Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Sat, 31 May 08
Upload File plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2510
SQL injection vulnerability in wp-uploadfile.php in the Upload File plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the f_id parameter.
Sat, 31 May 08
Excuse Online
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2509
SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter.
Sat, 31 May 08
Tr Script News
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2508
Cross-site scripting (XSS) vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the "nb" parameter in voir mode.
Sat, 31 May 08
Calcium
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2507
Cross-site scripting (XSS) vulnerability in Calcium40.pl in Brown Bear Software Calcium 3.10 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the CalendarName parameter in a ShowIt action.
Sat, 31 May 08
Weblosning
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2506
Multiple SQL injection vulnerabilities in Simpel Side Weblosning 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) mainid and (2) id parameters to index2.php.
Sat, 31 May 08
Weblosninger
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2505
Cross-site scripting (XSS) vulnerability in result.php in Simpel Side Weblosning 1 through 4 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Sat, 31 May 08
Netbutik
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2504
Multiple SQL injection vulnerabilities in Simpel Side Netbutik 1 through 4 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to netbutik.php and the (2) id parameter to product.php.
Sat, 31 May 08
eMule X-Ray
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2503
Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown impact and remote attack vectors.
Sat, 31 May 08
X_Ray
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2502
Unspecified vulnerability in the web server in eMule X-Ray before 1.4 allows remote attackers to trigger memory corruption via unknown attack vectors.
Sat, 31 May 08
PHPhotoalbum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2501
Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) album parameter to thumbnails.php and the (2) pid parameter to displayimage.php.
Sat, 31 May 08
MostlyCE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2500
Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor (MOStlyCE) component before 3.0 for Mambo allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Sat, 31 May 08
Lotus Sametime
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2499
Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL.
Sat, 31 May 08
AlphaStor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2158
Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 SP1 for Windows allow remote attackers to execute arbitrary code via crafted TCP packets to port 41025.
Sat, 31 May 08
AlphaStor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2157
robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows allows remote attackers to execute arbitrary commands via an unspecified string field in a packet to TCP port 3500.
Sat, 31 May 08
Kernel, Debian Linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2137
The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls.
Sat, 31 May 08
CiscoWorks Common Services
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2054
Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors.
Sat, 31 May 08
OpenSSL
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1672
OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites."
Sat, 31 May 08
Samba
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1105
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
Sat, 31 May 08
CVE-2008-0959 (Alive MP3 WAV Converter, NCTAudioEditor ActiveX control, NCTAudioStudio ActiveX c...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0959
Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll allow remote attackers to execute arbitrary code via unspecified vectors.
Fri, 30 May 08
NCTAudioeditor_activeX_control
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0958
Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioGrabber2 ActiveX control in NCTAudioGrabber2.dll allow remote attackers to execute arbitrary code via unspecified vectors.
Fri, 30 May 08
creative_software_autoupdate_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0955
Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value.
Fri, 30 May 08
openssl
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0891
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a crafted packet. NOTE: some of these details are obtained from third party information.
Thu, 29 May 08
mambo
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2498
Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information.
Thu, 29 May 08
mambo
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2497
CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Thu, 29 May 08
quate_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2496
Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php.
Thu, 29 May 08
zina
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2495
Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an unknown impact via a .. (dot dot) in the p parameter.
Thu, 29 May 08
zina
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2494
Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter.
Thu, 29 May 08
campus_bulletin_board
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2493
Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus Bulletin Board 3.4 allows remote attackers to inject arbitrary web script or HTML via the review parameter.
Thu, 29 May 08
campus_bulletin_board
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2492
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
Thu, 29 May 08
ablespace
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2491
SQL injection vulnerability in adv_cat.php in AbleSpace 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Thu, 29 May 08
kj_imagelightbox2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2490
Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extension 1.4.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified "user input."
Thu, 29 May 08
sg_zfelib
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2489
SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input."
Thu, 29 May 08
roomphplanning
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2488
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts.
Thu, 29 May 08
maxsite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2487
SQL injection vulnerability in index.php in MAXSITE 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a webboard action.
Thu, 29 May 08
emule_plus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2486
Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing."
Thu, 29 May 08
PCPIN Chat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2485
Cross-site scripting (XSS) vulnerability in the URL redirection script (inc/url_redirection.inc.php) PCPIN Chat before 6.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Thu, 29 May 08
xomol_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2484
SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter.
Thu, 29 May 08
xomol_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2483
Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the op parameter.
Thu, 29 May 08
onecms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2482
Directory traversal vulnerability in install_mod.php in insanevisions OneCMS 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter in a go action.
Thu, 29 May 08
phpRaider
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2481
PHP remote file inclusion vulnerability in authentication/phpbb3/phpbb3.functions.php in phpRaider 1.0.7 and 1.0.7a, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pConfig_auth[phpbb_path] parameter.
Thu, 29 May 08
plusphp_short_url_multi-user_script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2480
PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the _pages_dir parameter.
Thu, 29 May 08
phpfix
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2479
Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php.
Thu, 29 May 08
cPanel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2478
** DISPUTED ** scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel."
Thu, 29 May 08
mxbb_portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2477
SQL injection vulnerability in index.php in MxBB (aka MX-System) Portal 2.7.3 allows remote attackers to execute arbitrary SQL commands via the page parameter.
Wed, 28 May 08
netious_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2461
SQL injection vulnerability in index.php in Netious CMS 0.4 allows remote attackers to execute arbitrary SQL commands via the pageid parameter, a different vector than CVE-2006-4047.
