Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Thu, 31 Jul 08
ATutor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3368
PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.
Thu, 31 Jul 08
web_wiz_rich_text_editor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3367
Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web Wiz Rich Text Editor (RTE) 3.x and 4.x before 4.03 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
Thu, 31 Jul 08
Pligg CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3366
SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774.
Thu, 31 Jul 08
Pixelpost
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3365
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
Thu, 31 Jul 08
OfficeScan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3364
Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition Web-Deployment 7.3 build 1343 Patch 4 allows remote attackers to execute arbitrary code via a long string in the Server property, and possibly other properties. NOTE: some of these details are obtained from third party information.
Thu, 31 Jul 08
E-Learning System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3363
Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter.
Thu, 31 Jul 08
wp_downloads_manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3362
Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module 0.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension via the upfile parameter, then accessing it via a direct request to the file in wp-content/plugins/downloads-manager/upload/.
Thu, 31 Jul 08
intellitamper
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3361
Stack-based buffer overflow in IntelliTamper 2.07 allows remote web sites to execute arbitrary code via a long HTTP Server header.
Thu, 31 Jul 08
intellitamper
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3360
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494.
Thu, 31 Jul 08
intranet_knowledgebase
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3359
SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 31 Jul 08
intranet_knowledgebase
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3100
Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php.
Thu, 31 Jul 08
probe_builder, openview_internet_services
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1667
The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode.
Wed, 30 Jul 08
Camera Life
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3355
SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
Wed, 30 Jul 08
newbb_plus_module, RunCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config.php, different vectors than CVE-2006-0659. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 30 Jul 08
lore
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3353
Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature.
Wed, 30 Jul 08
live_music_plus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3352
SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a Singer action.
Wed, 30 Jul 08
atomphotoblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3351
SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote attackers to execute arbitrary SQL commands via the photoId parameter in a show action.
Wed, 30 Jul 08
dnsmasq
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3350
dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214.
Wed, 30 Jul 08
data_ontap
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3349
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.
Wed, 30 Jul 08
cygwin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3323
setup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which allows remote Cygwin mirror servers or man-in-the-middle attackers to execute arbitrary code via a package list containing the MD5 checksum of a Trojan horse package.
Wed, 30 Jul 08
RealPlayer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3066
Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file.
Wed, 30 Jul 08
RealPlayer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3064
Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability."
Wed, 30 Jul 08
Coreutils
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1946
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module.
Wed, 30 Jul 08
RealPlayer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5400
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
Wed, 30 Jul 08
easydynamicpages
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3348
Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the year parameter.
Wed, 30 Jul 08
easydynamicpages
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3347
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the year parameter.
Wed, 30 Jul 08
shopcart_dx
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3346
SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Wed, 30 Jul 08
easye-cards
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3345
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action.
Wed, 30 Jul 08
easye-cards
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3344
Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a allow remote attackers to inject arbitrary web script or HTML via the (1) ResultHtml, (2) dir, (3) SenderName, (4) RecipientName, (5) SenderMail, and (6) RecipientMail parameters.
Wed, 30 Jul 08
easypublish
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3343
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action.
Wed, 30 Jul 08
easypublish
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3342
Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_News action.
Wed, 30 Jul 08
jobsite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3341
Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers to execute arbitrary SQL commands via the (1) jobcountryid and (2) jobstateid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 30 Jul 08
jobsite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3340
Cross-site scripting (XSS) vulnerability in search_result.cfm in Jobbex JobSite allows remote attackers to inject arbitrary web script or HTML via the searchFor variable (possibly the opt parameter.)
Wed, 30 Jul 08
jobbex_jobsite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3339
search_result.cfm in Jobbex JobSite allows remote attackers to obtain sensitive information via unspecified vectors that reveal the installation path in an error message.
Tue, 29 Jul 08
PunBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3336
Multiple cross-site scripting (XSS) vulnerabilities in PunBB before 1.2.19 allow remote attackers to inject arbitrary web script or HTML via (1) include/parser.php and (2) moderate.php.
Tue, 29 Jul 08
PunBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3335
Unspecified vulnerability in PunBB before 1.2.19 allows remote attackers to inject arbitrary SMTP commands via unknown vectors.
Tue, 29 Jul 08
MyBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3334
Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 29 Jul 08
Mantis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3333
Directory traversal vulnerability in core/lang_api.php in Mantis before 1.1.2 allows remote attackers to read and include arbitrary files via the language parameter to the user preferences page (account_prefs_update.php).
Tue, 29 Jul 08
Mantis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3332
Eval injection vulnerability in adm_config_set.php in Mantis before 1.1.2 allows remote authenticated administrators to execute arbitrary code via the value parameter.
Tue, 29 Jul 08
Mantis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3331
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter.
Tue, 29 Jul 08
horde, turba
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3330
Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote attackers to inject arbitrary web script or HTML via the contact name.
Tue, 29 Jul 08
links
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3329
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
Tue, 29 Jul 08
Trac
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3328
Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Tue, 29 Jul 08
trac
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2951
Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter.
Tue, 29 Jul 08
Moodle
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3327
Moodle 1.6.5, when display_errors is enabled, allows remote attackers to obtain the full installation path via a direct request to (1) blog/blogpage.php and (2) course/report/stats/report.php, which leaks the path in an error message.
Tue, 29 Jul 08
Moodle
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3326
Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the etitle parameter (blog entry title).
Tue, 29 Jul 08
Moodle
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3325
Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page.
Tue, 29 Jul 08
recipe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3322
admin/index.php in Maian Recipe 1.2 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary recipe_cookie cookie.
Tue, 29 Jul 08
maian_uploader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3321
admin/index.php in Maian Uploader 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie.
Tue, 29 Jul 08
guestbook
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3320
admin/index.php in Maian Guestbook 3.2 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie.
Tue, 29 Jul 08
links
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3319
admin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie.
Tue, 29 Jul 08
Weblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3318
admin/index.php in Maian Weblog 4.0 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.
Tue, 29 Jul 08
maian_search
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3317
admin/index.php in Maian Search 1.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie.
Tue, 29 Jul 08
forum_plugin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3316
Cross-site scripting (XSS) vulnerability in the search feature in the Forum plugin before 2.7.1 for Geeklog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to (1) public_html/index.php, (2) config.php, and (3) functions.inc.
Tue, 29 Jul 08
Claroline
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3315
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the (1) query string to (a) announcements/messages.php; (b) lostPassword.php and (c) profile.php in auth/; (d) calendar/myagenda.php; (e) group/group.php; (f) learningPath.php, (g) learningPathList.php, and (h) module.php in learnPath/; (i) phpbb/index.php; (j) courseLog.php, (k) course_access_details.php, (l) delete_course_stats.php, (m) userLog.php, and (...
Tue, 29 Jul 08
Zdaemon
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3314
ZDaemon 1.08.07 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted type 6 command, which triggers a NULL pointer dereference.
