Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Thu, 28 Feb 08
Webboard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1039
SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter.
Thu, 28 Feb 08
DBHcms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1038
PHP remote file inclusion vulnerability in mod/mod.extmanager.php in DBHcms 1.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the extmanager_install parameter.
Thu, 28 Feb 08
PolicyCenter, PacketShaper
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1037
Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page.
Wed, 27 Feb 08
VLC Media Player
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0984
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
Wed, 27 Feb 08
lighttpd
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0983
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.
Wed, 27 Feb 08
VMWare Workstation, VMWare Player, ACE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0923
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string.
Wed, 27 Feb 08
CUPS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0597
Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.
Wed, 27 Feb 08
CUPS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0596
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.
Wed, 27 Feb 08
Spyce
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0982
Spyce - Python Server Pages (PSP) 2.1.3 allows remote attackers to obtain sensitive information via a direct request for spyce/examples/automaton.spy, which reveals the path in an error message.
Wed, 27 Feb 08
Spyce
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0981
Open redirect vulnerability in spyce/examples/redirect.spy in Spyce - Python Server Pages (PSP) 2.1.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Wed, 27 Feb 08
Spyce
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0980
Multiple cross-site scripting (XSS) vulnerabilities in Spyce - Python Server Pages (PSP) 2.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter or the type parameter to docs/examples/redirect.spy; (2) the x parameter to docs/examples/handlervalidate.spy; (3) the name parameter to spyce/examples/request.spy; (4) the Name parameter to spyce/examples/getpost.spy; (5) the mytextarea parameter, the mypass parameter, or an empty parameter to spyce/examples/for...
Wed, 27 Feb 08
Double-Take, StorageWorks Double-Take
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0979
Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain packet that triggers the recursive calling of a function.
Wed, 27 Feb 08
Double-Take
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0978
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to obtain sensitive information via a packet of type (1) 0x2728, which provides operating system and path information; (2) 0x274e, which lists Ethernet adapters; (3) 0x2726, which provides filesystem information; (4) 0x274f, which specifies the printer driver; or (5) 0x2757, which provides recent log entries.
Wed, 27 Feb 08
Double-Take
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0977
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain long packet that triggers an attempt to allocate a large amount of memory.
Wed, 27 Feb 08
Double-Take, StorageWorks Double-Take
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0976
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed packet, as demonstrated by a packet of type (1) 0x2722 or (2) 0x272a.
Wed, 27 Feb 08
Double-Take
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0975
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (CPU consumption) via a -1 value in the field that specifies the size of the vector
Wed, 27 Feb 08
Double-Take, StorageWorks Double-Take
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0974
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector
Wed, 27 Feb 08
Double-Take
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0973
Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field.
Wed, 27 Feb 08
Instant Messaging, IMserver
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0946
Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.
Wed, 27 Feb 08
Instant Messaging, IMserver
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0945
Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.
Wed, 27 Feb 08
Instant Messaging
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0944
Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of service (NULL dereference and application crash) via a version field containing zero.
Wed, 27 Feb 08
Aeries Student Information System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0943
Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp.
Wed, 27 Feb 08
Aeries Student Information System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0942
SQL injection vulnerability in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote attackers to execute arbitrary SQL commands via the GrdBk parameter.
Wed, 27 Feb 08
Aeries Student Information System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0941
Cross-site scripting (XSS) vulnerability in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 allows remote authenticated users to inject arbitrary web script or HTML via an event.
Wed, 27 Feb 08
Sword, Diatheke Front End
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0932
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an unspecified parameter.
Wed, 27 Feb 08
WebGUI
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0940
Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.4.24 allows remote attackers to inject arbitrary web script or HTML when creating a username, a different vulnerability than CVE-2007-0407.
Wed, 27 Feb 08
Photo Album plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0939
Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Album (WPPA) before 1.1 plugin for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the photo parameter to index.php, used by the wppa_photo_name function; or (2) the album parameter to index.php, used by the wppa_album_name function. NOTE: some of these details are obtained from third party information.
Wed, 27 Feb 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0938
Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126.
Wed, 27 Feb 08
Tiny Event Module, TinyEvent
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0937
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
Wed, 27 Feb 08
Prayer List Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0936
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
Wed, 27 Feb 08
iPrint
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0935
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method.
Wed, 27 Feb 08
NukeC Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0934
SQL injection vulnerability in modules.php in the NukeC 2.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action.
Wed, 27 Feb 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0933
Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service (panic) via unspecified vectors related to kcpc_unbind and kcpc_restore.
Tue, 26 Feb 08
Manuales
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0922
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
Tue, 26 Feb 08
beContent
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0921
SQL injection vulnerability in news.php in beContent .031 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 26 Feb 08
OS-SIM
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0920
SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression.
Tue, 26 Feb 08
OS-SIM
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0919
Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
Tue, 26 Feb 08
astatsPRO, com_astatspro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0918
SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 26 Feb 08
CVE-2008-0917 (Tor Search, Tor News, Tor Board, Simple Vote, Simple BBS, Quotes of the Day, Mobi...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0917
Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, Mobile Frontier 2.1 and earlier, Diary.cgi (aka Quotes of the Day) 1.5 and earlier, Tor News 1.21 and earlier, Simple BBS 1.3 and earlier, Interactive BBS 1.3 and earlier, Tor Board 1.1 and earlier, Simple Vote 1.1 and earlier, and Com Vote 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 26 Feb 08
hwdVideoShare
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0916
SQL injection vulnerability in the Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a viewcategory action to index.php.
Tue, 26 Feb 08
IPdiva
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0915
The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value.
Tue, 26 Feb 08
IPdiva
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0914
Multiple cross-site scripting (XSS) vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 26 Feb 08
Invision Power Board
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0913
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.
Tue, 26 Feb 08
MobiLink, SQL Anywhere
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0912
Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information.
Tue, 26 Feb 08
multicart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0911
SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter.
Tue, 26 Feb 08
CVE-2008-0910 (F-Secure Internet Security, F-Secure Anti-Virus, F-Secure Anti-Virus Client Secur...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0910
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792.
Tue, 26 Feb 08
Academic Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0909
Cross-site scripting (XSS) vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to inject arbitrary web script or HTML via the c parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 26 Feb 08
Academic Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0908
SQL injection vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to execute arbitrary SQL commands via the c parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 26 Feb 08
Inhalt Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0907
SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Tue, 26 Feb 08
PHP-Nuke Module Docum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0906
SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation.
Tue, 26 Feb 08
Globsy
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0905
Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Tue, 26 Feb 08
Plumtree Collaboration, AquaLogic Interaction
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0904
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted URL.
Tue, 26 Feb 08
WebLogic Express, WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0903
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.
Tue, 26 Feb 08
WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0902
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694.
Tue, 26 Feb 08
WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0901
BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
Tue, 26 Feb 08
WebLogic Express, WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0900
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
Tue, 26 Feb 08
WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0899
Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page.
Tue, 26 Feb 08
WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0898
The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queue, which allows remote authenticated users to bypass intended access restrictions for protected distributed queues.
Tue, 26 Feb 08
WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0897
Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member destination, related to durable subscriptions.
Tue, 26 Feb 08
WebLogic Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0896
BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to bypass intended access restrictions.
Tue, 26 Feb 08
WebLogic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0895
BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers.
Tue, 26 Feb 08
Splitvt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0162
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
Sat, 23 Feb 08
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0894
Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420.
Sat, 23 Feb 08
Veritas Storage Foundation
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0638
Heap-based buffer overflow in the Veritas Enterprise Administrator (VEA) service (aka vxsvc.exe) in Symantec Veritas Storage Foundation 5.0 allows remote attackers to execute arbitrary code via a packet with a crafted value of a certain size field, which is not checked for consistency with the actual buffer size.