Wed, 28 May 08
vbulletin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2460
SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote attackers to execute arbitrary SQL commands via the q parameter in a search action.
Wed, 28 May 08
entertainmentscript
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2459
Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
Wed, 28 May 08
starsgames_control_panel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2458
Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the st parameter.
Wed, 28 May 08
php-jokesite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2457
SQL injection vulnerability in jokes_category.php in PHP-Jokesite 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Wed, 28 May 08
comicshout
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2456
SQL injection vulnerability in index.php in ComicShout 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the comic_id parameter.
Wed, 28 May 08
e107_blog_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2455
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter.
Wed, 28 May 08
com_xsstream-dm
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2454
SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php.
Wed, 28 May 08
php_classifieds_script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2453
Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php.
Wed, 28 May 08
TYPO3
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2452
Cross-site scripting (XSS) vulnerability in the Questionaire (aka pbsurvey) extension 1.2.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 28 May 08
TYPO3
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2451
Multiple SQL injection vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 28 May 08
TYPO3
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2450
Multiple cross-site scripting (XSS) vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 28 May 08
phpinstantgallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2449
Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gallery parameter to (a) index.php and (b) image.php, and the (2) imgnum parameter to image.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 28 May 08
meto_forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2448
Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) admin/duzenle.asp and (b) admin_oku.asp; the (2) kid parameter to (c) kategori.asp and (d) admin_kategori.asp; and unspecified parameters to (e) uye.asp and (f) oku.asp.
Wed, 28 May 08
zogo_shop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2447
SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Wed, 28 May 08
web_group_communication_center
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2446
Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid parameter to (a) profile.php in a "show moreinfo" action; the (2) bildid parameter to (b) picturegallery.php in a shownext action; the (3) id parameter to (c) filebase.php in a freigeben action, (d) schedule.php in a del action, and (e) profile.php in an observe action; and the (4) pmid parameter in...
Wed, 28 May 08
web_group_communication_center
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2445
Cross-site scripting (XSS) vulnerability in profile.php in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a show action.
Wed, 28 May 08
CaLogic Calendars
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2444
SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter.
Wed, 28 May 08
the_real_estate_script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2443
SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter.
Wed, 28 May 08
fichive
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2425
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 28 May 08
interchange
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2424
Unspecified vulnerability in the 404 error page for the "Standard demo" in Interchange before 5.6.0 has unknown impact and attack vectors.
Wed, 28 May 08
Interchange
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2423
Unspecified vulnerability in Interchange before 5.6.0 allows remote attackers to cause an denial of service via crafted HTTP requests. NOTE: this might be overlap CVE-2007-2635.
Wed, 28 May 08
WebSlider
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2422
SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitrary SQL commands via the slide parameter in a slides action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 28 May 08
SAP Web Application Server, Web Dynpro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2421
Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP (aka WD4A or WDA), and Web Dynpro for BSP allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under bc/gui/sap/its/webgui/.
Wed, 28 May 08
Stunnel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2420
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
Wed, 28 May 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2419
Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript:"' sequence.
Wed, 28 May 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2418
Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
Wed, 28 May 08
Trillian
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2409
Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message.
Wed, 28 May 08
trillian_pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2408
Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag.
Wed, 28 May 08
trillian
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2407
Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assisted remote attackers to execute arbitrary code via a long attribute value in a FONT tag in a message.
Wed, 28 May 08
Barracuda Spam Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2333
Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
Wed, 28 May 08
Django
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2302
Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request.
Wed, 28 May 08
Enterprise Linux Desktop Workstation, enterprise_linux, linux_advanced_workstation
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1767
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Wed, 28 May 08
network_satellite_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5961
Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Wed, 28 May 08
setroubleshoot
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5496
Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert.
Wed, 28 May 08
setroubleshoot
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5495
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file.
Fri, 23 May 08
webboard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2417
SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter.
Fri, 23 May 08
fichive
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2416
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action.
Fri, 23 May 08
DigitalHive
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2415
Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) 2.0 RC2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Fri, 23 May 08
an_guestbook
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2414
Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote attackers to inject arbitrary web script or HTML via the postid parameter.
Fri, 23 May 08
acgv_news
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2413
Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Fri, 23 May 08
acgv_news
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2412
SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 23 May 08
Sazcart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2411
SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action.
Fri, 23 May 08
Lotus Domino Web Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2410
Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Fri, 23 May 08
Stunnel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2400
Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
Fri, 23 May 08
fireftp
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2399
Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Fri, 23 May 08
Lotus Domino
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2240
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.
Fri, 23 May 08
unified_customer_voice_portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2053
Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account.
Fri, 23 May 08
iCal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2007
Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "resource liberation" bug.
Fri, 23 May 08
iCal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2006
Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line. NOTE: this might be a duplicate of CVE-2008-1035.
Fri, 23 May 08
Snort
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1804
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment.
Fri, 23 May 08
IOS S, IOS T, IOS XR
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1159
Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293.
Fri, 23 May 08
service_control_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0536
Unspecified vulnerability in the SSH server in Cisco Service Control Engine (SCE) before 3.0.7, and 3.1.x before 3.1.0, allows remote attackers to cause a denial of service (management interface outage) via SSH traffic that occurs during management operations and triggers "illegal I/O operations," aka Bug ID CSCsh49563.
Fri, 23 May 08
service_control_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0535
Unspecified vulnerability in the SSH server in Cisco Service Control Engine (SCE) before 3.1.6 allows remote attackers to cause a denial of service (device instability) via "SSH credentials that attempt to change the authentication method," aka Bug ID CSCsm14239.