Tue, 29 Jul 08
creacms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3313
Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) cfg[document_uri] parameter to _administration/edition_article/edition_article.php and the (2) cfg[base_uri_admin] parameter to _administration/fonctions/get_liste_langue.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 29 Jul 08
lemon_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3312
Directory traversal vulnerability in lemon_includes/FCKeditor/editor/filemanager/browser/browser.php in Lemon CMS 1.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be an issue in FCKeditor.
Tue, 29 Jul 08
Flip
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3311
PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter.
Tue, 29 Jul 08
pre_survey_poll
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3310
SQL injection vulnerability in default.asp in Pre Survey Poll allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Tue, 29 Jul 08
digileave
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3309
SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
Tue, 29 Jul 08
youtube_blog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3308
PHP remote file inclusion vulnerability in cuenta/cuerpo.php in C. Desseno YouTube Blog (ytb) 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the base_archivo parameter.
Tue, 29 Jul 08
c_desseno_youtube_blog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3307
SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306.
Tue, 29 Jul 08
c_desseno_youtube_blog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3306
SQL injection vulnerability in info.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3307. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 26 Jul 08
youtube_blog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3305
Cross-site scripting (XSS) vulnerability in mensaje.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to inject arbitrary web script or HTML via the m parameter.
Sat, 26 Jul 08
bilboblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3304
BilboBlog 0.2.1 allows remote attackers to obtain sensitive information via (1) an enable_cache=false query string to footer.php or (2) a direct request to pagination.php, which reveals the installation path in an error message.
Sat, 26 Jul 08
bilboblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3303
admin/login.php in BilboBlog 0.2.1, when register_globals is enabled, allows remote attackers to bypass authentication and obtain administrative access via a direct request that sets the login, admin_login, password, and admin_passwd parameters.
Sat, 26 Jul 08
bilboblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3302
SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magic_quotes_gpc is disabled, allows remote authenticated administrators to execute arbitrary SQL commands via the num parameter.
Sat, 26 Jul 08
bilboblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3301
Multiple cross-site scripting (XSS) vulnerabilities in BilboBlog 0.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) content parameter to admin/update.php, related to conflicting code in widget.php; and allow remote attackers to inject arbitrary web script or HTML via the (2) titleId parameter to head.php, reachable through index.php; the (3) t_lang[lang_copyright] parameter to footer.php; the (4) content parameter to the default URI under admin/...
Sat, 26 Jul 08
alphadmin_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3300
AlphAdmin CMS 1.0.5/03 allows remote attackers to bypass authentication and gain administrative access by setting the aa_login cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 26 Jul 08
esyndicat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3299
eSyndiCat 1.6 allows remote attackers to bypass authentication and gain administrative access by setting the admin_lng cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 26 Jul 08
Social Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3298
SocialEngine (SE) before 2.83 grants certain write privileges for templates, which allows remote authenticated administrators to execute arbitrary PHP code.
Sat, 26 Jul 08
Social Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3297
Multiple SQL injection vulnerabilities in SocialEngine (SE) before 2.83 allow remote attackers to execute arbitrary SQL commands via (1) an se_user cookie to include/class_user.php or (2) an se_admin cookie to include/class_admin.php.
Sat, 26 Jul 08
Xoops
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3296
Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 26 Jul 08
Xoops
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3295
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in XOOPS 2.0.18.1 allows remote attackers to inject arbitrary web script or HTML via the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 26 Jul 08
VIM
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3294
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by writing to this file during a time window associated with a race condition.
Sat, 26 Jul 08
EZWebAlbum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3293
Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter.
Sat, 26 Jul 08
EZWebAlbum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3292
constants.inc in EZWebAlbum 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the photoalbumadmin cookie, as demonstrated via addpage.php.
Sat, 26 Jul 08
aproxengine, aprox_cms_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3291
SQL injection vulnerability in index.php in AproxEngine (aka Aprox CMS Engine) 5.1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 26 Jul 08
Retrospect Backup Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3290
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via a series of long packets containing 0x00 characters to TCP port 497 that trigger memory corruption, probably involving an English product version on a Chinese OS version.
Sat, 26 Jul 08
Retrospect Backup Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3289
EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified point, which allows remote attackers to obtain sensitive information via a crafted packet.
Sat, 26 Jul 08
dantz_retrospect_backup_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3288
The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords.
Sat, 26 Jul 08
Retrospect Backup Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3287
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via malformed packets to TCP port 497, which trigger a NULL pointer dereference.
Sat, 26 Jul 08
SWAT 4
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3286
SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS string.
Sat, 26 Jul 08
filesys_smbclientparser
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3285
The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.
Sat, 26 Jul 08
winremotepc_lite, winremotepc_full
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3269
WRPCServer.exe in WinSoftMagic WinRemotePC (WRPC) Lite 2008 and Full 2008 allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet to TCP port 4321.
Sat, 26 Jul 08
phpScheduleIt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3268
Unspecified vulnerability in phpScheduleIt 1.2.0 through 1.2.9, when useLogonName is enabled, allows remote attackers with administrator email address knowledge to bypass restrictions and gain privileges via unspecified vectors related to login names. NOTE: some of these details are obtained from third party information.
Sat, 26 Jul 08
mojojobs
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3267
SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary SQL commands via the cat_a parameter.
Sat, 26 Jul 08
hotel_reservation_system_multi
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3266
SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Reservation System (HRS) Multi allows remote attackers to execute arbitrary SQL commands via the key parameter.
Sat, 26 Jul 08
com_dtregister
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3265
SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php.
Sat, 26 Jul 08
CVE-2008-3264 (Open Source, Asterisk Business Edition, AsteriskNOW, Asterisk Appliance Developer...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3264
The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request.
Sat, 26 Jul 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3247
The LDT implementation in the Linux kernel 2.6.25.x on x86_64 platforms uses an incorrect size for ldt_desc, which allows local users to cause a denial of service (system crash) or possibly gain privileges via unspecified vectors.
Thu, 24 Jul 08
Asterisk
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3263
Asterisk allows remote attackers to cause a denial of service (CPU consumption) by quickly sending a large number of IAX POKE requests.
Thu, 24 Jul 08
Claroline
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3262
Cross-site request forgery (CSRF) vulnerability in Claroline before 1.8.10 allows remote attackers to change passwords, related to lack of a requirement for the previous password.
Thu, 24 Jul 08
Claroline
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3261
Open redirect vulnerability in claroline/redirector.php in Claroline before 1.8.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Thu, 24 Jul 08
Claroline
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3260
Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via (1) the cwd parameter in a rqMkHtml action to document/rqmkhtml.php, or the query string to (2) announcements/announcements.php, (3) calendar/agenda.php, (4) course/index.php, (5) course_description/index.php, (6) document/document.php, (7) exercise/exercise.php, (8) group/group_space.php, (9) phpbb/newtopic.php, (10) phpbb/reply.php, (11) phpbb/view...
Thu, 24 Jul 08
OpenSSH
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3259
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
Thu, 24 Jul 08
Zoph
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3258
Multiple SQL injection vulnerabilities in Zoph before 0.7.0.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 24 Jul 08
weblogic_server, WebLogic Server, apache_connector_in_weblogic_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3257
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request. NOTE: it is possible that this overlaps CVE-2008-2579 or another issue disclosed in Oracle's CPUJul2008 advisory.
