Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Thu, 30 Oct 08
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4793
The node module API in Drupal 5.x before 5.11 allows remote attackers to bypass node validation and have unspecified other impact via unknown vectors related to contributed modules.
Thu, 30 Oct 08
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4792
The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values.
Thu, 30 Oct 08
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4791
The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might allow remote authenticated users to bypass intended login access rules and successfully login via unknown vectors.
Thu, 30 Oct 08
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4790
The core upload module in Drupal 5.x before 5.11 allows remote authenticated users to bypass intended access restrictions and read "files attached to content" via unknown vectors.
Thu, 30 Oct 08
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4789
The validation functionality in the core upload module in Drupal 6.x before 6.5 allows remote authenticated users to bypass intended access restrictions and "attach files to content," related to a "logic error."
Thu, 30 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4788
Microsoft Internet Explorer 6 omits high-bit URL-encoded characters when displaying the address bar, which allows remote attackers to spoof the address bar via a URL with a domain name that differs from an important domain name only in these characters, as demonstrated by using exam%A9ple.com to spoof example.com, aka MSRC ticket MSRC7900.
Thu, 30 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4787
Visual truncation vulnerability in Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar via a URL with a hostname containing many (Non-Blocking Space character) sequences, which are rendered as whitespace, aka MSRC ticket MSRC7899, a related issue to CVE-2003-1025.
Thu, 30 Oct 08
easyshop_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4786
SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
Thu, 30 Oct 08
alternate_profiles_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4785
SQL injection vulnerability in newuser.php in the alternate_profiles plugin, possibly 0.2, for e107 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 30 Oct 08
aflog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4784
aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflog_auth_a cookie to "A" or "O" in (1) edit_delete.php, (2) edit_cat.php, (3) edit_lock.php, and (4) edit_form.php.
Thu, 30 Oct 08
tlads
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4783
tlAds 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the tlAds_login cookie to "admin."
Thu, 30 Oct 08
aiocp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4782
SQL injection vulnerability in public/code/cp_polls_results.php in All In One Control Panel (AIOCP) 1.4 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.
Thu, 30 Oct 08
myktools
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4781
Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter.
Thu, 30 Oct 08
myforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4780
Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter.
Thu, 30 Oct 08
tguzip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4779
Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file.
Thu, 30 Oct 08
koobi_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4778
SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action.
Thu, 30 Oct 08
com_lms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4777
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.
Wed, 29 Oct 08
libgadu
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4776
libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.
Wed, 29 Oct 08
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4775
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and CVE-2007-5977.
Wed, 29 Oct 08
questcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4774
Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS allows remote attackers to inject arbitrary web script or HTML via the cx parameter.
Wed, 29 Oct 08
questcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4773
Directory traversal vulnerability in main/main.php in QuestCMS allows remote attackers to read arbitrary local files via a .. (dot dot) in the theme parameter.
Wed, 29 Oct 08
questcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4772
SQL injection vulnerability in main/main.php in QuestCMS allows remote attackers to execute arbitrary SQL commands via the obj parameter.
Wed, 29 Oct 08
mpeg4_shm_audio_control, rtsp_mpeg4_sp_control, vatctrl_class
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4771
Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.
Wed, 29 Oct 08
wordpress
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4769
Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information.
Wed, 29 Oct 08
tlm_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4768
SQL injection vulnerability in TLM CMS 3.1 allows remote attackers to execute arbitrary SQL commands via the nom parameter to a-b-membres.php. NOTE: the goodies.php vector is already covered by CVE-2007-4808. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 29 Oct 08
downloadsplus_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4767
Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote attackers to execute arbitrary code by uploading a file with (1) .htm, (2) .html, or (3) .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: it is unclear how allowing the upload of .html or .txt files supports arbitrary code execution; this might be legitimate fu...
Wed, 29 Oct 08
oxygen_bulletin_board
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4766
SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 29 Oct 08
poll_booth
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4765
SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
Wed, 29 Oct 08
extplorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4764
Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
Wed, 29 Oct 08
wclient-php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4763
Multiple cross-site scripting (XSS) vulnerabilities in sample.php in WiKID wClient-PHP 3.0-2 and earlier allow remote attackers to inject arbitrary web script or HTML via the PHP_SELF variable.
