alin Rad Pop 1 Employee Timeclock Software SQL Injection Vulnerabilities Unpatched (1181 days) Secunia Research 4 Autonomy KeyView wkssr.dll Integer Underflow Vulnerability 127 days Carsten Eiram 1 libmikmod Module Parsing Vulnerabilities 38 days Dyon Balding 4 Microsoft Office TIFF Image Converter Two Buffer Overflows 525 days Carsten Eiram 2 Adobe Shockwave Player 3D Model Buffer Overflow 29 days Alin Rad Pop 1 IBM Lotus Notes wosr.dll Data Block Parsing Buffer Overflow 133 days Dyon Balding 1 Microsoft Office PICT Filter Integer Truncation Vulnerability 518 days Alin Rad Pop 1 Google Chrome Pop-Up Block Menu Handling Vulnerability 27 days Jakob Balle and Carsten Eiram 1 IBM Lotus Notes wkssr.dll Integer Underflow Vulnerability 127 days Carsten Eiram 1 Symantec Products wkssr.dll Integer Underflow Vulnerability 127 days Carsten Eiram 1 Adobe Reader JPEG Uninitialised Memory Vulnerability 54 days Alin Rad Pop 1 KubeBlog Twelve Cross-Site Scripting Vulnerabilities Unpatched (1024 days) Secunia Research 12 HP Power Manager "formExportDataLogs" Buffer Overflow 71 days Alin Rad Pop 1 Joomla CKForms Component Arbitrary File Upload Vulnerability 150 days Secunia Research 1 RealPage Module Upload ActiveX Control "Upload()" Unsafe Method 29 days Carsten Eiram 1 TomatoCMS Eight Cross-Site Scripting Vulnerabilities Unpatched (1139 days) Secunia Research 8 Website Baker Two Script Insertion Vulnerabilities Unpatched (1080 days) Secunia Research 2 IBM Lotus Notes wkssr.dll Record Parsing Buffer Overflows 134 days Carsten Eiram 2 Adobe Shockwave Player Four Integer Overflow Vulnerabilities 22 days Alin Rad Pop 4 Symantec Products wosr.dll Data Block Parsing Buffer Overflow 133 days Dyon Balding 1 Microsoft Windows Flash Player Movie Unloading Vulnerability Unpatched (2043 days) Carsten Eiram and Dyon Balding 1 Microsoft PowerPoint File Path Handling Buffer Overflow 265 days Carsten Eiram 1 Adobe Shockwave Player Integer Overflow Vulnerability 8 days Alin Rad Pop 1 IBM Lotus Notes wkssr.dll String Indexing Vulnerability 132 days Carsten Eiram 1 Symantec Products rtfsr.dll RTF Parsing Signedness Error 130 days Dyon Balding 1 webERP Multiple SQL Injection Vulnerabilities Unpatched (1028 days) Secunia Research 26 Orbit Downloader metalink "name" Directory Traversal Unpatched (1118 days) Stefan Cornelius 1 RealPage Module Upload ActiveX Control Two Buffer Overflows 29 days Carsten Eiram 2 Adobe Reader GIF Image Parsing Array-Indexing Vulnerability 46 days Carsten Eiram 1 Adobe Shockwave Player 3D Model Two Integer Overflows 28 days Alin Rad Pop 2 Adobe Illustrator Encapsulated Postscript Parsing Vulnerability 25 days Dyon Balding 1 PDF-XChange Viewer Content Parsing Memory Corruption Vulnerability 2 days Carsten Eiram 1 VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities 207 days Alin Rad Pop 2 2009 Total Vulnerabilities: 143 Total Advisories: 66 [+] [+] Discovered by Secunia ( 143 vulnerabilities, 66 advisories ) Time to Patch Discovered by Vulnerabilities VMWare VMnc Codec HexTile Encoding Buffer Overflow 207 days Alin Rad Pop 1 Winamp CAF Processing Integer Overflow Vulnerability 18 days Alin Rad Pop 1 Trend Micro NSC Firewall Configuration Vulnerability 88 days Carsten Eiram 1 QuickTime Sorenson Video 3 Content Parsing Vulnerability 95 days Carsten Eiram 1 Gimp BMP Image Parsing Integer Overflow Vulnerability 49 days Stefan Cornelius 1 Sun Solaris "sadmind" Integer Overflow Vulnerability 203 days Alin Rad Pop 1 Adobe Reader JBIG2 Symbol Dictionary Buffer Overflow 19 days Alin Rad Pop 1 RhinoSoft Serv-U TEA Decoding Buffer Overflow 12 days Secunia Research 1 Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability 21 days Alin Rad Pop 1 ComponentOne SizerOne ActiveX Control Buffer Overflow 53 days Carsten Eiram 1 IrfanView Formats Plug-in XPM Parsing Integer Overflow 6 days Stefan Cornelius 1 Winamp Impulse Tracker Sample Parsing Buffer Overflow 14 days Dyon Balding 1 IBM Tivoli Storage Manager Remote Agent Service Buffer Overflows 171 days Dyon Balding 2 Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow 44 days Dyon Balding 1 Microsoft Excel Record Parsing Array Indexing Vulnerability 153 days Carsten Eiram 1 OpenOffice.org Word Document