Thu, 24 Jul 08
Siteframe Beaumont, siteframe_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3256
SQL injection vulnerability in folder.php in Siteframe CMS 3.2.3 and earlier, and Siteframe Beaumont 5.0.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 24 Jul 08
webproxy
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3255
Cross-site scripting (XSS) vulnerability in LunarNight Laboratory WebProxy 1.7.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 24 Jul 08
precms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3254
SQL injection vulnerability in index.php in preCMS 1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a UserProfil action.
Thu, 24 Jul 08
xenserver
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3253
Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 24 Jul 08
libxcrypt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3188
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.
Wed, 23 Jul 08
newsx
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3252
Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period.
Wed, 23 Jul 08
tplsoccersite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3251
Multiple SQL injection vulnerabilities in tplSoccerSite 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the opp parameter to tampereunited/opponent.php; or the id parameter to (2) index.php, (3) player.php, (4) matchdetails.php, or (5) additionalpage.php in tampereunited/.
Wed, 23 Jul 08
arctic_issue_tracker
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3250
SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to execute arbitrary SQL commands via the filter parameter.
Wed, 23 Jul 08
thinkvantage_system_update
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3249
The client in Lenovo System Update before 3.14 does not properly validate the certificate when establishing an SSL connection, which allows remote attackers to install arbitrary packages via an SSL certificate whose X.509 headers match a public certificate used by IBM.
Wed, 23 Jul 08
CVE-2008-3246 (unite, enterprise_server, Blackberry Enterprise Server, blackberry_unite, blackbe...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3246
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.
Wed, 23 Jul 08
phphoo3
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3245
SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 allows remote attackers to execute arbitrary SQL commands via the viewCat parameter.
Wed, 23 Jul 08
F-Prot Antivirus, scanning_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3244
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.
Wed, 23 Jul 08
F-Prot Antivirus, scanning_engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3243
Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash.
Wed, 23 Jul 08
ppmedia_class
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3242
Heap-based buffer overflow in the PPMedia Class ActiveX control in PPMPlayer.dll in PPMate 2.3.1.93 allows remote attackers to execute arbitrary code via a long argument to the StartUrl method. NOTE: some of these details are obtained from third party information.
Wed, 23 Jul 08
ultrastats
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3241
SQL injection vulnerability in players-detail.php in UltraStats 0.2.136, 0.2.140, and 0.2.142 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 23 Jul 08
Affiliate Network Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3240
SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action.
Tue, 22 Jul 08
phpizabi
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3239
Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote attackers to upload and execute arbitrary code via a filename in the CONF[CRON_LOGFILE] parameter and file contents in the CONF[LOCALE_LONG_DATE_TIME] parameter.
Tue, 22 Jul 08
iTechBids
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3238
Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php.
Tue, 22 Jul 08
iTechBids
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3237
Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter.
Tue, 22 Jul 08
WebSphere Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3236
Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties" that are not encrypted.
Tue, 22 Jul 08
WebSphere Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3235
Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors.
Tue, 22 Jul 08
zypper
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3187
zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service (package data corruption) via a spoofed key.
Tue, 22 Jul 08
OpenSSH
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3234
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
Tue, 22 Jul 08
WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3233
Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 22 Jul 08
Dotclear
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3232
Unspecified vulnerability in dotclear before 1.2.8 has unknown impact and attack vectors related to a missing "Images upload vulnerability fix."
Tue, 22 Jul 08
xine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3231
xine allows user-assisted attackers to cause a denial of service (application crash) via a crafted OGG file, as demonstrated by lol-ffplay.ogg.
Tue, 22 Jul 08
lavf_demuxer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3230
The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif.
Tue, 22 Jul 08
op
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3229
Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local users to gain privileges via a long XAUTHORITY environment variable.
Tue, 22 Jul 08
Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3228
Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.
Tue, 22 Jul 08
Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3227
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
Tue, 22 Jul 08
Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3226
The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.
Tue, 22 Jul 08
Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3225
Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."
Tue, 22 Jul 08
phpBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3224
Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()."
Tue, 22 Jul 08
Drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3223
SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."
Tue, 22 Jul 08
Drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3222
Session fixation vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors.
Tue, 22 Jul 08
Drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3221
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.
Tue, 22 Jul 08
Drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3220
Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."
Tue, 22 Jul 08
filter_xss_admin_function
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3219
The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before 6.3 does not "prevent use of the object HTML tag in administrator input," which has unknown impact and attack vectors, probably related to an insufficient cross-site scripting (XSS) protection mechanism.
Tue, 22 Jul 08
Drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3218
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) free tagging taxonomy terms, which are not properly handled on node preview pages, and (2) unspecified OpenID values.
Tue, 22 Jul 08
Recursor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3217
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
Tue, 22 Jul 08
projectl
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3216
The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
Tue, 22 Jul 08
ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3215
libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.
Sat, 19 Jul 08
dnsmasq
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3214
dnsmasq 2.25 allows remote attackers to cause a denial of service (1) renewing a non-existent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network.
Sat, 19 Jul 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2934
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.
Sat, 19 Jul 08
webcms_portal_edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3213
SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter to portal/index.php in a tablon action. NOTE: some of these details are obtained from third party information.
Sat, 19 Jul 08
free_image_hosting_script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3212
Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 19 Jul 08
free_image_hosting_script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3211
Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.
Sat, 19 Jul 08
resiprocate
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3210
rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.
Sat, 19 Jul 08
black_ice_document_imaging_sdk
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3209
Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SDK 10.95 allows remote attackers to execute arbitrary code via a long string argument to the GetNumberOfImagesInGifFile method in the BIImgFrm Control ActiveX control in biimgfrm.ocx. NOTE: some of these details are obtained from third party information.
Sat, 19 Jul 08
simple_dns_plus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3208
Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 allows remote attackers to cause a denial of service via multiple DNS reply packets.
Sat, 19 Jul 08
pragyan_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3207
PHP remote file inclusion vulnerability in cms/modules/form.lib.php in Pragyan CMS 2.6.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) sourceFolder or (2) moduleFolder parameter.
Sat, 19 Jul 08
yuhhu_pubs_black_cat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3206
SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter.
Fri, 18 Jul 08
wysi_wiki_wyg
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3205
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
Fri, 18 Jul 08
million_pixels
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3204
SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
Fri, 18 Jul 08
AuraCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3203
js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform authentication, which allows remote attackers to add, edit, and delete web content via a modified id parameter.
Fri, 18 Jul 08
xomol_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3202
Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the current_url parameter in a tellafriend action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 18 Jul 08
pagefusion
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3201
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) acct_fname and (2) acct_lname parameters in an edit action, and the (3) PID, (4) PGID, and (5) rez parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 18 Jul 08
avlc_forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3200
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote attackers to execute arbitrary SQL commands via the id parameter in an affich_message action.
Fri, 18 Jul 08
resiprocate
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3199
Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a denial of service (stack consumption) via unknown network traffic with a large "bytes-in-memory/bytes-on-wire ratio."
Fri, 18 Jul 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3198
Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute arbitrary code using CVE-2008-2933.