Fri, 23 May 08
service_control_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0534
The SSH server in Cisco Service Control Engine (SCE) before 3.1.6 allows remote attackers to cause a denial of service (device restart or daemon outage) via a high rate of login attempts, aka Bug ID CSCsi68582.
Fri, 23 May 08
enterprise_linux, fedora
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5962
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
Thu, 22 May 08
AppServ
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2398
Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
Thu, 22 May 08
dotcms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2397
Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 22 May 08
mircrossys_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2396
PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in an arbitrary element of the PAGES array parameter.
Thu, 22 May 08
alkalinephp
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2395
SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 22 May 08
tagworx_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2394
Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
Thu, 22 May 08
entertainmentscript
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2393
SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 22 May 08
WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2392
Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.
Thu, 22 May 08
subsonic
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2391
SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1.
Thu, 22 May 08
Software Update
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2390
Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument.
Thu, 22 May 08
mtr
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2357
Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the ns_name_ntop function in resolv/ns_name.c in glibc and the proper fix should be in glibc; if so, then this should not be treated as a vulnerability in mtr.
Thu, 22 May 08
BrightStor ARCserve Backup
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2242
Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.
Thu, 22 May 08
BrightStor ARCserve Backup, Server Protection Suite, Business Protection Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2241
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
Thu, 22 May 08
GnuTLS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1950
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3.
Thu, 22 May 08
GnuTLS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1949
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2.
Thu, 22 May 08
GnuTLS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1948
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNU...
Thu, 22 May 08
HP-UX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1660
Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.
Thu, 22 May 08
reader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1104
Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings.
Wed, 21 May 08
archangel_weblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2356
SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter.
Wed, 21 May 08
wr-meeting
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2355
Directory traversal vulnerability in index.php in WR-Meeting 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the msnum parameter in a coment event.
Wed, 21 May 08
testmaker
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2354
Unspecified vulnerability in the data export function in testMaker before 3.0p10 allows test authors to obtain access to export data via unknown vectors.
Wed, 21 May 08
gnugallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2353
Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter.
Wed, 21 May 08
smeego
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2352
Directory traversal vulnerability in index.php in Smeego 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie.
Wed, 21 May 08
cms_webmanager-pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2351
Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters.
Wed, 21 May 08
bcoos
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2350
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
Wed, 21 May 08
zomplog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2349
Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin account via a direct request to install/newuser.php with the admin parameter set to 1.
Wed, 21 May 08
melting_ice_file_system
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2348
MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php.
Wed, 21 May 08
mypicgallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2347
MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php.
Wed, 21 May 08
alkalinephp
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2346
AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php.
Wed, 21 May 08
photostockplus_uploader_tool
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0957
Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control (PSPUploader.ocx) allow remote attackers to execute arbitrary code via unspecified initialization parameters.
Tue, 20 May 08
air_filemanager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2345
Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."
Tue, 20 May 08
air_filemanager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2344
Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 20 May 08
News Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2343
News Manager 2.0 allows remote attackers to bypass restrictions and obtain sensitive information via a direct request to (1) db/connect_str.php and (2) login/info.php.
Tue, 20 May 08
News Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2342
Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
Tue, 20 May 08
news_manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2341
PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the read_xml_include parameter.
Tue, 20 May 08
News Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2340
Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php.
Tue, 20 May 08
sunshop_shopping_cart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2339
SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.
Tue, 20 May 08
ActiveKB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2338
Interspire ActiveKB 1.5 and earlier allows remote attackers to gain privileges by setting the auth cookie to true when accessing unspecified scripts in /admin.
Tue, 20 May 08
IMGallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2337
Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors than CVE-2006-3163.
Tue, 20 May 08
68 Classifieds
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2336
SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Tue, 20 May 08
phpvid
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2335
Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information.
Tue, 20 May 08
philboard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2334
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the...
Tue, 20 May 08
Kostenloses_Linkmanagementscript
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2301
SQL injection vulnerability in Kostenloses Linkmanagementscript allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) top_view.php.
Tue, 20 May 08
Access Essentials, Citrix Presentation Server, Desktop Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2300
Unspecified vulnerability in Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0 allows remote authenticated users to access unauthorized desktops via unknown attack vectors.
Tue, 20 May 08
Presentation Server, Access Essentials, Desktop Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2299
Unspecified vulnerability in SecureICA and ICA Basic encryption of Citrix Presentation Server 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 can cause clients to use weaker encryption settings than configured by the administrator, which might allow attackers to bypass intended restrictions.
Tue, 20 May 08
Web Slider
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2298
Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges by setting the admin cookie to 1.
Tue, 20 May 08
rantx
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2297
The admin.php file in Rantx allows remote attackers to bypass authentication and gain privileges by setting the logininfo cookie to "", which is present in the password file and probably passes an insufficient comparison.
Tue, 20 May 08
rgboard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2296
PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.
Tue, 20 May 08
rgboard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2295
Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard 3.0.12, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the s_text parameter and other unspecified vectors.
Tue, 20 May 08
pet_grooming_management_system
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2294
Pet Grooming Management System 2.0 allows remote attackers to gain privileges via a direct request to useradded.php with a modified user name for "admin."
Tue, 20 May 08
MPCS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2293
admin.php in Multi-Page Comment System (MPCS) 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1.
Tue, 20 May 08
Net-SNMP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2292
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).