Sat, 23 Feb 08
Storage Foundation
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4516
The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets.
Sat, 23 Feb 08
CUPS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0882
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.
Sat, 23 Feb 08
Okul Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0881
SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action.
Sat, 23 Feb 08
EasyContent Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0880
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
Sat, 23 Feb 08
Web_Links Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0879
SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
Sat, 23 Feb 08
MyAnnonces
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0878
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
Sat, 23 Feb 08
Jinzora
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0877
Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media Jukebox 2.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) frontend, (2) set_frontend, (3) jz_path, (4) theme, and (5) set_theme parameters to (a) index.php; the frontend, theme, and (6) language parameters to (b) ajax_request.php; the jz_path parameter to (c) slim.php; the frontend, theme, and jz_path parameters to (d) popup.php; the (13) PATH_INFO to index.php and (e) slim.php; and the (14) que...
Sat, 23 Feb 08
SEWB3 PLATFORM, SEWB3 MI-PLATFORM
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0876
Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) via "invalid data."
Sat, 23 Feb 08
EUR Print Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0875
Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service hang or termination) via unspecified vectors related to "unexpected data."
Sat, 23 Feb 08
eEmpregos Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0874
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
Sat, 23 Feb 08
Classifieds
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0873
SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action.
Sat, 23 Feb 08
SmarterMail
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0872
Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message.
Sat, 23 Feb 08
SMS_MMS Gateway
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0871
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.
Fri, 22 Feb 08
WebLogic Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0870
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
Fri, 22 Feb 08
WebLogic Workshop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0869
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
Fri, 22 Feb 08
WebLogic Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0868
Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors.
Fri, 22 Feb 08
Plumtree Foundation, AquaLogic Interaction
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0867
Cross-site scripting (XSS) vulnerability in the portal for BEA Plumtree Foundation 6.0 through SP1 and AquaLogic Interaction 6.1 through Maintenance Pack 1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Fri, 22 Feb 08
WebLogic Workshop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0866
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by NetUI page flows.
Fri, 22 Feb 08
WebLogic Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0865
Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors.
Fri, 22 Feb 08
WebLogic Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0864
Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions.
Fri, 22 Feb 08
WebLogic Server, WebLogic Express
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0863
BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks.
Fri, 22 Feb 08
Lotus Notes
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0862
IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection.
Fri, 22 Feb 08
Lotus Quickplace
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0861
Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action.
Fri, 22 Feb 08
Kerio MailServer, AVG Plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0860
Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs.
Fri, 22 Feb 08
Kerio MailServer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0859
Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to decoding of uuencoded input, which triggers memory corruption.
Fri, 22 Feb 08
VisNetic AntiVirus Plug-in for Mail Server, Kerio MailServer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0858
Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors.
Fri, 22 Feb 08
Burning Board
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0857
SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page.
Fri, 22 Feb 08
e-Vision CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0856
Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 22 Feb 08
com_facileforms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0855
SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
Fri, 22 Feb 08
com_salesrep
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0854
SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php.
Fri, 22 Feb 08
com_detail
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0853
SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
Fri, 22 Feb 08
freeSSHd
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0852
freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference.
Fri, 22 Feb 08
E-Learning System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0851
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to main/admin/course_category.php, (4) message parameter to main/admin/session_list.php in a show_message action, and (5) an avatar image to main/auth/profile.php.
Fri, 22 Feb 08
Dokeos
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0850
Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/add_course.php, the (4) Referer HTTP header to index.php, and the (5) X-Fowarded-For HTTP header to main/admin/class_list.php.
Fri, 22 Feb 08
com_downloads
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0849
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.
Fri, 22 Feb 08
Crafty Syntax Live Help
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0848
Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty Syntax Live Help (CSLH) 2.4.13 and 2.4.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the versions claimed by the original researcher are likely incorrect.
Fri, 22 Feb 08
myTopics
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0847
SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
Fri, 22 Feb 08
Replistor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6426
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.
Fri, 22 Feb 08
com_profile
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0846
SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.
Fri, 22 Feb 08
Dean Logan WP-People plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0845
SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter.
Fri, 22 Feb 08
com_pccookbook
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0844
SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
Fri, 22 Feb 08
StatCounteX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0843
StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp.
Fri, 22 Feb 08
com_clasifier
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0842
SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Fri, 22 Feb 08
com_ricette component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0841
SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 22 Feb 08
Light Blog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0840
Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the username parameter.
Fri, 22 Feb 08
com_astatspro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0839
SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 22 Feb 08
ES1000, ES4000
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0838
Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) error and (2) go parameters to the login page.
Fri, 22 Feb 08
Search Unleashed, Search Unleashed plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0837
Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file.
Fri, 22 Feb 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0836
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319.
Fri, 22 Feb 08
Simple CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0835
SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the area parameter.
Fri, 22 Feb 08
Lotus Quickr
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0834
Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Fri, 22 Feb 08
com_galeria
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0833
SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
Fri, 22 Feb 08
Kemas Antonius com_quran
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0832
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.
Fri, 22 Feb 08
Rapid Recipe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0831
Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. NOTE: this might overlap CVE-2008-0754.
Thu, 21 Feb 08
iPhoto
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0830
The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043.
Thu, 21 Feb 08
List Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6319
Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts."
Thu, 21 Feb 08
Jooget, Joomla, Mambo
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0829
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.
Thu, 21 Feb 08
ATutor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0828
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) attributes like style and onmouseover in (a) forum post or (b) mail; or (2) HTML tags in the website field of the profile.
Thu, 21 Feb 08
Book
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0827
SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Thu, 21 Feb 08
Caroline
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0826
Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 21 Feb 08
Caroline
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0825
SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 21 Feb 08
Caroline
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0824
Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors.
Thu, 21 Feb 08
Header image
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0823
Unspecified vulnerability in the Header Image Module before 5.x-1.1 for Drupal allows remote attackers to access the administration pages via unknown attack vectors.
Thu, 21 Feb 08
Scribe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0822
Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a .. (dot dot) in the page parameter.
Thu, 21 Feb 08
PHPLive
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0821
SQL injection vulnerability in admin/traffic/knowledge_searchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expand_question action.
Thu, 21 Feb 08
Etomite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0820
** DISPUTED ** Cross-site scripting (XSS) vulnerability in index.php in Etomite 0.6.1.4 Final allows remote attackers to inject arbitrary web script or HTML via $_SERVER['PHP_INFO']. NOTE: the vendor disputes this issue in a followup, stating that the affected variable is $_SERVER['PHP_SELF'], and "This is not an Etomite specific exploit and I would like the report rescinded."
Thu, 21 Feb 08
PlutoStatus Locator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0819
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Thu, 21 Feb 08
freePHPgallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0818
Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie to (1) comment.php, (2) index.php, and (3) show.php.
Wed, 20 Feb 08
com_filebase Component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0817
SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
Wed, 20 Feb 08
com_sg
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0816
SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.
Wed, 20 Feb 08
com_mezun
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0815
SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.
Wed, 20 Feb 08
TRUC
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0814
Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the upload_filename parameter.
Wed, 20 Feb 08
XPWeb
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0813
Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
Wed, 20 Feb 08
NET BanPro DMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0812
Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the action parameter.
Wed, 20 Feb 08
AuraCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0811
Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php.
Wed, 20 Feb 08
com_scheduling Component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0810
SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 20 Feb 08
Ikiwiki
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0809
Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web script or HTML via title contents.
Wed, 20 Feb 08
Ikiwiki
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0808
Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags.
Wed, 20 Feb 08
Turba Contact Manager, Groupware Webmail Edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0807
lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book.
Wed, 20 Feb 08
wyrd
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0806
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
Wed, 20 Feb 08
Medias PHPizabi
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0805
Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures.
Wed, 20 Feb 08
N5200Pro NAS Server Control Panel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0804
PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.