Fri, 18 Jul 08
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2933
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267.
Fri, 18 Jul 08
afuse
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2232
The expand_template function in afuse.c in afuse 0.2 allows local users to gain privileges via shell metacharacters in a pathname.
Fri, 18 Jul 08
Oracle for OpenView
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1666
Unspecified vulnerability in HP Oracle for OpenView (OfO) 8.1.7, 9.1.01, 9.2, 9.2.0, 10g, and 10gR2 has unknown impact and attack vectors, possibly related to the July 2008 Oracle Critical Patch Update.
Fri, 18 Jul 08
hpsi_active_directory_bidirectional_ldap_connector
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1665
Multiple unspecified vulnerabilities in HP Select Identity (HPSI) Active Directory Bidirectional LDAP Connector 2.20, 2.20.001, 2.20.002, and 2.30 allow remote attackers to execute arbitrary code via unspecified vectors.
Fri, 18 Jul 08
phpMyAdmin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3197
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the "Creating a Database" functionality (db_create.php) and (2) unspecified vectors that modify the connection character set.
Fri, 18 Jul 08
yacc
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3196
skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack.
Fri, 18 Jul 08
Pluck
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3194
Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) langpref, (2) file, (3) blogpost, or (4) cat parameter.
Fri, 18 Jul 08
jsite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3193
SQL injection vulnerability in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the page parameter to the default URI.
Fri, 18 Jul 08
jsite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3192
Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
Fri, 18 Jul 08
mforum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3191
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.
Fri, 18 Jul 08
codedb
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3190
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Thu, 17 Jul 08
dreamnews_manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3189
SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 17 Jul 08
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3145
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.
Wed, 16 Jul 08
peoplesoft_peopletools_component, PeopleSoft Enterprise, JD Edwards EnterpriseOne
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2622
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
peoplesoft_peopletools_component, PeopleSoft Enterprise, JD Edwards EnterpriseOne
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2621
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
peoplesoft_peopletools_component, PeopleSoft Enterprise, JD Edwards EnterpriseOne
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2620
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
peoplesoft_peopletools_component, PeopleSoft Enterprise, JD Edwards EnterpriseOne
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2618
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
peoplesoft_peopletools_component, PeopleSoft Enterprise, JD Edwards EnterpriseOne
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2617
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
PeopleSoft PeopleTools, PeopleSoft Enterprise, JD Edwards EnterpriseOne
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2616
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
peoplesoft_peopletools_component, PeopleSoft Enterprise, JD Edwards EnterpriseOne
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2615
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
oracle_http_server_component, Oracle Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2614
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.3.3 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
Database 10g, database_scheduler, Database 11g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2613
Unspecified vulnerability in the Database Scheduler component in Oracle Database 10.2.0.4 and 11.1.0.6 has unknown impact and local attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this is an untrusted search path issue that allows local users to execute arbitrary code via a malicious library.
Wed, 16 Jul 08
hyperion_bi_plus_component, Oracle Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2612
Unspecified vulnerability in the Hyperion BI Plus component in Oracle Application Server 8.3.2.4, 8.5.0.3, 9.2.0.3, 9.2.1.0, and 9.3.1.0 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
core_rdbms_component, Oracle Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2611
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
oracle_applications_technology_stack_component, E-Business Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2610
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
oracle_portal_component, Oracle Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2609
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
Database 10g, data_pump_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2608
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote authenticated attack vectors related to SYS.KUPF$FILE_INT.
Wed, 16 Jul 08
advanced_queuing_component, Database 9i, Database 10g, Database 11g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2607
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly arbitrary code via a lon...
Wed, 16 Jul 08
application_object_library, E-Business Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2606
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
Database 11g, authentication_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2605
Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
authentication_component, Database 11g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2604
Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
Enterprise Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2603
Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6, and Database Control in Enterprise Manager, has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
data_pump_component, Database 10g, Database 11g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2602
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to the IMP_FULL_DATABASE role.
Wed, 16 Jul 08
E-Business Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2601
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
Oracle Database, spatial_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2600
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to MDSYS.SDO_TOPO_MAP.
Wed, 16 Jul 08
times_ten_client_server, times_ten_in_memory_database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2599
Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2598.
Wed, 16 Jul 08
times_ten_client_server, times_ten_in_memory_database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2598
Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2599.
Wed, 16 Jul 08
times_ten_client_server_component, times_ten_in_memory_database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2597
Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2598 and CVE-2008-2599.
Wed, 16 Jul 08
E-Business Suite, mobile_application_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2596
Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0.3 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
Database 9i, Database 10g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2595
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.
Wed, 16 Jul 08
oracle_portal_component, Oracle Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2594
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
oracle_portal_component, Application Server 10g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2593
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
advanced_replication_component, Oracle Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2592
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_DEFER_SYS.
Wed, 16 Jul 08
Database 9i, Database 10g, Database 11g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2591
Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
Database 10g, instance_management_component, Enterprise Manager 10g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2590
Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
oracle_portal_component, Oracle Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2589
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.4.1 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
advanced_replication, Database 9i, Database 10g
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2587
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors.
Wed, 16 Jul 08
application_object_library, E-Business Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2586
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
E-Business Suite, report_manager_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2585
Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
oracle_portal_component, application_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2583
Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in Oracle Application Server, as available from OTN before 20080715, has unknown impact and remote attack vectors.
Wed, 16 Jul 08
weblogic_server_component, bea_product_suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2582
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
bea_product_suite, weblogic_server_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2581
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.
Wed, 16 Jul 08
weblogic_server_component, bea_product_suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2580
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
bea_product_suite, weblogic_server_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2579
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
Wed, 16 Jul 08
bea_product_suite, webloic_server_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2578
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 and 9.2 MP1 has unknown impact and local attack vectors.
Wed, 16 Jul 08
bea_product_suite, webloic_server_component
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2577
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors.
Wed, 16 Jul 08
bea_product_suite, weblogic_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2576
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors.
Wed, 16 Jul 08
Chipmunk Blogger
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3186
Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comments.php, (3) photos.php, (4) archive.php, or (5) cat.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 16 Jul 08
relative_real_estate_systems
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3185
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
Wed, 16 Jul 08
vbulletin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3184
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.10 PL2 and earlier, and 3.7.2 and earlier 3.7.x versions, allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO (PHP_SELF) or (2) the do parameter, as demonstrated by requests to upload/admincp/faq.php. NOTE: this issue can be leveraged to execute arbitrary PHP code.
Wed, 16 Jul 08
gapicms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3183
PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/toolbar.php in gapicms 9.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the dirDepth parameter.
Wed, 16 Jul 08
download_accelerator_plus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3182
Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (DAP) 7.0.1.3, 8.6.6.3, and other 8.x versions allows user-assisted remote attackers to execute arbitrary code via an M3U (.m3u) file containing a long MP3 URL.
Wed, 16 Jul 08
content_now
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3181
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.
Wed, 16 Jul 08
contentnow_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3180
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.
Wed, 16 Jul 08
phpdatingclub
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3179
Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page argument.