Tue, 20 May 08
Altiris Deployment Solution
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2291
Unspecified vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to retrieve weakly encrypted domain credentials via unknown attack vectors related to a missing salt.
Tue, 20 May 08
Altiris Deployment Solution
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2290
Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.
Tue, 20 May 08
Altiris Deployment Solution
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2289
Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.
Tue, 20 May 08
Altiris Deployment Solution
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2288
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.
Tue, 20 May 08
Altiris Deployment Solution
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2287
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.
Tue, 20 May 08
Altiris Deployment Solution
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2286
SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Tue, 20 May 08
Linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2285
The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.
Tue, 20 May 08
fusebox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2284
PHP remote file inclusion vulnerability in fusebox5.php in Fusebox 5.5.1 allows remote attackers to execute arbitrary PHP code via a URL in the FUSEBOX_APPLICATION_PATH parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 20 May 08
linear_barcode, datamatrix_barcode, PDF417_barcode, aztec_barcode
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2283
IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6.dll (aka IDAutomation Linear BarCode) 1.6.0.6, (b) the IDAuto.Datamatrix.1 ActiveX control in IDAutomationDMATRIX6.DLL (aka IDautomation Datamatrix Barcode) 1.6.0.6, (c) the IDAuto.PDF417.1 ActiveX control in IDAutomationPDF417_6.dll (aka IDautomation PDF417 Barcode) 1.6.0.6, and (d) the IDAuto.A...
Tue, 20 May 08
Internet Photoshow
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2282
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers to bypass authentication by setting the login_admin cookie to true.
Tue, 20 May 08
Internet Explorer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2281
Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document.
Tue, 20 May 08
GForge
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0167
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.
Mon, 19 May 08
PicEngine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2280
Cross-site scripting (XSS) vulnerability in admin/index.php in Script PHP PicEngine 1.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Mon, 19 May 08
Freelance Auction Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2279
Freelance Auction Script 1.0 stores user passwords in plaintext in the tbl_users table, which allows attackers to gain privileges by reading the table.
Mon, 19 May 08
Freelance Auction Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2278
SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action.
Mon, 19 May 08
Feedback and Rating Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2277
SQL injection vulnerability in detail.php in Feedback and Rating Script 1.0 allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
Mon, 19 May 08
Mantis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2276
Cross-site request forgery (CSRF) vulnerability in Mantis 1.1.1 allows remote attackers to create new administrative users via user_create.
Mon, 19 May 08
sr_feuser_register Extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2275
Unspecified vulnerability in sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to execute arbitrary code and delete arbitrary files via unspecified attack vectors.
Mon, 19 May 08
sr_feuser_register Extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2274
Cross-site scripting (XSS) vulnerability in the sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Mon, 19 May 08
ArubaOS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2273
Unspecified vulnerability in the TACACS authentication component in Aruba Mobility Controller 3.1.x, 3.2.x, and 3.3.x allows remote authenticated users to gain privileges via unknown vectors.
Mon, 19 May 08
aruba_mobility_controller
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2272
Mltiple cross-site scripting (XSS) vulnerabilities in the web interface in "Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Mon, 19 May 08
Drupal, Site_Documentation_Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2271
The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote authenticated users to gain privileges of other users by leveraging the "access content" permission to list tables and obtain session IDs from the database.
Mon, 19 May 08
Kostenloses_Linkmanagementscript
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2270
Multiple PHP remote file inclusion vulnerabilities in PHPWAY Kostenloses Linkmanagementscript allow remote attackers to execute arbitrary PHP code via a URL in the (1) main_page_directory and (2) page_to_include parameters in templateindex.php.
Mon, 19 May 08
AustinSmoke GasTracker
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2269
AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers to bypass authentication and gain privileges by setting the gastracker_admin cookie to TRUE.
Mon, 19 May 08
mjguest
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2268
Open redirect vulnerability in interface/redirect.htm.php in Mjguest 6.7 GT Rev.01 allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter in a redirect action to mjguest.php. NOTE: this is user-assisted because there is a delay and a notification before redirection occurs.
Mon, 19 May 08
CMS Made Simple
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2267
Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and earlier allows remote attackers to execute arbitrary code by uploading a file with a name ending in (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5) .phtml, (6) .php5, or (7) .jar, then accessing it via a direct request to the file in modules/FileManager/postlet/.
Mon, 19 May 08
UUDeview
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2266
uulib/uunconc.c in UUDeview 0.5.20 allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
Mon, 19 May 08
EMO Realty Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2265
SQL injection vulnerability in news.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the ida parameter.
Mon, 19 May 08
CyrixMED
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2264
Cross-site scripting (XSS) vulnerability in index.php in CyrixMED 1.4 allows remote attackers to inject arbitrary web script or HTML via the msg_erreur parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Mon, 19 May 08
Automated Link Exchange Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2263
SQL injection vulnerability in linking.page.php in Automated Link Exchange Portal allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: linking.page.php is commonly renamed to link.php, links.php, etc.
Mon, 19 May 08
Building Broadband Service Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2165
Cross-site scripting (XSS) vulnerability in AccessCodeStart.asp in Cisco Building Broadband Service Manager (BBSM) Captive Portal 5.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Mon, 19 May 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2136
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Mon, 19 May 08
libvorbis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2009
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.
Mon, 19 May 08
CVE-2008-1748
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1748
Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.
Mon, 19 May 08
Unified Communications Manager, Unified CallManager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1747
Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944.
Mon, 19 May 08
Unified Communications Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1746
The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113.