Wed, 29 Oct 08
freesshd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4762
Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.
Wed, 29 Oct 08
esupport
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4761
Cross-site scripting (XSS) vulnerability in includes/htmlArea/plugins/HtmlTidy/html-tidy-logic.php in Kayako eSupport 3.20.2 allows remote attackers to inject arbitrary web script or HTML via the jsMakeSrc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue is probably in the HTMLArea HTMLTidy (HTML Tidy) plugin, not eSupport.
Wed, 29 Oct 08
myforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4760
SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 29 Oct 08
buzzywall
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4759
Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 allows remote attackers to read arbitrary local files via a .. (dot dot) in the id parameter.
Wed, 29 Oct 08
phpdaily
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4758
Directory traversal vulnerability in download_file.php in PHPdaily allows remote attackers to read arbitrary local files via a .. (dot dot) in the fichier parameter.
Wed, 29 Oct 08
phpdaily
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4757
Multiple SQL injection vulnerabilities in PHPdaily allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) add_postit.php (b) delete.php, and (c) mod_prest_date.php; and the (2) prev parameter to (d) prest_detail.php.
Wed, 29 Oct 08
phpdaily
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4756
Cross-site scripting (XSS) vulnerability in add_prest_date.php in PHPdaily allows remote attackers to inject arbitrary web script or HTML via the date parameter.
Wed, 29 Oct 08
classified_auctions_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4755
SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 29 Oct 08
ez_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4754
SQL injection vulnerability in forum.php in Scripts for Sites (SFS) Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
Wed, 29 Oct 08
rss_reader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4753
SQL injection vulnerability in EditUrl.php in AJ Square RSS Reader allows remote attackers to execute arbitrary SQL commands via the url parameter.
Wed, 29 Oct 08
tlnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4752
TlNews 2.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlNews_login cookie to admin.
Wed, 29 Oct 08
ipei_guestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4751
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the pg parameter, a different vector than CVE-2005-4597.
Wed, 29 Oct 08
vimp_x
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4750
Stack-based buffer overflow in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allows remote attackers to execute arbitrary code via a long LogFile property.
Wed, 29 Oct 08
vimp_x
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4749
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile method, and (2) the SaveToFile method.
Wed, 29 Oct 08
kvirc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4748
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the irc:// URI.
Wed, 29 Oct 08
java_access_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4747
Unspecified vulnerability in the search feature in Sun Java System LDAP JDK before 4.20 allows context-dependent attackers to obtain sensitive information via unknown attack vectors related to the LDAP JDK library.
Tue, 28 Oct 08
ecart_professional
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4746
Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) search.asp and (2) cartUtil.asp.
Tue, 28 Oct 08
ecart_professional
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4745
Cross-site scripting (XSS) vulnerability in emailFriend.asp in Uniwin eCart Professional 2.0.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 28 Oct 08
dxshopcart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4744
SQL injection vulnerability in product_detail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Tue, 28 Oct 08
faq_management_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4743
SQL injection vulnerability in index.php in QuidaScript FAQ Management Script allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Tue, 28 Oct 08
timetrex
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4742
Multiple cross-site scripting (XSS) vulnerabilities in interface/Login.php in TimeTrex 2.2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) password and (2) user_name parameters.
Tue, 28 Oct 08
far-php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4741
Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
Tue, 28 Oct 08
tinycms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4740
Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter.
Tue, 28 Oct 08
lynx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7234
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
Sat, 25 Oct 08
plugspace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4739
Directory traversal vulnerability in index.php in PlugSpace 0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the navi parameter.
Sat, 25 Oct 08
mycard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4738
SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 25 Oct 08
whodomlite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4737
Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the dom parameter.
Sat, 25 Oct 08
rpg_board
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4736
SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter.
Sat, 25 Oct 08
coast
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4735
PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.
Sat, 25 Oct 08
wp_comment_remix_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4734
Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input parameter.