Wed, 16 Jul 08
webxell_editor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3178
Unrestricted file upload vulnerability in upload_pictures.php in WebXell Editor 0.1.3 allows remote attackers to execute arbitrary code by uploading a .php file with a jpeg content type, then accessing it via a direct request to the file in upload/.
Wed, 16 Jul 08
ES1000, ES4000, Sophos PureMessage Anti-Virus, Sophos Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3177
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.
Wed, 16 Jul 08
ie
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3173
Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix with more than one dot character, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." NOTE: this issue may exist because of an insufficient fix for CVE-2004-0866.
Wed, 16 Jul 08
opera
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3172
Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking."
Wed, 16 Jul 08
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3171
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
Wed, 16 Jul 08
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3170
Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867.
Wed, 16 Jul 08
Empire Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3169
Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information.
Wed, 16 Jul 08
Empire Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3168
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed.
Wed, 16 Jul 08
Dolphin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3167
Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dir[plugins] parameter to (a) HTMLSax3.php and (b) safehtml.php in plugins/safehtml/ and the (2) sIncPath parameter to (c) ray/modules/global/inc/content.inc.php.
Wed, 16 Jul 08
ray
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3166
PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sIncPath parameter.
Wed, 16 Jul 08
fuzzylime_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3165
Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805.
Wed, 16 Jul 08
fuzzylime_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3164
Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter.
Wed, 16 Jul 08
dodos_mail
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3163
Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 16 Jul 08
FFmpeg
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3162
Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.
Wed, 16 Jul 08
maximo
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3161
Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1 and 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Accept, (2) Accept-Language, (3) UA-CPU, (4) Accept-Encoding, (5) User-Agent, or (6) Cookie HTTP header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 16 Jul 08
data_ontap
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3160
Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1.3, as used by IBM System Storage N series Filer and IBM System Storage N series Gateway, have unknown impact and attack vectors.
Wed, 16 Jul 08
eDirectory
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3159
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
Wed, 16 Jul 08
Xcode Tools
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2318
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
Wed, 16 Jul 08
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2317
Unspecified vulnerability in WebCore in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving style sheet elements that trigger memory corruption, probably during garbage collection, a different vulnerability than CVE-2008-1590.
Wed, 16 Jul 08
core_image_fun_house
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2304
Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters.
Wed, 16 Jul 08
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2303
Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an out-of-bounds access, a different vulnerability than CVE-2008-2307.
Tue, 15 Jul 08
eDirectory
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1809
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
Tue, 15 Jul 08
javascriptcore
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1590
JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317.
Tue, 15 Jul 08
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1589
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web sites.
Tue, 15 Jul 08
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1588
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL.
Tue, 15 Jul 08
Novell Client for Windows
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3158
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory.
Tue, 15 Jul 08
sip_multimedia_pc_client_MCS5100, sip_multimedia_pc_client_mcs5200
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3157
Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit the number of concurrent sessions, which allows attackers to cause a denial of service (resource consumption) via a large number of sessions.
Tue, 15 Jul 08
Panda ActiveScan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3156
The ActiveScan ActiveX Control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to download and execute arbitrary cabinet (CAB) files via unspecified URLs passed to the Update method.
Tue, 15 Jul 08
Panda ActiveScan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3155
Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method.
Tue, 15 Jul 08
Content Management System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3154
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter.
Tue, 15 Jul 08
triton_cms_pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3153
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
Tue, 15 Jul 08
SmartPPC, SmartPPC Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3152
SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter.
Tue, 15 Jul 08
4ndvddb
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3151
SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action.
Tue, 15 Jul 08
atomic_edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3150
Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files, as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php.
Tue, 15 Jul 08
Firepass 1200
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3149
The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of service (daemon crash) by walking the hrSWInstalled OID branch in HOST-RESOURCES-MIB.
Tue, 15 Jul 08
OllyDbg, ImpRec
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3148
Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string.
Tue, 15 Jul 08
wefi
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3147
WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) WPA, and (3) WPA2 access-point keys in (a) ClientWeFiLog.dat, (b) ClientWeFiLog.bak, and possibly (c) a certain .inf file under %PROGRAMFILES%\WeFi\Users\, and uses cleartext for the ClientWeFiLog files, which allows local users to obtain sensitive information by reading these files.
Sat, 12 Jul 08
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3141
Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.
Sat, 12 Jul 08
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3140
The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."
Sat, 12 Jul 08
Wireshark, rpath_linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3139
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
Sat, 12 Jul 08
Wireshark, rpath_linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3138
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.
Sat, 12 Jul 08
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3137
The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
Sat, 12 Jul 08
AShop Deluxe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3136
SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Sat, 12 Jul 08
soldner_secret_wars
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3135
Soldner Secret Wars 33724 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a large numeric value in a 0x80 data block.
Sat, 12 Jul 08
GraphicsMagick
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3134
Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
Sat, 12 Jul 08
barenuked_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3133
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter.
Sat, 12 Jul 08
com_beamospetition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3132
SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.
Sat, 12 Jul 08
psys
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3131
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter.
Sat, 12 Jul 08
OpenCart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3130
Multiple cross-site scripting (XSS) vulnerabilities in index.php in OpenCart 0.7.7 allow remote attackers to inject arbitrary web script or HTML via the (1) firstname and (2) search parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 12 Jul 08
Catviz
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3129
Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value paramter in the news page and (2) webpage parameter in the webpage_multi_edit form.
Sat, 12 Jul 08
Pivot
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3128
Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter.
Sat, 12 Jul 08
Banner Rotator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3127
PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter.
Sat, 12 Jul 08
ServerView
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3126
Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL.
Sat, 12 Jul 08
Lastminute Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3125
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Sat, 12 Jul 08
Hotel Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3124
SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter.
Sat, 12 Jul 08
CVE-2008-3123
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3123
SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
Sat, 12 Jul 08
CentreWare Web
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3122
Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
Sat, 12 Jul 08
CentreWare Web
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3121
Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Sat, 12 Jul 08
Dokeos
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3120
Directory traversal vulnerability in user_portal.php in Dokeos 1.8.5, when running on Windows, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the include parameter.
Fri, 11 Jul 08
dream_pics_builder
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3119
SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter.
Fri, 11 Jul 08
phpmotion
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3118
SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.
Fri, 11 Jul 08
phpmotion
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3117
Unrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a .php file with a content type of (1) image/gif, (2) image/jpeg, or (3) image/pjpeg, then accessing it via a direct request to the file under pictures/.
Fri, 11 Jul 08
5th_street, high_street_5, hot_step
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3116
Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou Snail Electronic Company) 5th street (aka Hot Step or High Street 5) allows remote attackers to execute arbitrary code via format string specifiers in a chat message.
Fri, 11 Jul 08
openssl
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1678
Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
Fri, 11 Jul 08
JDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3115
Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.
Fri, 11 Jul 08
JDK, JRE, SDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3114
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.
Fri, 11 Jul 08
JDK, JRE, SDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3113
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.
Fri, 11 Jul 08
JDK, JRE, SDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3112
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via an untrusted application, aka CR 6703909.
Fri, 11 Jul 08
JDK, JRE, SDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3111
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs, aka CR 6557220.
Fri, 11 Jul 08
JRE, JDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3110
Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.