Mon, 19 May 08
Unified Communications Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1745
Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115.
Mon, 19 May 08
Unified Communications Manager, Unified CallManager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1744
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.
Mon, 19 May 08
Unified Communications Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1743
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433.
Mon, 19 May 08
Unified Communications Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1742
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609.
Mon, 19 May 08
Unified Presence
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1741
The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533.
Mon, 19 May 08
Unified Presence
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1740
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972.
Mon, 19 May 08
libvorbis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1423
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow.
Mon, 19 May 08
libvorbis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1420
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.
Mon, 19 May 08
libvorbis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1419
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.
Mon, 19 May 08
Unified Presence, Unified Presence Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1158
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.
Fri, 16 May 08
Cyberfolio
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2228
PHP remote file inclusion vulnerability in portfolio/commentaires/derniers_commentaires.php in Cyberfolio 7.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep parameter.
Fri, 16 May 08
PHP-Fusion
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2227
Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 16 May 08
openkm
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2226
Unspecified vulnerability in the export feature in OpenKM before 2.0 allows remote attackers to export arbitrary documents via unspecified vectors. NOTE: some of these details are obtained from third party information.
Fri, 16 May 08
gamecms_lite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2225
SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId parameter.
Fri, 16 May 08
Sazcart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2224
Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _saz[settings][site_dir] parameter to layouts/default/header.saz.php and the (2) _saz[settings][site_url] parameter to admin/alayouts/default/pages/login.php.
Fri, 16 May 08
vshare_you_tube_clone
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2223
SQL injection vulnerability in group_posts.php in vShare YouTube Clone 2.6 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
Fri, 16 May 08
EQdkp
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2222
SQL injection vulnerability in login.php in EQdkp 1.3.2f allows remote attackers to bypass EQdkp user authentication via the user_id parameter.
Fri, 16 May 08
WebSphere Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2221
Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors.
Fri, 16 May 08
Interact
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2220
Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[LANGUAGE_CPATH] parameter to modules/forum/embedforum.php and the (2) CONFIG[BASE_PATH] parameter to modules/scorm/lib.inc.php, different vectors than CVE-2006-4448.
Fri, 16 May 08
C-News
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2219
Cross-site scripting (XSS) vulnerability in install.php in C-News.fr C-News 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the etape parameter.
Fri, 16 May 08
multimedia_communications_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2218
Buffer overflow in the Multimedia PC Client in Nortel Multimedia Communication Server (MCS) before Maintenance Release 3.5.8.3 and 4.0.25.3 allows remote attackers to cause a denial of service (crash) via a flood of "extraneous" messages, as demonstrated by the Nessus "Generic flood" denial of service plugin.
Fri, 16 May 08
content_management_system
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2217
Directory traversal vulnerability in cm/graphie.php in Content Management System 0.6.1 for Phprojekt allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cm_imgpath parameter.
Fri, 16 May 08
project-based_calendaring _system
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2216
Unrestricted file upload vulnerability in src/yopy_upload.php in Project-Based Calendaring System (PBCS) 0.7.1 allows remote authenticated users to upload arbitrary files to tmp/uploads.
Fri, 16 May 08
project-based_calendaring _system
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2215
Multiple directory traversal vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) src/yopy_sync.php and (2) system-logger/print_logs.php.
Fri, 16 May 08
SNMPc
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2214
Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.
Fri, 16 May 08
xen
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1944
Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly execute arbitrary code via "bogus screen updates."
Fri, 16 May 08
xen
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1943
Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted shared framebuffer.
Fri, 16 May 08
cisco_content_switching_module, cisco_content_switching_module_SSL
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1749
Memory leak in Cisco Content Switching Module (CSM) 4.2(3) up to 4.2(8) and Cisco Content Switching Module with SSL (CSM-S) 2.1(2) up to 2.1(7) allows remote attackers to cause a denial of service (memory consumption) via TCP segments with an unspecified combination of TCP flags.
Fri, 16 May 08
maian_links
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2213
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Links 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.
Fri, 16 May 08
maian_cart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2212
Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_adminheader, (2) msg_adminheader2, (3) msg_adminheader3, (4) msg_adminheader4, and unspecified other parameters to admin/inc/header.php; the (5) msg_script3 and unspecified other parameters to admin/inc/footer.php; and the (6) keywords parameter to index.php in a search action.
Fri, 16 May 08
maian_guestbook
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2211
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Guestbook 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.
Fri, 16 May 08
maian_support
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2210
Multiple cross-site scripting (XSS) vulnerabilities in Maian Support 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script, (2) msg_script2, and (3) msg_script3 parameters to admin/inc/footer.php; and the (4) msg_script2 parameter to admin/inc/header.php.
Fri, 16 May 08
maian_greeting
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2209
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script and (2) msg_script2 parameters.
Fri, 16 May 08
maian_greeting
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2208
SQL injection vulnerability in index.php in Maian Greeting 2.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action.
Fri, 16 May 08
maian_gallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2207
Cross-site scripting (XSS) vulnerability in admin/index.php in Maian Gallery 2.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action.
Fri, 16 May 08
maian_music
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2206
Multiple cross-site scripting (XSS) vulnerabilities in Maian Music 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter in a search action to index.php, and the (2) msg_script parameter to admin/inc/footer.php.
Fri, 16 May 08
maian_music
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2205
SQL injection vulnerability in index.php in Maian Music 1.1 allows remote attackers to execute arbitrary SQL commands via the album parameter in an album action.