Wed, 20 Feb 08
OpenCA PKI
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0556
Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer.
Wed, 20 Feb 08
mod_jk, BIG-IP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6258
Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
Wed, 20 Feb 08
PCRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0674
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
Wed, 20 Feb 08
MySQL Community Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6313
MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
Wed, 20 Feb 08
Lan Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0803
Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan Manager 0.9 allow remote attackers to execute arbitrary PHP code via a URL in the sys_conf[path][real] parameter to (1) modulesclassTable.php; (2) db_admins.php, (3) db_alert.php, (4) db_double.php, (5) db_games.php, (6) db_matches.php, (7) db_match_teams.php, (8) db_news.php, (9) db_platform.php, (10) db_players.php, (11) db_server_group.php, (12) db_server_ip.php, (13) db_teams.php, (14) db_team_players.php, (15) db_tour...
Wed, 20 Feb 08
com_mediaslide
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0802
SQL injection vulnerability in index.php in the com_mediaslide component for Joomla! allows remote attackers to execute arbitrary SQL commands via the albumnum parameter in a contact action.
Wed, 20 Feb 08
com_paxxgallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0801
Multiple SQL injection vulnerabilities in index.php in the com_paxxgallery 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) userid and (2) iid parameters.
Wed, 20 Feb 08
com_mcquiz
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0800
SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) 0.9 Final component for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.
Wed, 20 Feb 08
com_quiz
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0799
SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.
Wed, 20 Feb 08
Artmedic Weblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0798
Multiple directory traversal vulnerabilities in artmedic webdesign weblog 1.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ta parameter to artmedic_index.php, reached through index.php; and the (2) date parameter to artmedic_print.php.
Wed, 20 Feb 08
iTheora
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0797
Directory traversal vulnerability in lib/download.php in iTheora 1.0 rc1 allows remote attackers to read arbitrary files via directory traversal sequences in the url parameter.
Wed, 20 Feb 08
nuBoard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0796
SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote attackers to execute arbitrary SQL commands via the ssid parameter.
Wed, 20 Feb 08
XfaQ, Mambo, Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0795
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
Fri, 15 Feb 08
Affiliate Market
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0794
Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Fri, 15 Feb 08
CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0793
Multiple cross-site scripting (XSS) vulnerabilities in search.asp in Tendenci CMS allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) searchtext, (3) jobcategoryid, (4) contactcompany, and unspecified other parameters. NOTE: some of these details are obtained from third party information. NOTE: it is not clear whether this affects Tendenci Enterprise Edition in addition to the product's deployment on Tendenci's own server farm. If only the latter was affe...
Fri, 15 Feb 08
CVE-2008-0792 (F-Secure Internet Security, F-Secure Anti-Virus, F-Secure Anti-Virus Client Secur...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0792
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.
Fri, 15 Feb 08
WinIPDS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0791
ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to cause a denial of service (CPU consumption) via short packets on TCP port 5001 with the 3, 5, 7, 13, 14, or 15 packet types.
Fri, 15 Feb 08
WinIPDS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0790
Directory traversal vulnerability in ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
Fri, 15 Feb 08
LI-Countdown
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0789
SQL injection vulnerability in countdown.php in LI-Scripts LI-Countdown allows remote attackers to execute arbitrary SQL commands via the years parameter.
Fri, 15 Feb 08
FreeBSD
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0777
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
Fri, 15 Feb 08
CVE-2008-0531 (Skinny Client Control Protocol (SCCP) firmware, Session Initiation Protocol (SIP)...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0531
Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote SIP servers to execute arbitrary code via a crafted challenge/response message.
Fri, 15 Feb 08
CVE-2008-0530 (Skinny Client Control Protocol (SCCP) firmware, Session Initiation Protocol (SIP)...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0530
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP and SIP firmware might allow remote attackers to execute arbitrary code via a crafted DNS response.
Fri, 15 Feb 08
CVE-2008-0529 (Skinny Client Control Protocol (SCCP) firmware, Session Initiation Protocol (SIP)...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0529
Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G running SCCP firmware might allow remote authenticated users to execute arbitrary code via a crafted command.
Fri, 15 Feb 08
CVE-2008-0528 (Skinny Client Control Protocol (SCCP) firmware, Session Initiation Protocol (SIP)...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0528
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data.
Fri, 15 Feb 08
CVE-2008-0527 (Skinny Client Control Protocol (SCCP) firmware, Session Initiation Protocol (SIP)...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0527
The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request.
Fri, 15 Feb 08
CVE-2008-0526 (Skinny Client Control Protocol (SCCP) firmware, Session Initiation Protocol (SIP)...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0526
Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet.
Fri, 15 Feb 08
MyBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0788
Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to (1) delete threads as moderators or administrators via a do_multideletethreads action to moderation.php and (2) delete private messages (PM) as arbitrary users via a delete action to private.php.
Fri, 15 Feb 08
MyBulletinBoard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0787
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.
Fri, 15 Feb 08
RoboHelp
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0642
Cross-site scripting (XSS) vulnerability in files created by Adobe RoboHelp 6 and 7, possibly involving use of a (1) WebHelp5 (WebHelp5Ext) or (2) WildFire (WildFireExt) extension, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-1280.
Fri, 15 Feb 08
Cacti
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0786
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Fri, 15 Feb 08
Cacti
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0785
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
Fri, 15 Feb 08
Cacti
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0784
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors.
Fri, 15 Feb 08
Cacti
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0783
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via the (1) view_type parameter to graph.php, (2) filter parameter to graph_view.php, and (3) action and login_username parameters to index.php/login.
Fri, 15 Feb 08
MoinMoin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0782
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to read arbitrary files via ".." sequences in the user ID in a cookie.
Fri, 15 Feb 08
MoinMoin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0781
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) message, (2) pagename, and (3) target filenames.
Fri, 15 Feb 08
MoinMoin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0780
Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action.
Fri, 15 Feb 08
FortiClient
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient 3.0 MR5 Patch 3 and earlier does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
Fri, 15 Feb 08
Quicktime
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0778
Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods.
Fri, 15 Feb 08
Unified CallManager, Unified Communications Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0026
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote attackers to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
Fri, 15 Feb 08
iTechBids
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0776
SQL injection vulnerability in detail.php in iTechBids Gold 6.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
Fri, 15 Feb 08
SMF Shoutbox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0775
Cross-site scripting (XSS) vulnerability in sboxDB.php in Simple Machines Forum (SMF) Shoutbox 1.14 through 1.16b allows remote attackers to inject arbitrary web script or HTML via strings to the shoutbox form that start with "&#", contain the desired script, and end with ";".
Fri, 15 Feb 08
Hotel Reservation System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0774
Cross-site scripting (XSS) vulnerability in search.cgi in Loris Hotel Reservation System 3.01 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the hotel_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 15 Feb 08
Comments, Review Script, com_comments
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0773
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 15 Feb 08
com_doc
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0772
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.
Fri, 15 Feb 08
Real Estate Web
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0771
Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.
Fri, 15 Feb 08
ibProArcade
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0770
SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter.
Fri, 15 Feb 08
Livelink ECM
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0769
Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input.
Fri, 15 Feb 08
Informix Dynamic Server, Informix Storage Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0768
Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.
Fri, 15 Feb 08
File Server, Print Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0767
ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read.
Fri, 15 Feb 08
RPM Remote Print Manager Elite, RPM Remote Print Manager Select
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0766
Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Manager (RPM) 4.5.1.11 and earlier (Elite and Select) for Windows allows remote attackers to execute arbitrary code via a long filename in a "Receive data file" LPD command. NOTE: some of these details are obtained from third party information.
Fri, 15 Feb 08
Artmedic Weblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0765
Multiple cross-site scripting (XSS) vulnerabilities in artmedic webdesign weblog allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to artmedic_print.php and the (2) jahrneu parameter to index.php.