Sat, 25 Oct 08
wp_comment_remix_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4733
Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) replytotext, (2) quotetext, (3) originallypostedby, (4) sep, (5) maxtags, (6) tagsep, (7) tagheadersep, (8) taglabel, and (9) tagheaderlabel parameters.
Sat, 25 Oct 08
wp_comment_remix_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4732
SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter.
Sat, 25 Oct 08
yacy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4731
Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors.
Sat, 25 Oct 08
phpmyid
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4730
Cross-site scripting (XSS) vulnerability in MyID.php in phpMyID 0.9 allows remote attackers to inject arbitrary web script or HTML via the openid_trust_root parameter and an inconsistent openid_return_to parameter, which is not properly handled in an error message.
Sat, 25 Oct 08
exceed, exceed_powersuite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4729
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be possible in 13.0.
Sat, 25 Oct 08
deployment_wizard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4728
Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.
Sat, 25 Oct 08
banner_student
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4727
Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure.
Sat, 25 Oct 08
goodtech_ssh
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4726
Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 allows remote authenticated users to execute arbitrary code via a long string to the (1) open (aka SSH_FXP_OPEN), (2) unlink, (3) opendir, and other unspecified parameters.
Sat, 25 Oct 08
CVE-2008-4725 (opera, opera9.50)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4725
Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly escaped before storage in the History Search database (aka md.dat), a different vector than CVE-2008-4696. NOTE: some of these issues were addressed before 9.60.
Sat, 25 Oct 08
chrome
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4724
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome 0.2.149.30 allow remote attackers to inject arbitrary web script or HTML via an ftp:// URL for an HTML document within a (1) JPG, (2) PDF, or (3) TXT file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 25 Oct 08
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4723
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 3.0.1 through 3.0.3 allow remote attackers to inject arbitrary web script or HTML via an ftp:// URL for an HTML document within a (1) JPG, (2) PDF, or (3) TXT file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 25 Oct 08
CVE-2008-4722 (blade_6000_modular_system_with_chassis, blade_6048_modular_system_with_chassis, b...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4722
Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors.
Sat, 25 Oct 08
CVE-2008-4698 (opera, opera9.50)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4698
Opera before 9.61 does not properly block scripts during preview of a news feed, which allows remote attackers to create arbitrary new feed subscriptions and read the contents of arbitrary feeds.
Sat, 25 Oct 08
CVE-2008-4697 (opera, opera9.50)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4697
The Fast Forward feature in Opera before 9.61, when a page is located in a frame, executes a javascript: URL in the context of the outermost page instead of the page that contains this URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
Sat, 25 Oct 08
opera
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4696
Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat).
Sat, 25 Oct 08
opera
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4695
Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.
Sat, 25 Oct 08
CVE-2008-4694 (opera, opera9.50)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4694
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL.
Sat, 25 Oct 08
windows_2000, windows_2003_server, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4250
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request, as exploited in the wild in October 2008, aka "Server Service Vulnerability."
Sat, 25 Oct 08
enscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3863
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
Sat, 25 Oct 08
officescan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3862
Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests."
Sat, 25 Oct 08
adaptive_security_appliance_5500_series, pix_security_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3817
Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator."
Sat, 25 Oct 08
adaptive_security_appliance_5500_series, pix_security_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3816
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
Sat, 25 Oct 08
asa_5500, pix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3815
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
Sat, 25 Oct 08
libspf2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2469
Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.
Sat, 25 Oct 08
openview_report, performance_agent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4349
The Shared Trace Service (aka OVTrace) in HP OpenView Report 3.70 and Performance Agent 4.70 allows remote attackers to cause a denial of service via an unspecified series of RPC requests that triggers an out-of-bounds memory access, related to an erroneous object reference.
Sat, 25 Oct 08
post_comment
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4721
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
Sat, 25 Oct 08
gemini_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4720
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2) page/forums/category.php.
Sat, 25 Oct 08
openengine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4719
PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter, a different vector than CVE-2008-4329.
Sat, 25 Oct 08
x7_chat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4718
Directory traversal vulnerability in help/mini.phpin X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156.
Sat, 25 Oct 08
zeelyrics
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4717
SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
Sat, 25 Oct 08
php-lance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4716
SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Sat, 25 Oct 08
joomla
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4715
SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.