Fri, 16 May 08
maian_search
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2204
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Search 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) header, (2) header2, (3) header3, (4) header4, (5) header5, (6) header6, (7) header7, (8) header8, and (9) header9 parameters.
Fri, 16 May 08
maian_search
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2203
SQL injection vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action.
Fri, 16 May 08
maian_uploader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2202
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.
Fri, 16 May 08
maian_recipe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2201
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Recipe 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) header, (2) header2, (3) header3, (4) header4, (5) header5, (6) header6, (7) header7, (8) header8, and (9) header9 parameters.
Fri, 16 May 08
maian_weblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2200
Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to admin/index.php in a blogs search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.
Fri, 16 May 08
kmita_mail
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2199
PHP remote file inclusion vulnerability in kmitaadmin/kmitam/htmlcode.php in Kmita Mail 3.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
Fri, 16 May 08
tellfriend
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2198
PHP remote file inclusion vulnerability in kmitaadmin/kmitat/htmlcode.php in Kmita Tellfriend 2.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
Fri, 16 May 08
miniweb
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2197
SQL injection vulnerability in the blogwriter module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter to index.php.
Fri, 16 May 08
LifeType
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2196
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.
Thu, 15 May 08
DeluxeBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2195
Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and earlier allows remote authenticated administrators to inject arbitrary PHP code into logs/cp.php via the URI.
Thu, 15 May 08
DeluxeBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2194
SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter.
Thu, 15 May 08
scorpnews
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2193
PHP remote file inclusion vulnerability in example.php in Thomas Gossmann ScorpNews 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter.
Thu, 15 May 08
ITCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2192
Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.
Thu, 15 May 08
pnEncyclopedia
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2191
SQL injection vulnerability in the pnEncyclopedia module 0.2.0 and earlier for PostNuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a display_term action to index.php.
Thu, 15 May 08
online_rent_property_script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2190
SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Thu, 15 May 08
auction_xl
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2189
SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Thu, 15 May 08
Squid Analysis Report Generator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1922
Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file.
Thu, 15 May 08
Nagios
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5803
Cross-site scripting (XSS) vulnerability in Nagios allows remote attackers to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2007-5624 and CVE-2008-1360.
Thu, 15 May 08
blackbook
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2188
Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php, and the (3) bookName, (4) bookMetaTags, and (5) estiloCSS parameters to (b) header.php.
Thu, 15 May 08
mjguest
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2187
Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 GT Rev.01 allows remote attackers to inject arbitrary web script or HTML via the level parameter in a redirect action, possibly involving interface/redirect.htm.php.
Thu, 15 May 08
chicomas
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2186
Cross-site scripting (XSS) vulnerability in index.php in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Thu, 15 May 08
smartblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2185
Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to include arbitrary local files via directory traversal sequences in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 15 May 08
smartblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2184
Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) mois, (2) an, (3) jour, and (4) id parameters to index.php, and the (5) login parameter to gestion/logon.php, different vectors than CVE-2008-2183. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 15 May 08
smartblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2183
SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter.
Thu, 15 May 08
TYPO3
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2182
Cross-site scripting (XSS) vulnerability in the powermail extension before 1.1.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 15 May 08
cplinks
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2181
Multiple cross-site scripting (XSS) vulnerabilities in search.php in cpLinks 1.03 allow remote attackers to inject arbitrary web script or HTML via the (1) search_text and (2) search_category parameters. NOTE: the XSS reportedly occurs in a forced SQL error message. NOTE: some of these details are obtained from third party information.
Thu, 15 May 08
cplinks
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2180
Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information.
Thu, 15 May 08
SysAid
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2179
Cross-site scripting (XSS) vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 15 May 08
LifeType
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2178
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the searchTerms parameter in an editArticleCategories operation (aka an admin category search).
Thu, 15 May 08
phpdirectorysource
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2177
Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to show.php and the (2) login parameter to admin.php.
Thu, 15 May 08
zomplog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2176
Cross-site scripting (XSS) vulnerability in admin/category.php in Zomplog 3.8.2 allows remote attackers to inject arbitrary web script or HTML via the catname parameter.
Thu, 15 May 08
blogme_php
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2175
SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 15 May 08
animal_shelter_manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2174
Multiple unspecified vulnerabilities in Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 have unknown impact and attack vectors, related to "various areas where security was missing."
Thu, 15 May 08
router
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2173
Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Thu, 15 May 08
GR2000, GR3000, GR4000
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2172
Unspecified vulnerability in Hitachi GR routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Thu, 15 May 08
AX_router
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2171
Unspecified vulnerability in AlaxalA AX routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Thu, 15 May 08
router
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2170
Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Thu, 15 May 08
router, GR3000, GR4000, GR2000
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2169
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Thu, 15 May 08
CVE-2008-1438 (Windows Live OneCare, antigen_for_exchange, antigen_for_smtp_gateway, Windows Def...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1438
Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437.
Wed, 14 May 08
CVE-2008-1437 (Windows Live OneCare, antigen_for_exchange, antigen_for_smtp_gateway, Windows Def...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1437
Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (engine hang and restart) via a crafted file, a different vulnerability than CVE-2008-1438.
Wed, 14 May 08
Office, Office_compatibility_pack_for_word_excel_ppt_2007, word_viewer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1434
Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Word file with a malformed Cascading Style Sheet (CSS) value, related to a "memory handling error" that triggers memory corruption.