Fri, 15 Feb 08
Network Print Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0764
Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might allow remote attackers to execute arbitrary code via format string specifiers in a USEP command on TCP port 3114.
Fri, 15 Feb 08
Network Print Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0763
Stack-based buffer overflow in NPSpcSVR.exe in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier allows remote attackers to execute arbitrary code via a long argument in a LICENSE command on TCP port 3114.
Fri, 15 Feb 08
com_iomezun
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0762
SQL injection vulnerability in index.php in the com_iomezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action.
Fri, 15 Feb 08
com_pcchess
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0761
SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a players action.
Fri, 15 Feb 08
Sentinel Keys Server, Sentinel Protection Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0760
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.
Fri, 15 Feb 08
ExtremeZ-IP Print Server, ExtremeZ-IP File Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0759
ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier allows remote attackers to cause a denial of service (daemon crash) via an invalid UAM field in a request to the Apple Filing Protocol (AFP) service on TCP port 548.
Fri, 15 Feb 08
ExtremeZ-IP Print Server, ExtremeZ-IP File Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0758
Multiple directory traversal vulnerabilities in the Zidget/HTTP embedded HTTP server in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier allow remote attackers to read arbitrary (1) gif, (2) png, (3) jpg, (4) xml, (5) ico, (6) zip, and (7) html files via a ".." (dot dot backslash) sequence in the filename.
Fri, 15 Feb 08
MercuryBoard Message Board
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0757
Cross-site scripting (XSS) vulnerability in index.php in MercuryBoard 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter (aka the message text area), which leads to an injection in the messenger during private message (PM) preview. NOTE: some of these details are obtained from third party information.
Fri, 15 Feb 08
OpenLDAP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0658
slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.
Fri, 15 Feb 08
Novell client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0639
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
Fri, 15 Feb 08
Novell client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6701
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
Fri, 15 Feb 08
Flash Media Server 2, Connect Enterprise Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6431
Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149.
Fri, 15 Feb 08
Flash Media Server 2, Connect Enterprise Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6149
Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol (RTMP) message with a crafted integer field that is used for allocation.
Fri, 15 Feb 08
Flash Media Server 2, Connect Enterprise Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6148
Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.
Fri, 15 Feb 08
CVE-2008-0756 (Opium4 OPI Server, cyanPrintIP Easy OPI, cyanPrintIP Professional, cyanPrintIP Ba...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0756
The LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; allows remote attackers to cause a denial of service (daemon crash) via a connection that begins with (1) a "Send queue state" LPD command 3 or (2) a "Send queue state" LPD command 4.
Fri, 15 Feb 08
CVE-2008-0755 (Opium4 OPI Server, cyanPrintIP Easy OPI, cyanPrintIP Professional, cyanPrintIP Ba...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0755
Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
Fri, 15 Feb 08
com_rapidrecipe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0754
Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a viewcategorysrecipes action.
Fri, 15 Feb 08
Virtual War
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0753
SQL injection vulnerability in calendar.php in Virtual War (VWar) 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter.
Fri, 15 Feb 08
com_neogallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0752
SQL injection vulnerability in index.php in the Neogallery (com_neogallery) 1.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show action.
Fri, 15 Feb 08
Serendipity Freetag-plugin, Internet Explorer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0751
Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
Fri, 15 Feb 08
Blackboard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0750
SQL injection vulnerability in philboard_forum.asp in Husrev BlackBoard 2.0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
Fri, 15 Feb 08
CVE-2008-0749 (Calimero.CMS)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0749
Cross-site scripting (XSS) vulnerability in index.php in Calimero.CMS 3.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a calimero_webpage action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 15 Feb 08
ImageStation, AxRUploadServer_ActiveX_Control
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0748
Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. NOTE: some of these details are obtained from third party information.
Fri, 15 Feb 08
jetAudio Basic
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0747
Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.
Fri, 15 Feb 08
com_gallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0746
SQL injection vulnerability in index.php in the Gallery (com_gallery) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
Fri, 15 Feb 08
DomPHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0745
Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Thu, 14 Feb 08
Pre Hotels & Resorts Management System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0744
SQL injection vulnerability in user_login.asp in PreProjects.com Pre Hotels & Resorts Management System allows remote attackers to execute arbitrary SQL commands via the login page.
Thu, 14 Feb 08
Joovili
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0743
PHP remote file inclusion vulnerability in members_help.php in Joovili 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the hlp parameter.
Thu, 14 Feb 08
PowerNews
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0742
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. (dot dot) in the (1) subpage parameter in (a) categories.inc.php, (b) news.inc.php, (c) other.inc.php, (d) permissions.inc.php, (e) templates.inc.php, and (f) users.inc.php in pnadmin/; and (2) the page parameter to (g) pnadmin/index.php. NOTE: vector 2 is only exploitable by administrators.
Thu, 14 Feb 08
WebSphere Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0741
Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors.
Thu, 14 Feb 08
WebSphere Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0740
IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) writes unspecified cleartext information to http_plugin.log, which might allow local users to obtain sensitive information by reading this file.
Thu, 14 Feb 08
CandyPress Store
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0739
SQL injection vulnerability in admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and earlier 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the FedExAccount parameter.
Thu, 14 Feb 08
CandyPress Store
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0738
Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idcust parameter to (a) ajax_getTiers.asp and (b) ajax_getCust.asp in ajax/, and the (2) tableName parameter to (c) ajax/ajax_tableFields.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 14 Feb 08
CandyPress Store
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0737
SQL injection vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and other 4.x and 3.x versions, allows remote attackers to execute arbitrary SQL commands via the helpfield parameter.
Thu, 14 Feb 08
CandyPress Store
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0736
admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1.1.26, and possibly other 4.x and 3.x versions, allows remote attackers to obtain the path via a certain value of the FedExAccount parameter.
Thu, 14 Feb 08
AuraCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0735
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote attackers to execute arbitrary SQL commands via the albums parameter.
Thu, 14 Feb 08
Limbo CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0734
SQL injection vulnerability in class_auth.php in Limbo CMS 1.0.4.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the cuid cookie parameter to admin.php.
Thu, 14 Feb 08
Counter Strike Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0733
SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page.
Thu, 14 Feb 08
Office, office macos
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0103
Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling error," aka "Microsoft Office Execution Jump Vulnerability."
Thu, 14 Feb 08
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5757
Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.
Thu, 14 Feb 08
DB2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3676
IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698.
Thu, 14 Feb 08
Word, Office
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0109
Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption.
Thu, 14 Feb 08
Office, Works, Works Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0108
Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability."
Thu, 14 Feb 08
Office, Works, Works Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0105
Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability."
Thu, 14 Feb 08
Publisher, Office
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0104
Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability."
Thu, 14 Feb 08
Publisher
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0102
Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability."
Thu, 14 Feb 08
WebDAV Mini-Redirector
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0080
Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response.
Thu, 14 Feb 08
Internet Explorer, ActiveX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0078
Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."
Thu, 14 Feb 08
Internet Explorer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0077
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."
Thu, 14 Feb 08
Internet Explorer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0076
Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability."
Thu, 14 Feb 08
Office, Works, Works Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0216
Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability."
Tue, 12 Feb 08
office macos, Visual Basic
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0065
Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.
Tue, 12 Feb 08
Geronimo
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0732
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
Tue, 12 Feb 08
Kernel, open Suse
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0731
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task.
Tue, 12 Feb 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0730
The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read from, the home directories of other users.
Tue, 12 Feb 08
Mobile Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0729
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.
Tue, 12 Feb 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0600
The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Tue, 12 Feb 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0163
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers via a symlink attack in /proc.
Tue, 12 Feb 08
Windows Server 2000, Windows Server 2003, windows-nt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0088
Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request.
Tue, 12 Feb 08
windows-nt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0084
Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet.