Fri, 11 Jul 08
JDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3109
Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Fri, 11 Jul 08
JDK, SDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3108
Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.
Fri, 11 Jul 08
JDK, JRE, SDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3107
Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
Fri, 11 Jul 08
JDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3106
Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.
Fri, 11 Jul 08
JDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3105
Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted application.
Fri, 11 Jul 08
JDK, SDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3104
Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.
Fri, 11 Jul 08
JDK, JRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3103
Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via unspecified vectors.
Fri, 11 Jul 08
office_word
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2244
Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.
Fri, 11 Jul 08
tinytax_taxonomy_block_module_for_drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3097
Cross-site scripting (XSS) vulnerability in the Tinytax module (aka Tinytax taxonomy block) 5.x before 5.x-1.10-1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML, probably by creating a crafted taxonomy term.
Fri, 11 Jul 08
outline_designer_module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3096
The Outline Designer module 5.x before 5.x-1.4 for Drupal changes each content reader's authentication level to match that of the content author, which might allow remote attackers to gain privileges.
Fri, 11 Jul 08
Drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3095
Cross-site scripting (XSS) vulnerability in the Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote authenticated users, with group owner permissions, to inject arbitrary web script or HTML via unspecified vectors.
Fri, 11 Jul 08
organic_groups_module, Drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3094
The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote attackers to obtain sensitive information (private group names) via unspecified vectors.
Fri, 11 Jul 08
imperialbb
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3093
Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
Fri, 11 Jul 08
taxonomy_autotagger_module_for_drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3092
SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors.
Fri, 11 Jul 08
taxonomy_autotagger_module_for_drupal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3091
Cross-site scripting (XSS) vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to inject arbitrary web script or HTML via unspecified vectors.
Thu, 10 Jul 08
blognplus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3090
Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
Thu, 10 Jul 08
xpoze_pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3089
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
Thu, 10 Jul 08
kasseler_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3088
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
Thu, 10 Jul 08
kasseler_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3087
Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to index.php, possibly related to the phpManual module.
Thu, 10 Jul 08
robohelp_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2991
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log.
Thu, 10 Jul 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2931
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
Thu, 10 Jul 08
brightcode_weblinks_module, Joomla
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3083
SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Thu, 10 Jul 08
enterprise_anti-spam_gateway
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3082
Cross-site scripting (XSS) vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.
Thu, 10 Jul 08
Messaging Storage Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3081
Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration;...
Thu, 10 Jul 08
myBloggie
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3080
Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.
Thu, 10 Jul 08
opera
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3079
Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors.
Thu, 10 Jul 08
Opera
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3078
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image.
Thu, 10 Jul 08
linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3077
arch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x86_64 platform leaks task_struct references into the sys32_ptrace function, which allows local users to cause a denial of service (system crash) or have unspecified other impact via unknown vectors, possibly a use-after-free vulnerability.
Thu, 10 Jul 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2812
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
Thu, 10 Jul 08
fedora_8
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2376
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.
Thu, 10 Jul 08
vsftpd
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2375
Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
Thu, 10 Jul 08
System Management Homepage
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1663
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 10 Jul 08
FaName
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3653
Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script (aka FaScript) FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) key or (2) desc parameter to index.php, or (3) the name parameter to page.php.
Thu, 10 Jul 08
FaName
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3652
SQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328.
Thu, 10 Jul 08
FaName
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3651
class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a '; (quote semicolon) sequence in the id parameter, which reveals the installation path in an error message.
Thu, 10 Jul 08
myBloggie
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3650
myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (3) a mode array parameter in the query string to login.php, which reveal the installation path in various error messages.
Thu, 10 Jul 08
myBloggie
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1899
Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a viewuser action to index.php, and allow remote authenticated administrators to execute arbitrary SQL commands via (2) the post_id parameter in an edit action to admin.php.
Thu, 10 Jul 08
Mozilla, Firefox, SeaMonkey, Netscape
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2809
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
Thu, 10 Jul 08
exchange_srv
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2248
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 and 2007 up to SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247.
Thu, 10 Jul 08
exchange_srv
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2247
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 and 2007 up to SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.
Thu, 10 Jul 08
windows-nt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1454
Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to conduct cache poisoning attacks via unknown vectors, aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.
Thu, 10 Jul 08
Ubuntu, Debian Linux, windows, enterprise_linux, linux_advanced_workstation
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via certain cache poisoning techniques against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability."
Thu, 10 Jul 08
Windows Vista, Windows Server 2008
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1435
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
Thu, 10 Jul 08
sql_server, data_engine, sql_server_desktop_engine, sql_server_express_edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0107
Integer underflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via an on-disk file with a crafted record size value, which triggers a buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
Thu, 10 Jul 08
sql_server, data_engine, sql_server_desktop_engine, sql_server_express_edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0106
Buffer overflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via a crafted insert statement.
Thu, 10 Jul 08
sql_server, data_engine, sql_server_desktop_engine, sql_server_express_edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0086
Buffer overflow in the convert function in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
Thu, 10 Jul 08
sql_server, Data Engine, SQL Server Desktop Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0085
Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse.
Wed, 9 Jul 08
Simple Machines Forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3073
Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13 has unknown impact and attack vectors, probably cross-site scripting (XSS), related to "use of the html-tag."
Wed, 9 Jul 08
Simple Machines Forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3072
Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors.
Wed, 9 Jul 08
MyBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3071
Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable.
Wed, 9 Jul 08
MyBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3070
Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.
Wed, 9 Jul 08
MyBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3069
Multiple cross-site scripting (XSS) vulnerabilities in MyBB before 1.2.13 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) portal.php and (2) inc/functions_post.php.
Wed, 9 Jul 08
CVE-2008-3068 (windows_live_mail, Outlook, Office, Access, Excel, Frontpage, groove, InfoPath, O...)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
Wed, 9 Jul 08
OpenSuSE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3067
sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.
Wed, 9 Jul 08
poppler
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2950
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
Wed, 9 Jul 08
Pidgin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2927
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 allow remote attackers to execute arbitrary code via a malformed SLP message, a different vulnerability than CVE-2008-2955.
Wed, 9 Jul 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2811
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
Wed, 9 Jul 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2810
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shortcut.
Wed, 9 Jul 08
Linux, Thunderbird, SeaMonkey, Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2808
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
Wed, 9 Jul 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2807
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file.
Wed, 9 Jul 08
Thunderbird, SeaMonkey, Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2806
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin (JEP) and Java LiveConnect.
Wed, 9 Jul 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2805
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
Wed, 9 Jul 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2803
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrome: URIs, which allows remote attackers to execute arbitrary code via vectors involving third-party add-ons.
Wed, 9 Jul 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2802
Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level."
Wed, 9 Jul 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2801
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
Wed, 9 Jul 08
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2800
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest.
Wed, 9 Jul 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2799
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.
Wed, 9 Jul 08
Firefox, Thunderbird, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2798
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.
Wed, 9 Jul 08
open Suse
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2667
SQL injection vulnerability in courier-authlib in SUSE openSUSE 10.3 and 11.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
office_snapshot_viewer_activex
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2463
The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Wed, 9 Jul 08
VLC Media Player
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2430
Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.