Table Parsing Integer Underflow 116 days Dyon Balding 1 AproxEngine Multiple Vulnerabilities Unpatched (1264 days) Chaitanya Sharma 13 EasyHDR Pro Radiance RGBE Buffer Overflow 11 days Stefan Cornelius 1 Mozilla Firefox Floating Point Memory Allocation Vulnerability 44 days Alin Rad Pop 1 HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow 710 days Dyon Balding 1 ksquirrel-libs Radiance RGBE Buffer Overflows Unpatched (1593 days) Stefan Cornelius 2 Roxio Creator Image Rendering Integer Overflow Vulnerability 76 days Carsten Eiram 1 Foxit Reader JBIG2 Symbol Dictionary Processing Vulnerability 10 days Alin Rad Pop 1 Novell iPrint Client "target-frame" Parameter Buffer Overflow 36 days Carsten Eiram 1 Sun Solaris "sadmind" Buffer Overflow Vulnerability 204 days Alin Rad Pop 1 Microsoft Excel String Parsing Integer Overflow Vulnerability 90 days Carsten Eiram 1 Novell iPrint Client Date/Time Parsing Buffer Overflow 34 days Carsten Eiram 1 HP OpenView Network Node Manager Multiple Vulnerabilities 381 days JJ Reyes 7 UltraISO Image Name Parsing Format String Vulnerabilities 147 days Dyon Balding 2 IBM Tivoli Storage Manager Client CAD Service Buffer Overflow 362 days Dyon Balding 1 CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow 21 days Alin Rad Pop 1 SAP GUI TabOne ActiveX Control Caption List Buffer Overflow 55 days Carsten Eiram 1 Ghostscript jbig2dec JBIG2 Processing Buffer Overflow 63 days Alin Rad Pop 1 Winamp Impulse Tracker Instrument Parsing Buffer Overflows 14 days Dyon Balding 3 SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method 137 days Carsten Eiram 1 Adobe Reader JBIG2 Text Region Segment Buffer Overflow 57 days Alin Rad Pop 1 Winamp Ultratracker File Parsing Buffer Overflow 10 days Dyon Balding 1 AXIS Camera Control "image_pan_tilt" Property Buffer Overflow Unpatched (1593 days) Alin Rad Pop 1 OpenOffice.org Word Document Table Parsing Buffer Overflow 112 days Dyon Balding 1 Free Download Manager Remote Control Server Buffer Overflow 3 days Carsten Eiram 1 OpenX Multiple Vulnerabilities Unpatched (1582 days) Sarid Harper 51 Free Download Manager Torrent Parsing Buffer Overflows 3 days Carsten Eiram 5 libsndfile CAF Processing Integer Overflow Vulnerability 11 days Alin Rad Pop 1 Trend Micro Network Security Component Vulnerabilities 93 days Carsten Eiram 3 Orbit Downloader Long URL Parsing Buffer Overflow Unpatched (4921 days) - 1 Lateral Arts Photobox uploader ActiveX Control Buffer Overflow Unpatched (1296 days) Carsten Eiram 1 Microsoft PowerPoint Atom Parsing Buffer Overflows 193 days Carsten Eiram 2 Novell eDirectory iMonitor "Accept-Language" Buffer Overflow 130 days Alin Rad Pop 1 UltraISO Image Parsing Buffer Overflow Vulnerabilities 147 days Dyon Balding 3 Garmin Communicator Plug-In Domain Locking Security Bypass 110 days Dyon Balding 1 HP Power Manager "formExportDataLogs" Directory Traversal 71 days Alin Rad Pop 1 Danske Bank e-Sec Control Module Error Logging Buffer Overflow Unpatched (1862 days) Carsten Eiram 1 Gimp PSD Image Parsing Integer Overflow Vulnerability 47 days Stefan Cornelius 1 Mozilla Firefox Java Applet Loading Vulnerability 76 days Jakob Balle and Carsten Eiram 1 DevIL DICOM "GetUID()" Buffer Overflow Vulnerability Unpatched (1271 days) Stefan Cornelius 1 TSC2 Help Desk CTab ActiveX Control Buffer Overflow 419 days Carsten Eiram 1 Oracle BEA WebLogic Server Plug-ins Integer Overflow 44 days Dyon Balding 1 DivX Web Player Stream Format Chunk Buffer Overflow 118 days Alin Rad Pop 1 VMWare VMnc Codec Mismatched Dimensions Buffer Overflow 130 days Alin Rad Pop 1 Winamp Oktalyzer Parsing Integer Overflow Vulnerability 10 days Dyon Balding 1 DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities 31 days Stefan Cornelius 2 OpenSG Radiance RGBE Buffer Overflow Vulnerability Unpatched (1593 days) Stefan Cornelius 1 Apple QuickTime MS ADPCM Encoding Buffer Overflow 116 days Alin Rad Pop 1 Microsoft PowerPoint Freelance Layout Parsing Vulnerability Unpatched (1461 days) Carsten Eiram 1 Microsoft Office BMP Image Colour Handling Integer Overflow 424 days Carsten Eiram 1 SHOUTcast DNAS Relay Server Buffer Overflow Unpatched (1593 days) Stefan Cornelius 1 2008 Total Vulnerabilities: 92 Total