Tue, 12 Feb 08
IIS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0075
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages.
Tue, 12 Feb 08
IIS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0074
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFileRoot, or WWWRoot folders.
Tue, 12 Feb 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0010
The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.
Tue, 12 Feb 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0009
The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.
Tue, 12 Feb 08
ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0728
libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
Tue, 12 Feb 08
Acrobat Reader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0726
Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.
Tue, 12 Feb 08
Managed Workplace Service Center
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0636
Level Platforms, Inc. (LPI) Managed Workplace Service Center 4.x, 5.x and 6.x allows remote attackers to obtain sensitive information via a direct request to About/SC_About.htm, which provides version and patch information.
Tue, 12 Feb 08
ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0318
Integer overflow in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
Tue, 12 Feb 08
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0042
Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes.
Tue, 12 Feb 08
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0041
Parental Controls in Apple Mac OS X 10.5 through 10.5.1 contacts www.apple.com "when a website is unblocked," which allows remote attackers to determine when a system is running Parental Controls.
Tue, 12 Feb 08
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0040
Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via unknown vectors related to mbuf chains that trigger memory corruption.
Tue, 12 Feb 08
Mail
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0039
Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary commands via a crafted file:// URL.
Tue, 12 Feb 08
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0038
Launch Services in Apple Mac OS X 10.5 through 10.5.1 allows an uninstalled application to be launched if it is in a Time Machine backup, which might allow local users to bypass intended security restrictions or exploit vulnerabilities in the application.
Tue, 12 Feb 08
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0037
X11 in Apple Mac OS X 10.5 through 10.5.1 does not properly handle when the "Allow connections from network client" preference is disabled, which allows remote attackers to bypass intended access restrictions and connect to the X server.
Tue, 12 Feb 08
Acrobat Reader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5666
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655.
Tue, 12 Feb 08
Acrobat Reader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5663
Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.
Tue, 12 Feb 08
Acrobat Reader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5659
Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.
Tue, 12 Feb 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0420
Unspecified vulnerability in Mozilla Firefox, as used in Ubuntu 6.06 through 7.10 and possibly other distributions, allows remote attackers to obtain sensitive information via a crafted BMP file.
Tue, 12 Feb 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0416
Multiple unspecified vulnerabilities in Mozilla Firefox, as used in Ubuntu 6.06 through 7.10 and possibly other distributions, allow remote attackers to conduct cross-site scripting (XSS) attacks via unknown vectors related to character encoding.
Tue, 12 Feb 08
FTP_Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0725
Multiple heap-based buffer overflows in the (1) FTP service and (2) administration service in Titan FTP Server 6.0.5.549 allow remote attackers to cause a denial of service (daemon hang) and possibly execute arbitrary code via a long command. NOTE: the USER and PASS commands for the FTP service are covered by CVE-2008-0702.
Tue, 12 Feb 08
The Everything Development Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0724
The Everything Development Engine in The Everything Development System Pre-1.0 and earlier stores passwords in cleartext in a database, which makes it easier for context-dependent attackers to obtain access to user accounts.
Tue, 12 Feb 08
MyNews
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0723
Cross-site scripting (XSS) vulnerability in mynews.inc.php in MyNews 1.6.4, and other earlier 1.6.x versions, allows remote attackers to inject arbitrary web script or HTML via the hash parameter in an admin action to index.php, a different vulnerability than CVE-2006-2208.1.
Tue, 12 Feb 08
Pagetool
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0722
Cross-site scripting (XSS) vulnerability in index.php in Pagetool 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter in a pagetool_search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 12 Feb 08
com_sermon
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0721
SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter.
Tue, 12 Feb 08
Webmin, Usermin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0720
Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and Usermin 1.300 and 1.320 allows remote attackers to inject arbitrary web script or HTML via the search parameter to webmin_search.cgi (aka the search section), and possibly other components accessed through a "search box" or "open file box." NOTE: some of these details are obtained from third party information.
Tue, 12 Feb 08
osCommerce, Customer Testimonials
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0719
SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter.
Tue, 12 Feb 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0718
Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors.
Tue, 12 Feb 08
Websphere Edge Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0717
Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response.
Tue, 12 Feb 08
Altiris Notification Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0716
The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 allows local users to gain privileges via a "Shatter" style attack.
Tue, 12 Feb 08
Photo Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0715
Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009.
Tue, 12 Feb 08
Multi Host
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0714
SQL injection vulnerability in users.php in Mihalism Multi Host allows remote attackers to execute arbitrary SQL commands via the username parameter in a lost_password_go action.
Tue, 12 Feb 08
Storage Essentials SRM Standard, Storage Essentials SRM Enterprise
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0215
Multiple unspecified vulnerabilities in HP Storage Essentials Storage Resource Management (SRM) before 6.0.0 allow remote attackers to obtain unspecified access to a managed device via unknown attack vectors.
Tue, 12 Feb 08
sflog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0703
Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php.
Tue, 12 Feb 08
Titan FTP Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0702
Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers to cause a denial of service (daemon crash or hang) and possibly execute arbitrary code via a long argument to the (1) USER or (2) PASS command, different vectors than CVE-2004-1641.
Tue, 12 Feb 08
CE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0701
ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content.
Tue, 12 Feb 08
CruxCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0700
Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 12 Feb 08
DB2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0699
Unspecified vulnerability in SYSPROC.ADMIN_SP_C in IBM DB2 UDB before 8.2 Fixpak 16 has unknown impact and attack vectors.
Tue, 12 Feb 08
DB2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0698
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."
Tue, 12 Feb 08
DB2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0697
Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors.
Tue, 12 Feb 08
DB2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0696
IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors.
Tue, 12 Feb 08
Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0695
SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action.
Tue, 12 Feb 08
OS_400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0694
Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.
Tue, 12 Feb 08
Client Billing and Authentication
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0693
Stack-based buffer overflow in PQCore.exe in Print Manager Plus 2008 Client Billing and Authentication 7.0.127.16 allows remote attackers to cause a denial of service (service outage) via a series of long packets to TCP port 48101.
Tue, 12 Feb 08
iTechBids
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0692
SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
Tue, 12 Feb 08
WP-Footnotes
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0691
Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php in the Simon Elvery WP-Footnotes 2.2 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) wp_footnotes_current_settings[priority], (2) wp_footnotes_current_settings[style_rules], (3) wp_footnotes_current_settings[pre_footnotes], and (4) wp_footnotes_current_settings[post_footnotes] parameters.
Tue, 12 Feb 08
com_directory
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0690
SQL injection vulnerability in index.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewcat action.
Tue, 12 Feb 08
com_marketplace
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0689
SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action.
Tue, 12 Feb 08
Domain Trader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0688
Cross-site scripting (XSS) vulnerability in catalog.php in Smartscript Domain Trader 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a viewcategory action.
Tue, 12 Feb 08
Clone Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0687
Cross-site scripting (XSS) vulnerability in siteadmin/editor_files/includes/load_message.php in the Youtube Clone Script allows remote attackers to inject arbitrary web script or HTML via the lang[please_wait] parameter.
Tue, 12 Feb 08
com_neoreferences
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0686
SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Tue, 12 Feb 08
iTechClassifieds
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0685
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
Tue, 12 Feb 08
iTechClassifieds
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0684
Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter.
Tue, 12 Feb 08
st_newsletter plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0683
SQL injection vulnerability in shiftthis-preview.php in the st_newsletter plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter.
Tue, 12 Feb 08
Wordspew
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0682
SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 12 Feb 08
phpShop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0681
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.
Tue, 12 Feb 08
RouterOS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0680
SNMPd in MicroTik RouterOS 3.2 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP SET request.
Tue, 12 Feb 08
BlogPHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0679
Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Tue, 12 Feb 08
BlogPHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0678
SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action.
