Michael Rutkowski

**Name of the Vulnerable Software and Affected Versions** MicroPact iComplaints versions prior to 8.0.2.1.8.8014 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote authenticated users to inject arbitrary web script or HTML via the `description` parameter in the AddStdLetter.jsp file. **Recommendations** For versions prior to 8.0.2.1.8.8014, update to version 8.0.2.1.8.8014 or later to resolve the issue. As a temporary workaround, consider restricting access to the AddStdLetter.jsp file or validating and sanitizing the `description` parameter to prevent malicious input.

**Name of the Vulnerable Software and Affected Versions** HP ArcSight Connector appliance version 6.2.0.6244.0 HP ArcSight Logger appliance version 5.2.0.6288.0 **Description** A cross-site scripting (XSS) issue exists in the import functionality, allowing remote attackers to inject arbitrary web script or HTML via a crafted file. This could potentially lead to unauthorized access or control of the affected system. **Recommendations** For HP ArcSight Connector appliance version 6.2.0.6244.0, update the import functionality to prevent the injection of arbitrary web script or HTML. For HP ArcSight Logger appliance version 5.2.0.6288.0, update the import functionality to prevent the injection of arbitrary web script or HTML.

**Name of the Vulnerable Software and Affected Versions** eEye Retina Network Security Scanner versions 2406 through 2423 **Description** The issue allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/. **Recommendations** For versions 2406 through 2423, consider restricting access to arbitrary directories under /usr/local/ to prevent the placement of Trojan horse programs until a fix is available.

**Name of the Vulnerable Software and Affected Versions** HP ArcSight Connector Appliance versions prior to 6.1 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file. This could potentially lead to unauthorized access or control of the system. **Recommendations** For versions prior to 6.1, update to version 6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Windows Event Log SmartConnector to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Oracle Solaris versions 8, 9, and 10 **Description** The issue allows local users to obtain password hashes and conduct brute force password guessing attacks due to the storage of back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/. **Recommendations** For Oracle Solaris versions 8, 9, and 10, consider restricting access to the /var/sadm/pkg/ directory to minimize the risk of exploitation. As a temporary workaround, restrict read permissions on the undo.Z files to prevent unauthorized access until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.