Wed, 14 May 08
Office, Office_compatibility_pack_for_word_excel_ppt_2007, word_viewer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1091
Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based buffer overflow, aka "Object Parsing Vulnerability."
Wed, 14 May 08
Office
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0119
Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability."
Wed, 14 May 08
Apache HTTP Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2168
Cross-site scripting (XSS) vulnerability Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Wed, 14 May 08
Zywall 100
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2167
Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page.
Wed, 14 May 08
Java System Web Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2166
Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp.
Wed, 14 May 08
HP-UX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0713
Unspecified vulnerability in the FTP server for HP-UX B.11.11, B.11.23, and B.11.31 allows remote authenticated users to cause a denial of service (FTP server outage) via unknown attack vectors.
Wed, 14 May 08
windows-nt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0322
The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the ".I2OExc" device interface, which allows local users to gain privileges. NOTE: this issue can be leveraged to overwrite arbitrary memory and execute code via an IOCTL call with a crafted DeviceObject pointer.
Wed, 14 May 08
Lotus Quickr
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2163
Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to "WYSIWYG editors."
Wed, 14 May 08
OpenSSL
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0166
OpenSSL 0.9.8c-1 up to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
Tue, 13 May 08
e-mail_security
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2162
Cross-site scripting (XSS) vulnerability in SonicWall Email Security 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the Host header in a request to a non-existent web page, which is not properly sanitized in an error page.
Tue, 13 May 08
TFTP Server SP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2161
Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.
Tue, 13 May 08
windows_ce
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2160
Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted JPEG and GIF images.
Tue, 13 May 08
ie
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2159
Microsoft Internet Explorer 7 can save encrypted pages in the cache even when the DisableCachingOfSSLPages registry setting is enabled, which might allow local users to obtain sensitive information.
Tue, 13 May 08
QEMU
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2004
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted.
Tue, 13 May 08
rdesktop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1803
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters, which triggers a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher.
Tue, 13 May 08
Wordnet
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2149
Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end.
Tue, 13 May 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2148
The utimensat system call in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
Tue, 13 May 08
VLC
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2147
Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.
Tue, 13 May 08
WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2146
wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current pafe from the PATH_INFO ($PHP_SELF), which allows remote attackers to bypass intended access restrictions for certain pages.
Tue, 13 May 08
Novell client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2145
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog.
Tue, 13 May 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2144
Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.
Tue, 13 May 08
Outlook Web Access
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2143
Unspecified versions of Microsoft Outlook Web Access (OWA) use the Cache-Control: no-cache HTTP directive instead of no-store, which might cause web browsers that follow RFC-2616 to cache sensitive information.
Tue, 13 May 08
Emacs, XEmacs
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2142
Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
Tue, 13 May 08
appliance_platform_agent
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2140
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL.
Tue, 13 May 08
appliance platform agent
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2139
The rootpw plugin in rPath Appliance Platform Agent 2 and 3 does not re-validate requests from a browser with a valid administrator session, including requests to change the password, which makes it easier for physically proximate attackers to gain privileges and maintain control over the administrator account.
Tue, 13 May 08
application_server_portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2138
Oracle Application Server (OracleAS) Portal 10g allows remote attackers to bypass intended access restrictions and read the contents of /dav_portal/portal/ via a request containing a trailing "%0A" (encoded line feed), then using the session ID that is generated from that request. NOTE: as of 20080512, Oracle has not commented on the accuracy of this report.
Tue, 13 May 08
SIPp
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2085
Multiple stack-based buffer overflows in the (1) get_remote_ip_media and (2) get_remote_ipv6_media functions in call.cpp in SIPp 3.1 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted SIP message.
Tue, 13 May 08
cPanel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2071
Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors.
Tue, 13 May 08
cPanel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2070
The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue parameter to scripts2/knowlegebase, (2) user parameter to scripts2/changeip, (3) search parameter to scripts2/listaccts, and other unspecified vectors.
Tue, 13 May 08
Firebird
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1880
The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password.
Tue, 13 May 08
rdesktop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1802
Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.
Tue, 13 May 08
rdesktop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1801
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
Tue, 13 May 08
Directory Server, Fedora Directory Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1677
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression.
Sat, 10 May 08
ezContents
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2135
Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) contentname parameter to showdetails.php and the (2) article parameter to printer.php.
Sat, 10 May 08
NukeET
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2134
The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie.
Sat, 10 May 08
NukeET
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2133
Cross-site scripting (XSS) vulnerability in the Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to inject arbitrary web script or HTML via the title parameter in a new entry, as demonstrated by a CSS property in the STYLE attribute of a DIV element, a different vulnerability than CVE-2008-1873.
Sat, 10 May 08
PostcardMentor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2132
SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter.
Sat, 10 May 08
mvnForum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2131
Cross-site scripting (XSS) vulnerability in mvnForum 1.1 GA allows remote authenticated users to inject arbitrary web script or HTML via the topic field, which is later displayed by user/viewthread.jsp through use of the "quick reply button."
Sat, 10 May 08
CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2130
SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 10 May 08
Galleristic
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2129
SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Sat, 10 May 08
CMS Faethon
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2128
PHP remote file inclusion vulnerability in templates/header.php in CMS Faethon 2.2 Ultimate allows remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter, a different vulnerability than CVE-2006-5588 and CVE-2006-3185.
Sat, 10 May 08
CMS Faethon
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2127
Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon 2.2 Ultimate allows remote attackers to inject arbitrary web script or HTML via the what parameter. NOTE: some of these details are obtained from third party information.