Tue, 12 Feb 08
A-Blog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0677
SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action.
Tue, 12 Feb 08
A-Blog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0676
Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote attackers to inject arbitrary web script or HTML via the words parameter.
Tue, 12 Feb 08
The Everything Development Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0675
SQL injection vulnerability in cms/index.pl in The Everything Development Engine in The Everything Development System Pre-1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the node_id parameter.
Tue, 12 Feb 08
TinTin++, WinTin++
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0673
TinTin++ 1.97.9 and WinTin++ 1.97.9 open files on the basis of an inbound file-transfer request, before the user has an opportunity to decline the request, which allows remote attackers to truncate arbitrary files in the top level of a home directory.
Tue, 12 Feb 08
TinTin++, WinTin++
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0672
The process_chat_input function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to cause a denial of service (application crash) via a YES message without a newline character, which triggers a NULL dereference.
Tue, 12 Feb 08
TinTin++, WinTin++
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0671
Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.
Tue, 12 Feb 08
com_noticias
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0670
SQL injection vulnerability in index.php in the Noticias (com_noticias) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detalhe action.
Tue, 12 Feb 08
Unity
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0669
Cross-site scripting (XSS) vulnerability in search.cgi in Sift Unity allows remote attackers to inject arbitrary web script or HTML via the qt parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 12 Feb 08
Tomcat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0002
Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.
Tue, 12 Feb 08
Tomcat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6286
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request.
Tue, 12 Feb 08
CVE-2007-5333
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5333
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.
Tue, 12 Feb 08
Gnumeric
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0668
The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.
Tue, 12 Feb 08
Acrobat Reader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0667
The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.
Tue, 12 Feb 08
Website META Language
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0666
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.
Tue, 12 Feb 08
Website META Language
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0665
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.
Tue, 12 Feb 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0594
Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.
Tue, 12 Feb 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0593
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modifies the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.
Tue, 12 Feb 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0592
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser.
Tue, 12 Feb 08
Firefox, Thunderbird
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0591
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 allows user-assisted remote attackers to cause users to confirm a timer-enabled security dialog by using a timer to change the window focus.
Tue, 12 Feb 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0419
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.
Tue, 12 Feb 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0418
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.
Tue, 12 Feb 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0417
CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password.
Tue, 12 Feb 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0415
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."
Tue, 12 Feb 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0414
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing."
Tue, 12 Feb 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0413
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.
Tue, 12 Feb 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0412
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhit...
Sun, 10 Feb 08
WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0664
The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors.
Sun, 10 Feb 08
Challenge Response Client, Novell Client for Windows
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0663
Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with Novell Client for Windows 4.91 SP4, allows users with physical access to a locked system to obtain contents of the clipboard by pasting the contents into the Challenge Question field.
Sun, 10 Feb 08
VPN-1 SecureClient
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0662
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the CheckpointSecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.
Sun, 10 Feb 08
dBpowerAMP Audio Player
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0661
Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a .M3U file with a long URI. NOTE: this might be the same issue as CVE-2004-1569.
Sun, 10 Feb 08
FaceBook, Image Uploader ActiveX control, PhotoUploader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0660
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
Sun, 10 Feb 08
Image Uploader ActiveX control, MySpaceUploader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0659
Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property.
Sun, 10 Feb 08
Ghost Solutions Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0640
Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands on the client via ARP spoofing.
Sun, 10 Feb 08
NetPBM
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0554
Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
Sun, 10 Feb 08
Select Identity
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0214
Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to gain access via unknown vectors.
Sun, 10 Feb 08
iPhoto
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0043
Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions.
Sun, 10 Feb 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0007
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
Sun, 10 Feb 08
Virtual Rooms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0213
Unspecified vulnerability in an ActiveX control for HP Virtual Rooms (HPVR) v6 and earlier, when running on Windows, allows remote attackers to execute arbitrary code via unknown vectors.
Sun, 10 Feb 08
IPComp
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0177
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.
Sun, 10 Feb 08
JRE, JDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0657
Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Sun, 10 Feb 08
Documentum WebTop, Documentum Administrator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0656
Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.
Sun, 10 Feb 08
Acrobat Reader, Acrobat Professional, Acrobat 3D, Acrobat Standard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0655
Multiple unspecified vulnerabilities in Adobe Reader before 8.1.2 have unknown impact and attack vectors.
Sun, 10 Feb 08
Azucar CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0654
Multiple directory traversal vulnerabilities in Azucar CMS 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _VIEW (view) parameter to (1) index.php, (2) html/sitio/index.php, or (3) src/sistema/vistas/template/tpl_inicio.php.
Sun, 10 Feb 08
com_ynews
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0653
SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action.
Sun, 10 Feb 08
com_downloads
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0652
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
Sun, 10 Feb 08
CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0651
SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sun, 10 Feb 08
Simple OS CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0650
SQL injection vulnerability in login.php in Simple OS CMS 0.1c beta allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sun, 10 Feb 08
Astanda Directory Project
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0649
SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
Sun, 10 Feb 08
OpenSiteAdmin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0648
Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin 0.9.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) indexFooter.php; and (2) DatabaseManager.php, (3) FieldManager.php, (4) Filter.php, (5) Form.php, (6) FormManager.php, (7) LoginManager.php, and (8) Filters/SingleFilter.php in scripts/classes/.
Sun, 10 Feb 08
GLWorld, HanGamePluginCn18_ActiveX control
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0647
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information.
Sun, 10 Feb 08
libtorrent, Deluge
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0646
The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message.
Sun, 10 Feb 08
Portail Web Php
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0645
Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) config/conf-activation.php, (2) menu/item.php, and (3) modules/conf_modules.php in admin/system/; and (4) system/login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sun, 10 Feb 08
Tcl_Tk
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0553
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image.
Sun, 10 Feb 08
BackupExec System Recovery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0457
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary files via unknown vectors.
Fri, 8 Feb 08
Openads
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0635
Unspecified vulnerability in the delivery engine in Openads 2.4.0 through 2.4.2 allows remote attackers to execute arbitrary PHP code via unknown vectors.
Fri, 8 Feb 08
CVE-2008-0634 (ActiveSquare, NamoInstall.1 ActiveX Control)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0634
Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.
Fri, 8 Feb 08
Anon Proxy Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0633
Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.
Fri, 8 Feb 08
LightBlog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0632
Unrestricted file upload vulnerability in cp_upload_image.php in LightBlog 9.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the blog's root directory.
Fri, 8 Feb 08
MailBee Objects
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0631
Multiple ActiveX controls in MailBee.dll in MailBee Objects 5.5 allow remote attackers to (1) overwrite arbitrary files via the SaveToDisk method, or (2) modify files via the AddStringToFile method.
Fri, 8 Feb 08
MPlayer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0630
Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.
Fri, 8 Feb 08
MPlayer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0629
Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.
Fri, 8 Feb 08
JDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0628
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity (XXE) attacks and cause a denial of service or access restricted resources.
Fri, 8 Feb 08
Yahoo Music Jukebox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0625
Buffer overflow in the MediaGrid ActiveX control (mediagrid.dll) in Yahoo! Music Jukebox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddBitmap method.
Fri, 8 Feb 08
Yahoo Music Jukebox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0624
Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! JukeBox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddButton method, a different vulnerability than CVE-????-????.
Fri, 8 Feb 08
Yahoo Music Jukebox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0623
Stack-based buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! Music Jukebox 2.2.2.056 allows remote attackers to execute arbitrary code via a long argument to the AddImage method.
Fri, 8 Feb 08
OpenView Network Node Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0212
ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access.
Wed, 6 Feb 08
RaidenHTTPD
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0622
Cross-site scripting (XSS) vulnerability in RaidenHTTPD 2.0.19 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the ulang parameter.
Wed, 6 Feb 08
SAPLPD, SAPSPRINT, SAPgui
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0621
Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.