Wed, 9 Jul 08
bluez_libs, bluez_utils
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2374
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
Wed, 9 Jul 08
PCRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2371
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
Wed, 9 Jul 08
Certificate Management System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1676
Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.
Wed, 9 Jul 08
codeon_petition_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3056
SQL injection vulnerability in the Codeon Petition (cd_petition) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
support_view_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3055
SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
Branchenbuch extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3054
SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
sql_frontend_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3053
SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
sql_frontend_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3052
Unspecified vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to cause a denial of service via unknown vectors.
Wed, 9 Jul 08
pinboard_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3051
SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
pdf_generator_2_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3050
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors.
Wed, 9 Jul 08
pdf_generator_2_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3049
The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors.
Wed, 9 Jul 08
pdf_generator_2_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3048
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality."
Wed, 9 Jul 08
kb_unpack_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3047
Incomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors.
Wed, 9 Jul 08
packman_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3046
Incomplete blacklist vulnerability in the Packman (kb_packman) extension 0.2.1 and earlier for TYPO3 has unknown impact and attack vectors.
Wed, 9 Jul 08
industry_database_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3045
Unspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."
Wed, 9 Jul 08
news_calendar_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3044
SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
wec_discussion_forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3043
Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows attackers to execute arbitrary code via vectors related to "certain file types."
Wed, 9 Jul 08
dam_frontend_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3042
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling."
Wed, 9 Jul 08
dam_frontend_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3041
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "broken access control."
Wed, 9 Jul 08
dam_frontend_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3040
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
Wed, 9 Jul 08
dam_frontend_extension
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3039
SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
address_directory
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3038
SQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 9 Jul 08
address_directory
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3037
Cross-site scripting (XSS) vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 9 Jul 08
cms_little
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3036
Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter.
Wed, 9 Jul 08
XChangeBoard
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3035
SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter.
Wed, 9 Jul 08
rss_aggregator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3034
Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) IdFlux parameter to admin/fonctions/supprimer_flux.php and the (2) IdTag parameter to admin/fonctions/supprimer_tag.php.
Wed, 9 Jul 08
rss_aggregator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3033
RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote attackers to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flux.php and (2) a TpsRafraich request to modifier_tps_rafraich.php.
Wed, 9 Jul 08
phpMyAdmin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3032
Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 9 Jul 08
simple_php_agenda
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3031
Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Wed, 9 Jul 08
efes_tech_shop
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3030
SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action.
Wed, 9 Jul 08
wec_discussion_forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3029
Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 9 Jul 08
send_a_card
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3028
Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 9 Jul 08
vangogh_web_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3027
SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php.
Wed, 9 Jul 08
OneClick CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3026
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 9 Jul 08
plx Web Studio Ad Trader
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3025
SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action.
Tue, 8 Jul 08
RTOS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3024
Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.
Tue, 8 Jul 08
freestyle_wiki, ie
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3023
Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and earlier development versions, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2005-1799.
Tue, 8 Jul 08
phportal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3022
Multiple PHP remote file inclusion vulnerabilities in sablonlar/gunaysoft/gunaysoft.php in PHPortal 1.2 Beta allow remote attackers to execute arbitrary PHP code via a URL in (1) icerikyolu, (2) sayfaid, and (3) uzanti parameters.
Sun, 6 Jul 08
Drupal, aggregation_module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3001
The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions.
Sun, 6 Jul 08
Drupal, aggregation_module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3000
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions.
Sun, 6 Jul 08
Drupal, aggregation_module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2999
Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sun, 6 Jul 08
Drupal, aggregation_module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2998
Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Sun, 6 Jul 08
gravity_board_x
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2997
Cross-site scripting (XSS) vulnerability in index.php in Gravity Board X (GBX) 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit (aka create new thread) action.
Sun, 6 Jul 08
gravity_board_x
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2996
Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action.
Sun, 6 Jul 08
phpeasydata
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2995
Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.
Sun, 6 Jul 08
phpeasydata
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2994
Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php.
Sun, 6 Jul 08
fog_forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2993
Multiple directory traversal vulnerabilities in index.php in FOG Forum 0.8.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) fog_lang and (2) fog_skin parameters, probably related to libs/required/share.inc; and possibly the (3) fog_pseudo, (4) fog_posted, (5) fog_password, and (6) fog_cook parameters.
Fri, 4 Jul 08
Joomla, com_facileforms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2990
PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter.
Fri, 4 Jul 08
homap
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2989
SQL injection vulnerability in index.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary SQL commands via the go parameter.
Fri, 4 Jul 08
benja_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2988
Unrestricted file upload vulnerability in admin/upload.php in Benja CMS 0.1 allows remote attackers to upload and execute arbitrary PHP files via unspecified vectors, followed by a direct request to the file in billeder/.
Fri, 4 Jul 08
benja_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2987
Multiple cross-site scripting (XSS) vulnerabilities in Benja CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin_edit_submenu.php, (2) admin_new_submenu.php, and (3) admin_edit_topmenu.php in admin/.
Fri, 4 Jul 08
phpdmca
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2986
Multiple PHP remote file inclusion vulnerabilities in phpDMCA 1.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the ourlinux_root_path parameter to (1) adodb-errorpear.inc.php and (2) adodb-pear.inc.php in adodb/.
Fri, 4 Jul 08
cmreams_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2985
Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter.
Fri, 4 Jul 08
cmreams_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2984
Cross-site scripting (XSS) vulnerability in backend/umleitung.php in CMReams CMS 1.3.1.1 Beta 2 allows remote attackers to inject arbitrary web script or HTML via the lang[be_red_text] parameter.
Fri, 4 Jul 08
demo4_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2983
SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 4 Jul 08
homeph_design
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2982
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/template_thumbnail.php, and the (2) language parameter to (b) account/account.php, (c) downloads/downloads.php, (d) forum/forum.php, (e) fotogalerie/delete.php, and (f) fotogalerie/fotogalerie.php in admin/features/.
Fri, 4 Jul 08
homeph_design
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2981
PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2.10 RC2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the thumb_template parameter.
Fri, 4 Jul 08
homeph_design
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2980
Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) error_meldung parameter to admin/features/register/register.php, the (2) feature_language[ueberschrift] parameter to admin/features/memberlist/memberlist.php, the (3) language_array[ueberschrift] parameter to admin/features/lostpassword/lostpassword.php, the (4) language_feature[titel] parameter to admin/features/kalender/eingabe.php, and the ...
Fri, 4 Jul 08
ourvideo_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2979
Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters.
Fri, 4 Jul 08
ourvideo_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2978
Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter.
Fri, 4 Jul 08
ourvideo_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2977
Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 allow remote attackers to execute arbitrary PHP code via a URL in the include_connection parameter to (1) edit_top_feature.php and (2) edit_topics_feature.php in phpi/.
Fri, 4 Jul 08
tinx_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2976
Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) language parameter to (a) include_me.php, (b) admin/ajax.php, and (c) admin/objects/catalog.ajaxhandler.php; and the (2) prefix parameter to (d) admin/inc/config.php.