Advisories: 63 [+] [+] Discovered by Secunia ( 92 vulnerabilities, 63 advisories ) Time to Patch Discovered by Vulnerabilities Trend Micro OfficeScan CGI Parsing Buffer Overflow 42 days Dyon Balding 1 HP SiteScope SNMP Trap Script Insertion Vulnerability Unpatched (2046 days) Dyon Balding 1 Apple QuickTime PICT Image Parsing Buffer Overflow 91 days Dyon Balding 1 activePDF Server Packet Handling Buffer Overflow 120 days Carsten Eiram 1 Lotus Notes kvdocve.dll Path Processing Buffer Overflow 91 days Secunia Research 1 Adobe Acrobat/Reader "util.printf()" Buffer Overflow 202 days Dyon Balding 1 Streamripper Multiple Buffer Overflows 15 days Stefan Cornelius 3 Blue Coat K9 Web Protection "Referer" Header Buffer Overflow Unpatched (2154 days) Carsten Eiram 1 RealPlayer SWF Frame Handling Buffer Overflow 254 days Dyon Balding 1 Foxit Reader "util.printf()" Buffer Overflow 33 days Dyon Balding 1 Blue Coat K9 Web Protection Response Handling Buffer Overflows Unpatched (2148 days) Carsten Eiram 2 Lotus Notes Applix Graphics Parsing Vulnerabilities 138 days Dyon Balding 4 Microsoft Word RTF Polyline/Polygon Integer Overflow 207 days Dyon Balding 1 XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow Unpatched (1820 days) Stefan Cornelius 1 IMP Mail Deletion Security Bypass Vulnerability 28 days Ulf Harnhammar 1 Motion "read_client()" HTTP Request Buffer Overflow 13 days Stefan Cornelius 1 VLC Media Player WAV Processing Integer Overflow 19 days Alin Rad Pop 1 Winamp Ultravox Streaming Metadata Parsing Buffer Overflows 14 days Carsten Eiram 1 Novell iPrint Client ActiveX Control "GetFileList()" Information Disclosure 75 days Carsten Eiram 1 activePDF DocConverter Folio Flat File Parsing Buffer Overflows 519 days Dyon Balding 21 Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow Unpatched (1723 days) Dyon Balding 1 HP OpenView Network Node Manager OpenView5.exe Directory Traversal 182 days JJ Reyes 1 CA ARCserve Backup RPC "handle_t" Argument Vulnerability 414 days Dyon Balding 1 uTorrent / BitTorrent Web UI HTTP "Range" Header DoS 31 days Dyon Balding 1 GNU Enscript "setfilename" Special Escape Buffer Overflow Unpatched (1687 days) Ulf Harnhammar 1 xine-lib "sdpplin_parse()" Array Indexing Vulnerability 10 days Alin Rad Pop 1 Autonomy Keyview EML Reader Buffer Overflows 151 days Carsten Eiram 4 TorrentTrader Multiple SQL Injection Vulnerabilities 7 days Secunia Research 3 Layton HelpBox Multiple Vulnerabilities Unpatched (2009 days) Secunia Research 23 Akamai Red Swoosh Cross-Site Request Forgery 24 days Dyon Balding 1 activePDF DocConverter Applix Graphics Parsing Vulnerabilities 114 days Dyon Balding 4 Evolution iCalendar Timezone Buffer Overflow 365 days Alin Rad Pop 1 Internet Explorer Data Stream Handling Vulnerability 136 days Carsten Eiram 1 imlib2 PNM and XPM Buffer Overflows 148 days Stefan Cornelius 2 Microsoft Hierarchical FlexGrid Control Integer Overflows 469 days Carsten Eiram 1 Adobe Flash Player "Declare Function (V7)" Heap Overflow 110 days Alin Rad Pop 1 Novell iPrint Client ActiveX Control Multiple Buffer Overflows 77 days Carsten Eiram 7 Novell iPrint Client nipplib.dll "IppCreateServerRef()" Buffer Overflow 9 days Carsten Eiram 1 Lotus Notes htmsr.dll Three Buffer Overflow Vulnerabilities 91 days Secunia Research 3 Trend Micro HouseCall ActiveX Control Arbitrary Code Execution 126 days Alin Rad Pop 1 Symantec Mail Security Folio Flat File Parsing Buffer Overflows 68 days Dyon Balding 21 Microsoft Excel NAME Record Array Indexing Vulnerability 10 days Dyon Balding 1 Adobe PageMaker PMD File Processing Buffer Overflows Unpatched (2038 days) JJ Reyes 2 Orb Networks Orb Variant Array Parsing Buffer Overflow 69 days Dyon Balding 1 Trend Micro OfficeScan Directory Traversal Vulnerability 28 days Dyon Balding 1 HP OpenView Products Shared Trace Service Denial of Service 420 days Dyon Balding 1 Evolution Encrypted Message Format String Vulnerability 8 days Ulf Harnhammar 1 ClamAV Upack Processing Buffer Overflow Vulnerability 35 days Alin Rad Pop 1 Blender "imb_loadhdr()" Buffer Overflow Vulnerability Unpatched (1864 days) Stefan Cornelius 1 Lotus Notes EML Reader Buffer Overflows 151 days Carsten Eiram 4 Autonomy Keyview Applix