Wed, 6 Feb 08
SAPLPD, SAPgui, SAPSPRINT
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0620
SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to cause a denial of service (crash) via a 0x53 LPD command, which causes the server to terminate.
Wed, 6 Feb 08
MediaPlayer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0619
Buffer overflow in NeroMediaPlayer.exe in Nero Media Player 1.4.0.35 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (persistent crash) via a long URI in a .M3U file.
Wed, 6 Feb 08
DMSGuestbook, WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0618
Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) gbname, (2) gbemail, (3) gburl, and (4) gbmsg parameters to unspecified programs. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 6 Feb 08
DMSGuestbook, WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0617
Multiple cross-site scripting (XSS) vulnerabilities in the DMSGuestbook 1.7.0 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) file parameter to wp-admin/admin.php, or the (2) messagefield parameter in the guestbook page, and the (3) title parameter in the messagearea.
Wed, 6 Feb 08
DMSGuestbook, WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0616
SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
Wed, 6 Feb 08
DMSGuestbook, WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0615
Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters.
Wed, 6 Feb 08
Gallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0614
SQL injection vulnerability in index.php in Photokorn Gallery 1.543 allows remote attackers to execute arbitrary SQL commands via the pic parameter in a showpic action.
Wed, 6 Feb 08
Xoops
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0613
Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the xoops_redirect parameter.
Wed, 6 Feb 08
Xoops
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0612
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Wed, 6 Feb 08
Gallery System, Xoops
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0611
SQL injection vulnerability in rmgs/images.php in the RMSOFT Gallery System 2.0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 6 Feb 08
UltraVNC
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0610
Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/ClientConnection.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a modified size value.
Wed, 6 Feb 08
VHD Web Pack
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0609
Directory traversal vulnerability in index.php in DivideConcept VHD Web Pack 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Wed, 6 Feb 08
WS_FTP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0608
The Logging Server (ftplogsrv.exe) 7.9.14.0 and earlier in IPSwitch WS_FTP 6.1 allows remote attackers to cause a denial of service (loss of responsiveness) via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and prevents log commands from being recorded, a different vulnerability than CVE-2007-3823.
Wed, 6 Feb 08
com_sobi2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0607
SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 6 Feb 08
com_shambo2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0606
SQL injection vulnerability in index.php in the Shambo2 (com_shambo2) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter.
Wed, 6 Feb 08
AstroSoft HelpDesk
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0605
Multiple cross-site scripting (XSS) vulnerabilities in AstroSoft HelpDesk allow remote attackers to inject arbitrary web script or HTML via the (1) txtSearch parameter to operator/article/article_search_results.asp and the (2) Attach_Id parameter to operator/article/article_attachment.asp. NOTE: for vector 2, the XSS occurs in a forced SQL error message.
Wed, 6 Feb 08
XLight FTP Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0604
The LDAP authentication feature in XLight FTP Server before 2.83, when used with some unspecified LDAP servers, does not check for blank passwords, which allows remote attackers to bypass intended access restrictions.
Wed, 6 Feb 08
Awesom, com_awesom
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0603
SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task.
Wed, 6 Feb 08
All Club CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0602
Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter.
Wed, 6 Feb 08
All Club CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0601
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
Wed, 6 Feb 08
WS_FTP Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0590
Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command.
Wed, 6 Feb 08
MPlayer, xine-lib
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Wed, 6 Feb 08
MPlayer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0485
Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.
Wed, 6 Feb 08
AIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0589
The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors.
Wed, 6 Feb 08
AIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0588
Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
Wed, 6 Feb 08
AIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0587
Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
Wed, 6 Feb 08
AIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0586
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh.
Wed, 6 Feb 08
AIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0585
sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permissions for unspecified WebSM Remote Client files, which allows local users to "alter the behavior of" this client by overwriting these files.
Wed, 6 Feb 08
AIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0584
Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) swap, (2) swapoff, and (3) swapon programs.
Wed, 6 Feb 08
Skype
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0583
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Description and unspecified other metadata fields of a Metacafe movie submitted by Metacafe Pro to the Skype video gallery, accessible through a search within the (1) "Add video to chat" or (2) "Add video to mood" dialog, a different vector than...
Wed, 6 Feb 08
Skype
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0582
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Full Name field of a reviewer of a business item entry, accessible through (1) the SkypeFind dialog and (2) a skype:?skypefind URI for the skype: URI handler.
Wed, 6 Feb 08
LSrunasE, Supercrypt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0581
Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch.
Wed, 6 Feb 08
LSrunasE, Supercrypt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0580
Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering.
Wed, 6 Feb 08
com_buslicense
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0579
SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action.
Wed, 6 Feb 08
LSrunasE, Supercrypt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6340
Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector (IV), which makes it easier for local users to obtain cleartext passwords.
Wed, 6 Feb 08
Tripwire Enterprise
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0578
Cross-site scripting (XSS) vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 6 Feb 08
Project Issue Tracking module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0577
The Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal (1) does not restrict the extensions of attached files when the Upload module is enabled for issue nodes, which allows remote attackers to upload and possibly execute arbitrary files; and (2) accepts the .html extension within the bundled file-upload functional...
Wed, 6 Feb 08
Project Issue Tracking module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0576
Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors that write to summary table pages.
Wed, 6 Feb 08
webSPELL
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0575
Cross-site request forgery (CSRF) vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators via an "update member" action.
Wed, 6 Feb 08
webSPELL
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0574
Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.01.02 allows remote attackers to inject arbitrary web script or HTML via the sort parameter in a whoisonline action.
Wed, 6 Feb 08
CVE-2008-0573 (SafeNet HighAssurance Remote, SoftRemote VPN Client, IPSecDrv.sys)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0573
IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request.
Wed, 6 Feb 08
Mindmeld
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0572
Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.
Wed, 6 Feb 08
Userpoints Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0571
The point moderation form in the Userpoints 4.7.x before 4.7.x-2.3, 5.x-2 before 5.x-2.16, and 5.x-3 before 5.x-3.3 module for Drupal does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and manipulate points.
Wed, 6 Feb 08
OpenID
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0570
The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domains associated with other providers.
Wed, 6 Feb 08
Comment Upload Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0569
The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors.
Wed, 6 Feb 08
Secure Site module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0568
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote attackers to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
Wed, 6 Feb 08
ChronoForms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0567
Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3) PPS.php in excelwriter/; and (4) BIFFwriter.php, (5) Workbook.php, (6) Worksheet.php, and (7) Format.php in excelwriter/Writer/.
Wed, 6 Feb 08
PHP Links
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0566
PHP remote file inclusion vulnerability in includes/smarty.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path_to_public_program parameter.
Wed, 6 Feb 08
PHP Links
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0565
SQL injection vulnerability in vote.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 6 Feb 08
MailMan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0564
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's "info attribute" in the web administrator interface, a different vulnerability than CVE-2006-3636.
Wed, 6 Feb 08
Open_BSD
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6700
Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter.
Wed, 6 Feb 08
Viewer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5602
Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and SwiftSend, allow remote attackers to execute arbitrary code via unspecified vectors to the (1) svocx.ocx ActiveX control or the (2) npsview.dll plugin for Mozilla and Firefox.
Wed, 6 Feb 08
Liferay Enterprise Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0563
Cross-site request forgery (CSRF) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers to perform unspecified actions as unspecified authenticated users via the User-Agent HTTP header, which is used when composing Forgot Password e-mail messages in HTML format.
Wed, 6 Feb 08
Liferay Enterprise Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0182
Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message.
Wed, 6 Feb 08
Liferay Enterprise Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0181
Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message.
Wed, 6 Feb 08
Liferay Enterprise Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0180
Cross-site scripting (XSS) vulnerability in themes/_unstyled/templates/init.vm in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Greeting field in a User Profile.