Sat, 25 Oct 08
atomic_photo_album
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4714
Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies.
Sat, 25 Oct 08
212cafeboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4713
SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter.
Sat, 25 Oct 08
lnblog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4712
Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the plugin parameter.
Sat, 25 Oct 08
joovili
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4711
SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php.
Sat, 25 Oct 08
stock_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4710
Cross-site scripting (XSS) vulnerability in the stock quotes page in Stock 6.x before 6.x-1.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Sat, 25 Oct 08
etraining
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4709
SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 25 Oct 08
CVE-2008-4708 (bbzl.php)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4708
BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1.
Sat, 25 Oct 08
bbzl_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4707
Directory traversal vulnerability in index.php in BbZL.PhP 0.92 allows remote attackers to access unauthorized directories via a .. (dot dot) in the lien_2 parameter.
Sat, 25 Oct 08
vbgooglemap
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4706
SQL injection vulnerability in VBGooglemap Hotspot Edition 1.0.3, a vBulletin module, allows remote attackers to execute arbitrary SQL commands via the mapid parameter in a showdetails action to (1) vbgooglemaphse.php and (2) mapa.php.
Sat, 25 Oct 08
myphpdating
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4705
SQL injection vulnerability in success_story.php in php Online Dating Software MyPHPDating allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 25 Oct 08
sezhoo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4704
PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
Sat, 25 Oct 08
bosnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4703
SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter.
Fri, 24 Oct 08
phpwebgallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4702
Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) user[language] and (2) user[template] parameters to (a) init.inc.php, and (b) the user[language] parameter to isadmin.inc.php.
Fri, 24 Oct 08
liberia_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4701
SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 24 Oct 08
liberia_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4700
SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter.
Fri, 24 Oct 08
peachtree_accounting
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4699
Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in Peachtree Accounting 2004 allows remote attackers to execute arbitrary programs via the ExecutePreferredApplication method.
Fri, 24 Oct 08
db2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4693
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."
Fri, 24 Oct 08
db2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4692
The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
Fri, 24 Oct 08
db2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4691
Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service (segmentation violation and trap) via unknown vectors.
Fri, 24 Oct 08
lynx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4690
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have defined a lynxcgi: handler.
Fri, 24 Oct 08
mantis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4689
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions.
Fri, 24 Oct 08
mantis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4688
core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number.
Fri, 24 Oct 08
mantis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4687
manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php.
Fri, 24 Oct 08
vlc_media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4686
Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, allow remote attackers to have an unknown impact via a crafted .ty file, a different vulnerability than CVE-2008-4654.
Fri, 24 Oct 08
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4685
Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.
Fri, 24 Oct 08
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4684
packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector.
Thu, 23 Oct 08
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4683
The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.
Thu, 23 Oct 08
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4682
wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.
Thu, 23 Oct 08
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4681
Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.
Thu, 23 Oct 08
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4680
packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).
Thu, 23 Oct 08
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4679
The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists (CRL), does not call the setRevocationEnabled method on the PKIXBuilderParameters object, which prevents the "Java security method" from checking the revocation status of X.509 certificates and allows remote attackers to bypass intended access restrictions via a SOAP message with a revo...
Thu, 23 Oct 08
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4678
The HTTP_Request_Parser method in the HTTP Transport component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service (controller 0C4 abend and application hang) via a long HTTP Host header, related to "storage overlay" on the stack and a "parse failure."
Thu, 23 Oct 08
netrw
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4677
autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts, which allows remote FTP servers to obtain sensitive information in opportunistic circumstances by logging usernames and passwords. NOTE: the upstream vendor disputes a vector involving different ports on the same host...
Thu, 23 Oct 08
access_essentials, presentation_server, xenapp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4676
Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. NOTE: this might be the same issue as CVE-2008-3485, but the vendor advisory is too vague to be certain.
Thu, 23 Oct 08
phpcounter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4675
SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
Thu, 23 Oct 08
real_estate
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4674
SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode.