Graphics Parsing Vulnerabilities 138 days Dyon Balding 4 Samba "receive_smb_raw()" Buffer Overflow Vulnerability 14 days Alin Rad Pop 1 Symantec Mail Security Applix Graphics Parsing Vulnerabilities 111 days Dyon Balding 4 Evolution iCalendar "DESCRIPTION" Property Buffer Overflow 365 days Alin Rad Pop 1 Symantec Backup Exec Calendar Control Multiple Vulnerabilities 88 days JJ Reyes 3 Interact SQL Injection and Cross-Site Request Forgery Unpatched (1671 days) Secunia Research 1 XnView, NConvert, and GFL SDK Radiance RGBE Buffer Overflow 25 days Stefan Cornelius 1 Calendarix Basic Two SQL Injection Vulnerabilities 63 days Secunia Research 2 Trend Micro Products Web Management Authentication Bypass 10 days Dyon Balding 1 Lotus Notes Folio Flat File Parsing Buffer Overflows 101 days Dyon Balding 21 Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability 118 days Alin Rad Pop 1 Autonomy Keyview Folio Flat File Parsing Buffer Overflows 101 days Dyon Balding 21 XnView Slideshow "FontName" Buffer Overflow Vulnerability 61 days Stefan Cornelius 1 2007 Total Vulnerabilities: 245 Total Advisories: 84 [+] [+] Discovered by Secunia ( 245 vulnerabilities, 84 advisories ) Time to Patch Discovered by Vulnerabilities Apple QuickTime Java Extension Code Execution 22 days Dyon Balding 1 Cheetah CD/DVD Burner NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 MPlayer CDDB Parsing Buffer Overflow Unpatched (2182 days) Stefan Cornelius 1 DanDans Digital Media Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Centennial Discovery Insecure File Permissions Unpatched (2183 days) Sven Krewitt 1 Samba "reply_netbios_packet()" Buffer Overflow Vulnerability 16 days Alin Rad Pop 1 Easy Ringtone Maker NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 MP3 WAV Converter NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 NextLevel Systems Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Internet Explorer 7 "onunload" Event Spoofing Vulnerability 276 days Jakob Balle 1 Qtpfsgui "readRadianceHeader()" Buffer Overflow Vulnerability 3 days Stefan Cornelius 1 Samba "send_mailslot()" Buffer Overflow Vulnerability 18 days Alin Rad Pop 1 Aurora Media Workshop NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 MailEnable Web Mail Client Multiple Vulnerabilities 7 days JJ Reyes 5 Sylpheed / Sylpheed-Claws POP3 Format String Vulnerability Unpatched (2100 days) Ulf Harnhammar 1 EXPStudio Audio Editor NCTAudioFile2 ActiveX Control Buffer Overflow 1602 days Carsten Eiram 1 Centennial Discovery XferWan.exe Packet Parsing Buffer Overflows 63 days Dyon Balding 2 ACDSee Products Image and Archive Plug-ins Buffer Overflows 45 days JJ Reyes 3 RMBSoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Evolution Shared Memo Categories Format String Vulnerability 817 days Ulf Harnhammar 1 CUPS IPP Tags Memory Corruption Vulnerability 16 days Alin Rad Pop 1 Movavi Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 XMMS Integer Overflow and Underflow Vulnerabilities Unpatched (2296 days) Sven Krewitt 2 AbiWord Link Grammar "separate_sentence()" Buffer Overflow 17 days Alin Rad Pop 1 KVIrc irc:// URI Handler Command Execution Vulnerability Unpatched (2164 days) Stefan Cornelius 1 MP3 Normalizer NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 BearShare NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2214 days) Carsten Eiram 1 Joshua Software Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Symantec Products NavComUI ActiveX Control Code Execution 90 days Carsten Eiram 1 Mystik Media Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 3Com OfficeConnect Secure Router Cross-Site Scripting Unpatched (2484 days) Secunia Research 1 Xpdf "Stream.cc" Multiple Vulnerabilities 22 days Alin Rad Pop 3 Xrlly Software NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Symantec Discovery Insecure File Permissions Unpatched (2183 days) Sven Krewitt 1 RecordNRip NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 The Address Book Multiple Vulnerabilities Unpatched (2449 days) Secunia Research 25 CA BrightStor ARCserve Backup RPC Argument Parsing Vulnerabilities 104 days Dyon Balding 3 Microsoft Agent URL Parsing Memory Corruption Vulnerability 119 days JJ Reyes and Carsten