Sat, 10 May 08
CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2126
Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to index.php and the (2) returnURL parameter to tux-login.php.
Sat, 10 May 08
MusicBox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2125
SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter.
Sat, 10 May 08
fipsCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2124
SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter.
Sat, 10 May 08
Internet Transaction Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2123
Cross-site scripting (XSS) vulnerability in WGate in SAP Internet Transaction Server (ITS) 6.20 allows remote attackers to inject arbitrary web script or HTML via (1) a "<>" sequence in the ~service parameter to wgate.dll, or (2) Javascript splicing in the query string, a different vector than CVE-2006-5114.
Sat, 10 May 08
Rational Build Forge
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2122
IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service (CPU consumption) via a port scan, which spawns multiple bfagent server processes that attempt to read data from closed sockets.
Sat, 10 May 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2121
The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack.
Sat, 10 May 08
Java System Application Server, Java System Web Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2120
Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.
Fri, 9 May 08
Project Alumni
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2118
SQL injection vulnerability in info.php in Project Alumni 1.0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 9 May 08
Project Alumni
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2117
Cross-site scripting (XSS) vulnerability in pages/news.page.inc in Project Alumni 1.0.9 allows remote attackers to inject arbitrary web script or HTML via the year parameter in a news action to index.php, a different vector than CVE-2007-6126.
Fri, 9 May 08
Power Editor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2116
Multiple directory traversal vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) te and (2) dir parameters in a tempedit action.
Fri, 9 May 08
Power Editor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2115
Multiple cross-site scripting (XSS) vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) te and (2) dir parameters in a tempedit action.
Fri, 9 May 08
Pre Shopping Mall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2114
SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
Fri, 9 May 08
phpeasydata
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2113
SQL injection vulnerability in annuaire.php in PHPEasyData 1.5.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Fri, 9 May 08
Ray Server Software
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2112
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig.
Fri, 9 May 08
Acrobat 3D, Acrobat Reader, Acrobat Professional, Acrobat Standard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2042
The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to (1) execute arbitrary commands or (2) trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.
Fri, 9 May 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1669
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
Fri, 9 May 08
LDAP-UX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1659
Unspecified vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 allows local users to gain privileges via unknown vectors.
Fri, 9 May 08
desktop, enterprise_linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1615
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
Fri, 9 May 08
desktop, enterprise_linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6282
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
Fri, 9 May 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5498
The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service (host OS crash) via a request that specifies a large number of blocks.
Fri, 9 May 08
Desktop, enterprise_linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5001
Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file.
Fri, 9 May 08
yahoo_assistant
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2111
The ActiveX Control (yNotifier.dll) in Yahoo! Assistant 3.6 and earlier allows remote attackers to execute arbitrary code via unspecified vectors in the Ynoifier COM object that trigger memory corruption.
Fri, 9 May 08
QTOFileManager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2110
Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request.
Fri, 9 May 08
libid3tag
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2109
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '�', which triggers an infinite loop.
Fri, 9 May 08
PHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2108
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions.
Fri, 9 May 08
PHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2107
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mt_rand functions and possibly bypass protection mechanisms that rely on an unknown initial seed.
Fri, 9 May 08
call_of_duty_4
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2106
Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.
Thu, 8 May 08
Bugzilla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2105
email_in.pl in Bugzilla 2.23.4, and later versions before 3.0, allows remote authenticated users to more easily spoof the changer of a bug via a @reporter command in the body of an e-mail message, which overrides the e-mail address as normally obtained from the From e-mail header. NOTE: since From headers are easily spoofed, this only crosses privilege boundaries in environments that provide additional verification of e-mail addresses.
Thu, 8 May 08
Bugzilla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2104
The WebService in Bugzilla before 3.1.3 allows remote authenticated users without canconfirm privileges to create NEW or ASSIGNED bug entries via a request to the XML-RPC interface, which bypasses the canconfirm check.
Thu, 8 May 08
Bugzilla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2103
Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list.
Thu, 8 May 08
backlink_spider
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2096
SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php.
Wed, 7 May 08
com_flippingbook, flipping_book
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2095
SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
Wed, 7 May 08
Article Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2094
SQL injection vulnerability in article.php in the Article module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 7 May 08
community_builder, com_comprofiler
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2093
SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.
Wed, 7 May 08
SPA-2102 Phone Adapter
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2092
Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.
Wed, 7 May 08
kubelance
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2091
Directory traversal vulnerability in ipn.php in KubeLabs Kubelance 1.6.4 allows remote attackers to include and execute arbitrary local files via the i parameter.
Wed, 7 May 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2090
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.
Wed, 7 May 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2089
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.
Wed, 7 May 08
php_forge
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2088
SQL injection vulnerability in admin/news.php in PHP Forge 3.0 beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in the news module to admin.php.
Wed, 7 May 08
Web Hosting Directory Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2087
SQL injection vulnerability in search_result.php in Softbiz Web Host Directory Script, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the host_id parameter, a different vector than CVE-2005-3817.
Wed, 7 May 08
Common Data Format
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2080
Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.
Wed, 7 May 08
InTouch, SuiteLink
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2005
The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length value in a Registration packet to TCP port 5413, which causes a memory allocation failure.
Wed, 7 May 08
MyArticles, myarticles_module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2084
SQL injection vulnerability in topics.php in the MyArticles 0.6 beta-1 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a listarticles action.
Wed, 7 May 08
hosting_index
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2083
SQL injection vulnerability in directory.php in Prozilla Hosting Index, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat_i