Wed, 6 Feb 08
Liferay Enterprise Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0179
Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header, which is used when composing Forgot Password e-mail messages in HTML format.
Wed, 6 Feb 08
Liferay Enterprise Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0178
Cross-site scripting (XSS) vulnerability in the Enterprise Admin Session Monitoring component in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Wed, 6 Feb 08
enterprise_linux, desktop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4130
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation.
Wed, 6 Feb 08
Mambo, Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0562
SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
Wed, 6 Feb 08
AkoGallery, Mambo, Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0561
SQL injection vulnerability in index.php in the Arthur Konze AkoGallery (com_akogallery) 2.5 beta component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
Wed, 6 Feb 08
cForms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0560
** DISPUTED ** PHP remote file inclusion vulnerability in cforms-css.php in Oliver Seidel cforms (contactforms), a Wordpress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the tm parameter. NOTE: CVE disputes this issue for 7.3, since there is no tm parameter, and the code exits with a fatal error due to a call to an undefined function.
Wed, 6 Feb 08
Nilsons Blogger
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0559
Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php.
Wed, 6 Feb 08
eCart Professional
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0558
Cross-site scripting (XSS) vulnerability in Uniwin eCart Professional before 2.0.16 allows remote attackers to inject arbitrary web script or HTML via the rp parameter to cartView.asp and unspecified other components. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 6 Feb 08
CatalogShop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0557
SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
Tue, 5 Feb 08
CVE-2008-0386
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0386
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
Tue, 5 Feb 08
YGP PicEditor ActiveX Control
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6699
Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser crash) via a long string in the (1) DisplayName, (2) FinalSavePath, (3) ForceSaveTo, (4) HiddenControls, (5) InitialEditorScreen, (6) Locale, (7) Proxy, and (8) UserAgent property values.
Tue, 5 Feb 08
OpenLDAP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6698
The BDB backend for slapd in OpenLDAP before 2.3.36, allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability.
Sat, 2 Feb 08
eTicket
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0552
Cross-site scripting (XSS) vulnerability in index.php in eTicket 1.5.6-RC4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Sat, 2 Feb 08
ActiveSquare, ActiveX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0551
The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
Steamcast
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0550
Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.
Sat, 2 Feb 08
Steamcast
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0549
Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via a long Ogg tag.
Sat, 2 Feb 08
Steamcast
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0548
Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc fails.
Sat, 2 Feb 08
CandyPress Store
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0547
Cross-site scripting (XSS) vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and probably earlier 4.x and 3.x versions, allows remote attackers to inject arbitrary web script or HTML via the helpfield parameter.
Sat, 2 Feb 08
CandyPress Store
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0546
Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp.
Sat, 2 Feb 08
Bubbling Library
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0545
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) uri parameter to (a) yui-menu.tpl.php, (b) simple.tpl.php, and (c) advanced.tpl.php in dispatcher/framework/; and the (2) page parameter to (d) yui-menu.php, (e) simple.php, and (f) advanced.php in dispatcher/framework/, different vectors than CVE-2008-0521.
Sat, 2 Feb 08
SDL_image
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0544
Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
Pre Dynamic Institution
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0543
Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
Simple Forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0542
Directory traversal vulnerability in thumbnail.php in Gerd Tentler Simple Forum 3.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Sat, 2 Feb 08
Simple Forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0541
Multiple cross-site scripting (XSS) vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) open and (2) date_show parameters.
Sat, 2 Feb 08
trixbox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0540
Multiple cross-site scripting (XSS) vulnerabilities in trixbox 2.4.2.0 allow remote attackers to inject arbitrary web script or HTML via the query string to index.php in (1) user/ or (2) maint/.
Sat, 2 Feb 08
BIG-IP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0539
Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter.
Sat, 2 Feb 08
phpIP Management
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0538
Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
SDL_image
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6697
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
WebCalendar
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6696
Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) an event description, (2) the query string to pref.php, and (3) the adv parameter to search.php. NOTE: vector 1 requires user authentication.
Sat, 2 Feb 08
Drake CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6695
Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via the option parameter.
Sat, 2 Feb 08
Linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4998
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.
Sat, 2 Feb 08
PatchLink Update
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0525
PatchLink Update client for Unix allows local users to (1) truncate arbitrary files via a symlink attack on the /tmp/patchlink.tmp file used by the logtrimmer script, and (2) execute arbitrary code via a symlink attack on the /tmp/plshutdown file used by the rebootTask script.
Sat, 2 Feb 08
CVE-2008-0524 (RT107e, RT52pro, RT56v, RT57i, RT58i, RT60w, RT80i, RTA50i, RTA52i, RTA54i, RTA55...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0524
Cross-site request forgery (CSRF) vulnerability in the management interface in multiple Yamaha RT series routers allows remote attackers to change password settings and probably other configuration settings as administrators via unspecified vectors.
Sat, 2 Feb 08
SoftCart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0523
Multiple cross-site scripting (XSS) vulnerabilities in SoftCart.exe in SoftCart 5.1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) License_Plate, (2) License_State, (3) Ticket_Date, and (4) Ticket_Number parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 2 Feb 08
Perl _CGI_cart, PHP_cart, Shop_hal_v1
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0522
Cross-site scripting (XSS) vulnerability in multiple Hal Networks shopping-cart products allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Sat, 2 Feb 08
Bubbling Library
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0521
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to read arbitrary files via a .. (dot dot) in the uri parameter to dispatcher.php in (1) examples/dispatcher/framework/, (2) examples/dispatcher/, (3) examples/wizard/, and (4) PHP/, different vectors than CVE-2008-????.
Sat, 2 Feb 08
WassUp Plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0520
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.
Sat, 2 Feb 08
com_jokes
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0519
SQL injection vulnerability in index.php in the Atapin Jokes (com_jokes) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a CatView action.
Sat, 2 Feb 08
com_recipes
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0518
SQL injection vulnerability in index.php in the Recipes (com_recipes) 1.00 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
Sat, 2 Feb 08
EstateAgent, Mambo, Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
Sat, 2 Feb 08
SQLite Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0516
PHP remote file inclusion vulnerability in spaw/dialogs/confirm.php in SQLiteManager 1.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 2 Feb 08
musepoes_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0515
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
Sat, 2 Feb 08
Glossary
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0514
SQL injection vulnerability in index.php in the Glossary (com_glossary) 2.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a display action.
Sat, 2 Feb 08
CVE-2008-0513
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0513
Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840.
Sat, 2 Feb 08
com_fq Component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0512
SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
Sat, 2 Feb 08
com_mamml Component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0511
SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
Sat, 2 Feb 08
CVE-2008-0510 (Mambo Open Source 4.5)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0510
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
Sat, 2 Feb 08
AIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0509
Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.
Sat, 2 Feb 08
Permalinks Migration Plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0508
Cross-site request forgery (CSRF) vulnerability in deans_permalinks_migration.php in the Dean's Permalinks Migration 1.0 plugin for WordPress allows remote attackers to modify the oldstructure (aka dean_pm_config[oldstructure]) configuration setting as administrators via the old_struct parameter in a deans_permalinks_migration.php action to wp-admin/options-general.php, as demonstrated by placing an XSS sequence in this setting.
Sat, 2 Feb 08
AdServe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0507
SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 2 Feb 08
Coppermine Photo Gallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0506
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
Coppermine Photo Gallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0505
Multiple cross-site scripting (XSS) vulnerabilities in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
Coppermine Photo Gallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0504
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) util.php and (2) reviewcom.php. NOTE: some of these details are obtained from third party information.
Sat, 2 Feb 08
Smart Publisher
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0503
Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter.
Sat, 2 Feb 08
Connectix Boards
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0502
PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter.
Sat, 2 Feb 08
XnView, NConvert, GFL SDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0064
Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.