Eiram 1 Altdo Software Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Microsoft Excel rtWnDesk Record Memory Corruption Vulnerability 29 days Dyon Balding 1 NCTsoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2330 days) Carsten Eiram 1 Internet Explorer HTML Objects Memory Corruption Vulnerability 109 days JJ Reyes 1 pfstools "readRadianceHeader()" Buffer Overflow Vulnerability 146 days Stefan Cornelius 1 DB Audio Mixer And Editor NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Blender KML/KMZ Import Command Injection Vulnerability 4 days Stefan Cornelius 1 iMesh NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Symantec Discovery XferWan.exe Packet Parsing Buffer Overflows Unpatched (2273 days) Dyon Balding 2 Symantec Backup Exec Job Engine Denial of Service 57 days JJ Reyes 1 CDBurnerXP Pro NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 eScan Products Agent Service Missing User Authentication Unpatched (2289 days) Carsten Eiram 1 SoftDiv Software Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Symantec Mail Security for SMTP Boundary Errors 95 days Dyon Balding 2 Roemer Software Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 VCDGear Cue File Parsing Buffer Overflow Vulnerabilities Unpatched (2210 days) Carsten Eiram 2 Virtual CD Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 eScan Products Agent Service Command Decryption Buffer Overflow 6 days Carsten Eiram 1 Safari JavaScript Read Access to Protected Variable 274 days Secunia Research 1 Power Audio Editor NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Novell Client NWSPOOL.DLL Buffer Overflow Vulnerabilities 116 days JJ Reyes 2 Miranda "ext_yahoo_contact_added()" Format String Vulnerability 17 days Secunia Research 1 Absolute Software Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 McFunSoft Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Numara Asset Manager Insecure File Permissions Unpatched (2165 days) Sven Krewitt 1 PentaZip Archive Handling Three Vulnerabilities 46 days JJ Reyes 3 Internet Explorer File Download Handling Memory Corruption 277 days Carsten Eiram 1 Gimp PSD Plugin Integer Overflow Vulnerability 25 days Stefan Cornelius 1 Cool Audio Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Vim "helptags" Command Format String Vulnerability Unpatched (2136 days) Ulf Harnhammar 1 Magic Video Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow Unpatched (2314 days) Carsten Eiram 1 McAfee E-Business Server Auth Packet Handling Buffer Overflow 79 days Dyon Balding 1 J. Hepple Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 kmz_ImportWithMesh.py Script for Blender Command Injection 10 days Stefan Cornelius 1 IrfanView Palette File Importing Buffer Overflow Vulnerability 49 days Stefan Cornelius 1 Quikscribe Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 Numara Asset Manager XferWan.exe Packet Parsing Buffer Overflows Unpatched (2273 days) Dyon Balding 2 IBM Tivoli Storage Manager Client CAD Service Script Insertion Unpatched (2051 days) Carsten Eiram 1 Code-it Software Products NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 CinePlayer SonicDVDDashVRNav.dll Buffer Overflow Vulnerability Unpatched (2262 days) Carsten Eiram 1 Link Grammar "separate_sentence()" Buffer Overflow Unpatched (2038 days) Alin Rad Pop 1 Sienzo Digital Music Mentor NCTAudioFile2 ActiveX Control Buffer Overflow 2 days Carsten Eiram 1 CA BrightStor ARCserve Backup RPC String Buffer Overflow 167 days Dyon Balding 1 IPSwitch IMail Server IMail Client Buffer Overflow 73 days Secunia Research 1 Audio Edit Magic NCTAudioFile2 ActiveX Control Buffer Overflow Unpatched (2316 days) Carsten Eiram 1 2006 Total Vulnerabilities: 182 Total Advisories: 80 [+] [+] Discovered by Secunia ( 182 vulnerabilities, 80 advisories ) Time to Patch Discovered by Vulnerabilities Eserv/3 IMAP and HTTP Server Multiple Vulnerabilities 16 days Tan Chew Keong 7 Panda ActiveScan Three Vulnerabilities 43 days Andreas Sandblad 3 NJStar Word Processor Font Name Buffer Overflow 15 days Tan Chew Keong 1 CAM UnZip ZIP File Handling Buffer Overflow Vulnerability 16 days Tan Chew Keong 1 MDaemon Insecure Default Directory Permissions Unpatched (2458 days) Secunia