Fri, 4 Jul 08
tinx_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2975
Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
Fri, 4 Jul 08
mm_chat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2974
Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter.
Fri, 4 Jul 08
mm_chat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2973
Multiple cross-site scripting (XSS) vulnerabilities in chathead.php in MM Chat 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sitename and (2) wmessage parameters.
Fri, 4 Jul 08
CVE-2008-2972 (kblance.com, php_knowledgebase_script)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2972
SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a comment action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 4 Jul 08
ciblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2971
SQL injection vulnerability in links-extern.php in CiBlog 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 4 Jul 08
academic_web_tools
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2970
Multiple session fixation vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to hijack web sessions by setting the PHPSESSID parameter to (1) index.php and (2) login.php in homepg/.
Fri, 4 Jul 08
academic_web_tools
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2969
Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the dfile parameter.
Fri, 4 Jul 08
academic_web_tools
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2968
SQL injection vulnerability in rating.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
Fri, 4 Jul 08
academic_web_tools
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2967
Multiple cross-site scripting (XSS) vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to login.php and the (2) glb_sid parameter to hta/htmlarea.js.php, and allow remote authenticated users to inject arbitrary web script or HTML via an unspecified field in room.php.
Fri, 4 Jul 08
JaxUltraBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2966
Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 3 Jul 08
jaxultrabb
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2965
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 3 Jul 08
researchguide
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2964
SQL injection vulnerability in guide.php in ResearchGuide 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 3 Jul 08
MyBlog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2963
Multiple SQL injection vulnerabilities in MyBlog allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
Thu, 3 Jul 08
MyBlog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2962
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.
Thu, 3 Jul 08
cms_mini
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2961
Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) path and (2) p parameter.
Thu, 3 Jul 08
phpMyAdmin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2960
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/.
Thu, 3 Jul 08
Visual Basic Enterprise Edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2959
Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function.
Thu, 3 Jul 08
linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2826
Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.
Thu, 3 Jul 08
linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2372
The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."
Thu, 3 Jul 08
checkinstall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2958
Race condition in (1) checkinstall 1.6.1 and (2) installwatch allows local users to overwrite arbitrary files and have other impacts via symlink and possibly other attacks on temporary working directories.
Thu, 3 Jul 08
Pidgin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2957
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.
Thu, 3 Jul 08
Pidgin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2956
Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via malformed XML documents.
Thu, 3 Jul 08
Pidgin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2955
Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
Thu, 3 Jul 08
direct_connect
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2954
client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via an empty private message, which triggers an out-of-bounds read.
Thu, 3 Jul 08
direct connect
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2953
Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.
Thu, 3 Jul 08
OpenLDAP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2952
liblber/io.c in OpenLDAP 2.3.41, 2.3.42, and possibly other versions allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error.
Thu, 3 Jul 08
Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2314
Dock in Apple Mac OS X 10.5 before 10.5.4, when Exposé hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors.
Thu, 3 Jul 08
Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2313
Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local users to gain privileges by inserting a Trojan horse file into this directory.
Thu, 3 Jul 08
Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2311
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file.
Thu, 3 Jul 08
Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2310
Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code.
Thu, 3 Jul 08
Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2309
Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.
Thu, 3 Jul 08
Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2308
Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information.
Wed, 2 Jul 08
Internet Explorer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2949
Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener.
Wed, 2 Jul 08
Internet Explorer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2948
Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener.
Wed, 2 Jul 08
Internet Explorer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2947
Cross-domain vulnerability in Microsoft Internet Explorer 6 allows remote attackers to access restricted information from other domains via JavaScript that uses the Object data type for the value of a (1) location or (2) location.href property.
Wed, 2 Jul 08
Solaris
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2946
The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets.
Wed, 2 Jul 08
Java System Access Manager, java_system_identity_server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2945
Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715, CVE-2007-3716, and CVE-2007-4289.
Wed, 2 Jul 08
linux kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2729
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Wed, 2 Jul 08
resin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2462
Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin before 3.0.25, and 3.1.x before 3.1.4, allows remote attackers to inject arbitrary web script or HTML via the file parameter.
Wed, 2 Jul 08
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0598
Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary.
Wed, 2 Jul 08
enterprise linux kernel, fedora core
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2944
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.
Wed, 2 Jul 08
Tivoli Directory Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2943
Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges...
Wed, 2 Jul 08
Desktop, Enterprise Linux AS, Enterprise Linux ES, Enterprise Linux WS, Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2365
Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514.
Wed, 2 Jul 08
Mercurial
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.
Wed, 2 Jul 08
WebMatic
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2925
SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Wed, 2 Jul 08
WebMatic
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2924
Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 2 Jul 08
List Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2923
Cross-site scripting (XSS) vulnerability in read/search/results in Lyris ListManager 8.8, 8.95, and 9.3d allows remote attackers to inject arbitrary web script or HTML via the words parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 2 Jul 08
Dana IRC Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2922
Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long IRC message.
Wed, 2 Jul 08
EZCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2921
SQL injection vulnerability in index.php in EZTechhelp EZCMS 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
Wed, 2 Jul 08
eztechhelp_ezcms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2920
admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files.
Wed, 2 Jul 08
gryphon_gllcts2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2919
SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter.
Wed, 2 Jul 08
cartweaver
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2918
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3.
Tue, 1 Jul 08
e-smart_cart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2917
SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
Tue, 1 Jul 08
pre_ads_portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2916
Multiple SQL injection vulnerabilities in Pre ADS Portal 2.0 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to showcategory.php and the (2) id parameter to software-description.php.
Tue, 1 Jul 08
pre_job_board
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2915
Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter.
Tue, 1 Jul 08
php_jobwebsite_pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2914
SQL injection vulnerability in jobseekers/JobSearch3.php (aka the search module) in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the (1) kw or (2) position parameter. NOTE: some of these details are obtained from third party information.
Tue, 1 Jul 08
devalcms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2913
Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php.
Tue, 1 Jul 08
Contenido_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2912
Multiple PHP remote file inclusion vulnerabilities in Contenido CMS 4.8.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenido_path parameter to (a) contenido/backend_search.php; the (2) cfg[path][contenido] parameter to (b) move_articles.php, (c) move_old_stats.php, (d) optimize_database.php, (e) run_newsletter_job.php, (f) send_reminder.php, (g) session_cleanup.php, and (h) setfrontenduserstate.php in contenido/cronjobs/, and (i) includes/include.newsletter_jo...
Tue, 1 Jul 08
Contendio
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2911
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters.
Tue, 1 Jul 08
autoproducer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2910
Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting property value.
Tue, 1 Jul 08
Clever Copy
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2909
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
Tue, 1 Jul 08
iPrint Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2908
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.
Tue, 1 Jul 08
webchamado
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2907
SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the eml parameter.
Tue, 1 Jul 08
webchamado
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2906
SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter.
Tue, 1 Jul 08
mambo
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2905
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Tue, 1 Jul 08
phpmycart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2904
SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Tue, 1 Jul 08
advanced_webhost_billing_system
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2903
SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter.
Tue, 1 Jul 08
AskMe Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2902
SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085.
Tue, 1 Jul 08
family_connections_cms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2901
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action.