Research 1 @Mail Webmail Attachment Upload Directory Traversal 2 days Tan Chew Keong 1 Abakt ZIP File Handling Buffer Overflow Vulnerability 3 days Tan Chew Keong 1 Borland Products idsql32.dll Buffer Overflow Vulnerability Unpatched (2379 days) JJ Reyes 1 Where Is It unacev2.dll Buffer Overflow Vulnerability 5 days 1 MailEnable IMAP Service Buffer Overflow Vulnerability 0 days JJ Reyes 1 WinHKI unacev2.dll Buffer Overflow Vulnerability 32 days Tan Chew Keong 1 Blazix Web Server JSP Source Code Disclosure Vulnerability 5 days Tan Chew Keong 1 PC Tools AntiVirus Insecure Default Directory Permissions Unpatched (2499 days) Carsten Eiram 1 Quick 'n Easy/Baby Web Server ASP Code Disclosure Vulnerability 2 days Tan Chew Keong 1 WinGate IMAP Commands Directory Traversal Vulnerability 24 days Tan Chew Keong 1 unalz Filename Handling Directory Traversal Vulnerability 11 days Tan Chew Keong 1 Lotus Notes ZIP File Handling Buffer Overflow 191 days Tan Chew Keong 1 jetAudio ID Tag Handling Buffer Overflow Vulnerability Unpatched (2549 days) Tan Chew Keong 1 Jetbox Multiple Vulnerabilities Unpatched (2504 days) Sven Krewitt 9 Dwarf HTTP Server Source Disclosure and Cross-Site Scripting 24 days Tan Chew Keong 1 Lotus Notes TAR Reader File Extraction Buffer Overflow 177 days Carsten Eiram 1 PicoZip "zipinfo.dll" Multiple Archives Buffer Overflow 8 days Tan Chew Keong 1 NetworkActiv Web Server Script Source Disclosure Vulnerability 8 days Tan Chew Keong 1 SelectaPix Cross-Site Scripting and SQL Injection Vulnerabilities 23 days Andreas Sandblad 7 Joomla BSQ Sitestats Component Multiple Vulnerabilities 3 days Sven Krewitt 6 Microsoft Internet Explorer "createTextRange()" Code Execution 56 days Andreas Sandblad 1 Rising Antivirus unacev2.dll Buffer Overflow Vulnerability 22 days Secunia Research 1 Joomla BSQ Sitestats Script Insertion and SQL Injection 20 days Sven Krewitt 2 Macallan Mail Solution IMAP Commands Directory Traversal 8 days Secunia Research 1 Eazel unacev2.dll Buffer Overflow Vulnerability Unpatched (2576 days) Secunia Research 1 PassGo SSO Plus Insecure Default Directory Permissions 173 days Secunia Research 1 E-Post Mail Server Products Multiple Vulnerabilities 5 days Tan Chew Keong 6 FilZip unacev2.dll Buffer Overflow Vulnerability Unpatched (2583 days) Secunia Research 1 MailEnable IMAP Service Two Vulnerabilities 4 days JJ Reyes 2 Anti-Trojan unacev2.dll Buffer Overflow Vulnerability Unpatched (2571 days) Secunia Research 1 Servant Salamander unacev2.dll Buffer Overflow Vulnerability 1 days Tan Chew Keong 1 Mozilla Firefox XPCOM Event Handling Memory Corruption 35 days Carsten Eiram 1 AN HTTPD Script Source Disclosure Vulnerability 11 days Tan Chew Keong 1 ZipTV ARJ Archive Handling and unacev2.dll Buffer Overflows Unpatched (2554 days) Tan Chew Keong 2 BlueDragon Server Cross-Site Scripting and Denial of Service 110 days Tan Chew Keong 1 phpRaid SQL Injection and File Inclusion Vulnerabilities Unpatched (2553 days) Sven Krewitt 19 FileCOPA Directory Argument Handling Buffer Overflow 0 days Carsten Eiram 1 RaidenHTTPD Script Source Disclosure Vulnerability 3 days Tan Chew Keong 1 Lotus Notes UUE File Handling Buffer Overflow 278 days Tan Chew Keong 1 DeluxeBB SQL Injection and File Inclusion Vulnerabilities Unpatched (2553 days) Andreas Sandblad 10 Internet Explorer Script Error Handling Memory Corruption 119 days Jakob Balle and Carsten Eiram 1 IceWarp Web Mail Two File Inclusion Vulnerabilities 1 days Tan Chew Keong 2 Lotus Notes Multiple Archive Handling Directory Traversal 190 days Tan Chew Keong and Carsten Eiram 1 Internet Explorer Exception Handling Memory Corruption Vulnerability 49 days Andreas Sandblad 1 CJ Tag Board Two PHP Code Injection Vulnerabilities Unpatched (2462 days) Secunia Research 2 Lighttpd Script Source Disclosure Vulnerability 14 days Tan Chew Keong 1 Adobe Document/Graphics Server File URI Resource Access Unpatched (2857 days) Tan Chew Keong 1 AutoMate unacev2.dll Buffer Overflow Vulnerability 205 days Secunia Research 1 Microsoft Windows Object Packager Dialog Spoofing 104 days Andreas Sandblad 1 ArGoSoft Mail Server Pro viewheaders Script Insertion 3 days Secunia Research 1 ZipCentral ZIP File Handling Buffer Overflow Vulnerability Unpatched (2554 days) Tan Chew Keong 1 NeoMail neomail-prefs.pl Missing Session ID Validation 4 days Tan Chew Keong 1 Mozilla Thunderbird Attachment Spoofing Vulnerability 195 days Andreas Sandblad 1 IZArc unacev2.dll Buffer Overflow Vulnerability 1324 days Secunia Research 1 AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow 746 days Carsten Eiram 1 UltimateZip unacev2.dll Buffer Overflow Vulnerability Unpatched (2583 days) Secunia Research 1 TZipBuilder ZIP File Handling Buffer Overflow Vulnerability 6 days Tan Chew Keong 1 MailEnable POP Service "PASS" Command Buffer Overflow 0 days Carsten Eiram 1 SpeedProject Products ACE Archive Handling Buffer Overflow 26 days Tan Chew Keong 1 CMS Mundo SQL Injection Vulnerabilities Unpatched (2549 days) Andreas Sandblad 10 Xeneo Web Server Script Source Disclosure Vulnerability Unpatched (2617 days) Tan Chew Keong 1 Opera SSL Certificate "Stealing" Weakness 89 days Jakob Balle 1 NOD32 Scheduled Scan Privilege Escalation Vulnerability 32 days Tan Chew Keong 1 IBM Lotus Domino iNotes Client Script Insertion Vulnerabilities 172 days Jakob Balle and Tan Chew Keong 4 BitZipper unacev2.dll Buffer Overflow Vulnerability Unpatched (2577 days) Secunia Research 1 AutoVue SolidModel Professional Buffer Overflow Vulnerability Unpatched (2511 days) Tan Chew Keong 1 VisNetic Mail Server Two File Inclusion Vulnerabilities 142 days Tan Chew Keong 2 CMS Mundo SQL Injection and File Upload Vulnerabilities 15 days Andreas Sandblad 2 My Firewall Plus Privilege Escalation Vulnerability Unpatched (2484 days) Secunia Research 1 Orion Application Server JSP Source Disclosure Vulnerability 34 days Tan Chew Keong 1 Lotus Notes HTML Speed Reader Link Two Buffer Overflows 188 days Carsten Eiram 2 IBM Lotus Notes Insecure Default Folder Permissions 88 days Carsten Eiram 1 MyBB "domecode()" PHP Code Execution Vulnerability 6 days Andreas Sandblad 1 Tagger LE PHP "eval()" Injection Vulnerabilities Unpatched (2457 days) Andreas Sandblad 6 AOL Insecure Default Directory Permissions 189 days Carsten Eiram 1 2005 Total Vulnerabilities: 87 Total Advisories: 54 [+] [+] Discovered by Secunia ( 87 vulnerabilities, 54 advisories ) Time to Patch Discovered by Vulnerabilities MDaemon Content Filter Directory Traversal Vulnerability 1 days Tan Chew Keong 1 HAURI Anti-Virus Compressed Archive Directory Traversal 48 days Tan Chew Keong 1 Internet Explorer Suppressed "Download Dialog" Vulnerability 170 days Jakob Balle 1 PHP-Fusion Two SQL Injection Vulnerabilities 0 days Andreas Sandblad 2 Opera Image Dragging Vulnerability 38 days Jakob Balle 1 Sun Java Plug-In Predictable File Location Weakness Unpatched (3242 days) Andreas Sandblad 1 ALZip Multiple Archive Handling Buffer Overflow 9 days Tan Chew Keong 1 Mozilla / Firefox Property Manipulation Cross-Site Scripting 52 days Andreas Sandblad 1 Mantis "t_core_path" File Inclusion Vulnerability 22 days Andreas Sandblad 1 Safari Dialog Origin Spoofing Vulnerability 190 days Jakob Balle 1 AVIRA Antivirus ACE Archive Handling Buffer Overflow 9 days Tan Chew Keong 1 Microsoft Internet Explorer Dialog Origin Spoofing Vulnerability Unpatched (2920 days) Jakob Balle 1 NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow 4 days Tan Chew Keong 1 Adobe Reader for Linux Insecure Temporary File Creation 56 days Carsten Eiram 1 Mathopd Insecure Dump File Creation Vulnerability 1 days Andreas Sandblad 1 NetworkActiv Web Server Cross-Site Scripting Vulnerability 0 days Secunia Research 1 Mozilla / Firefox "Save Link As" Download Dialog Spoofing Vulnerability 91 days Andreas Sandblad 1 Adobe Document Server for Reader Extensions Multiple Vulnerabilities 261 days Carsten Eiram and Tan Chew Keong 6 MercuryBoard "title" Script Insertion Vulnerability 53 days Secunia Research 1 Gossamer Threads Links Script Insertion Vulnerabilities 2043 days Secunia Research 2 Mozilla / Mozilla Firefox Download Dialog Source Spoofing Vulnerability 118 days Jakob Balle 1 Novell NetMail NMAP Agent "USER" Buffer Overflow Vulnerability 84 days Tan Chew Keong 1 Microsoft Internet Explorer "createControlRange()" Memory Corruption 96 days Andreas Sandblad 1 avast! Antivirus ACE File Handling Two Vulnerabilities Unpatched (4921 days) Tan Chew Keong 2 MySource Cross-Site Scripting and File Inclusion Vulnerabilities 15 days Secunia Research 17 Ahnlab V3 Antivirus Three Vulnerabilities 77 days Tan Chew Keong 3 Yahoo! Messenger Audio Setup Wizard Privilege Escalation 43 days Carsten Eiram 1 AhnLab V3 Antivirus ALZ/UUE/XXE Archive Handling Buffer Overflow 24 days Tan Chew Keong 1 WhatsUp Small Business Report Service Directory Traversal Unpatched (2918 days) Carsten Eiram 1 7-Zip ARJ Archive Handling Buffer Overflow 16 days Tan Chew Keong 1 Mozilla Products Dialog Origin Spoofing Vulnerability 59 days Jakob Balle 1 Opera Mail Client Attachment Spoofing and Script Insertion 19 days Jakob Balle 2 Opera Dialog Origin Spoofing Vulnerability 28 days Jakob Balle 1 SqWebMail HTML Emails Script Insertion Vulnerability 0 days Jakob Balle 1 Opera "javascript:" URLs Cross-Site Scripting 29 days Jakob Balle 1 Yahoo! Messenger File Transfer Filename Spoofing 38 days Andreas Sandblad 1 HAURI Anti-Virus ACE Archive Handling Buffer Overflow 8 days Tan Chew Keong 1 My Firewall Plus Arbitrary File Corruption Vulnerability 28 days Carsten Eiram 1 Opera Download Dialog Spoofing Vulnerability 23 days Andreas Sandblad 1 Mozilla Firefox Download Dialog Spoofing Vulnerabilities 191 days Andreas Sandblad 2 WinRAR Format String and Buffer Overflow Vulnerabilities 10 days Tan Chew Keong 2 Opera Suppressed "Download Dialog" Vulnerability 32 days Jakob Balle 1 Microsoft Internet Explorer Four Vulnerabilities 127 days Andreas Sandblad 4 PowerArchiver ACE/ARJ Archive Handling Buffer Overflow 13 days Tan Chew Keong 1 Netscape Property Manipulation Cross-Site Scripting 70 days Andreas Sandblad 1 HAURI Anti-Virus ALZ Archive Handling Buffer Overflow 8 days Tan Chew Keong 1 WhatsUp Professional "Login.asp" SQL Injection 28 days Carsten Eiram 1 SqWebMail Conditional Comments Script Insertion Vulnerability 0 days Jakob Balle 1 Webroot Desktop Firewall Two Vulnerabilities 78 days Tan Chew Keong 2 ALZip ACE Archive Handling Buffer Overflow 14 days Tan Chew Keong 1 Microsoft Internet Explorer Keyboard Shortcut Processing Vulnerability 203 days Andreas Sandblad 1 Opera 8 XMLHttpRequest Security Bypass 58 days Jakob Balle 1 SqWebMail Attached File Script Insertion Vulnerability Unpatched (2829 days) Jakob Balle 1 Konqueror Download Dialog Source Spoofing Unpatched (3059 days) Jakob Balle 1 2004 Total Vulnerabilities: 39 Total Advisories: 12 [+] [+] Discovered by Secunia ( 39 vulnerabilities, 12 advisories ) Time to Patch Discovered by Vulnerabilities My Firewall Plus Privilege Escalation Vulnerability Unpatched (3014 days) Carsten Eiram 1 Multiple Browsers Window Injection Vulnerability 24 days Secunia Research 5 Multiple Browsers Tabbed Browsing Vulnerabilities 8 days Jakob Balle 10 SquirrelMail Change_passwd Plugin Insecure Temporary File Creation 3 days Carsten Eiram 1 IBM Net.Data Macro Name Cross-Site Scripting Vulnerability Unpatched (3694 days) Carsten Eiram 1 Pinnacle ShowCenter Skin File Cross-Site Scripting Vulnerability Unpatched (3158 days) Secunia Research 1 GdkPixbuf BMP Image Handling Denial of Service Vulnerability 21 days Secunia Research 1 Ansel "image" SQL Injection and Script Insertion Vulnerabilities 19 days Secunia Research 2 Spy Sweeper Enterprise Client Privilege Escalation Vulnerability 34 days Carsten Eiram 1 StarOffice / OpenOffice Insecure Temporary File Creation 27 days Carsten Eiram 1 Opera Browser Address Bar Spoofing Vulnerability 10 days Jakob Balle 1 Opera Download Dialog Spoofing Vulnerability 23 days Andreas Sandblad 1 2003 Total Vulnerabilities: 13 Total Advisories: 6 [+] [+] Discovered by Secunia ( 13 vulnerabilities, 6 advisories ) Time to Patch Discovered by Vulnerabilities Opera Browser File Extension Handling Two Buffer Overflows 17 days Jakob Balle 2 Opera Browser Page Redirection Cross-Site Scripting Vulnerability 9 days Jakob Balle 1 BRS WebWeaver Error Page Cross-Site Scripting Vulnerability 56 days Carsten Eiram 1 FTPServer/X Response Handling Buffer Overflow Vulnerability 72 days Carsten Eiram 1 Xeneo Web Server URL Encoding Denial of Service 1 days Carsten Eiram 1 Alexandria-dev / sourceforge Multiple Vulnerabilities Unpatched (3716 days) Ulf Harnhammar 7