Thu, 23 Oct 08
events_calendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4673
PHP remote file inclusion vulnerability in panel/common/theme/default/header_setup.php in WebBiscuits Software Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the (1) path[docroot] and (2) component parameters.
Thu, 23 Oct 08
lyrics_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4672
Cross-site scripting (XSS) vulnerability in search_results.php in buymyscripts Lyrics Script allows remote attackers to inject arbitrary web script or HTML via the k parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 23 Oct 08
wordpress_mu
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4671
Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in Wordpress MU (WPMU) before 2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) s and (2) ip_address parameters.
Thu, 23 Oct 08
clickbank_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4670
Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol Clickbank Portal allows remote attackers to inject arbitrary web script or HTML via the search box. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 23 Oct 08
recipe_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4669
Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher Recipe Script allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 23 Oct 08
com_imagebrowser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4668
Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
Thu, 23 Oct 08
arabcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4667
Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the rss parameter.
Thu, 23 Oct 08
ultimate_webboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4666
SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter.
Thu, 23 Oct 08
matchmaking
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4665
SQL injection vulnerability in PG Matchmaking allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) news_read.php and (2) gifts_show.php.
Thu, 23 Oct 08
ks_cgi_access_log
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4663
Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, as used in K's CGI Access Log Kaiseki (1) jcode.pl and (2) Jcode.pm, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 23 Oct 08
lokicms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4662
Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Thu, 23 Oct 08
qvod_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4664
Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control (QvodInsert.dll) in QVOD Player before 2.1.5 build 0053 allows remote attackers to execute arbitrary code via a long URL property. NOTE: some of these details are obtained from third party information.
Thu, 23 Oct 08
page_improvements
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4661
Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 23 Oct 08
m1_intern
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4660
SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 23 Oct 08
mannschaftsliste
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4659
SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 23 Oct 08
jobcontrol
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4658
SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 23 Oct 08
econda_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4657
SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 23 Oct 08
frontend_users_view
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4656
SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 23 Oct 08
simplesurvey
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4655
SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 23 Oct 08
vlc_media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4654
Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
Thu, 23 Oct 08
makale
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4653
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
Thu, 23 Oct 08
powertcp_ftp_for_activex
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4652
Buffer overflow in the ActiveX control (DartFtp.dll) in Dart Communications PowerTCP FTP for ActiveX 2.0.2 0 allows remote attackers to execute arbitrary code via a long SecretKey property.
Thu, 23 Oct 08
jetbox_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4651
Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby parameter to admin/cms/images.php and the (2) nav_id parameter in an editrecord action to admin/cms/nav.php.
Thu, 23 Oct 08
myevent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4650
SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter.
Thu, 23 Oct 08
elxis_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4649
Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Thu, 23 Oct 08
elxis_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4648
Cross-site scripting (XSS) vulnerability in index.php in Elxis CMS 2008.1 revision 2204 allows remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or the (2) option, (3) Itemid, (4) id, (5) task, (6) bid, and (7) contact_id parameters. NOTE: the error might be located in modules/mod_language.php, and index.php might be the interaction point.
Thu, 23 Oct 08
sweetcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4647
SQL injection vulnerability in index.php in sweetCMS 1.5.2 allows remote attackers to execute arbitrary SQL commands via the page parameter.
Thu, 23 Oct 08
enterpise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4646
The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database.
Thu, 23 Oct 08
phpwebgallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4645
plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function.
Thu, 23 Oct 08
mystats
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4644
hits.php in myWebland myStats allows remote attackers to bypass IP address restrictions via a modified X-Forwarded-For HTTP header.
Thu, 23 Oct 08
mystats
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4643
SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
Wed, 22 Oct 08
astrospaces
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4642
SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action.
Wed, 22 Oct 08
jhead
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4641
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.
Wed, 22 Oct 08
jhead
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4640
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
Wed, 22 Oct 08
jhead
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4639
jhead.c in Matthias Wandel jhead before 2.84 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Wed, 22 Oct 08
veritas_file_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4638
qioadmin in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, allows local users to read arbitrary files by causing qioadmin to write a file's content to standard error.
Wed, 22 Oct 08
cpcommerce
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4637
Cross-site scripting (XSS) vulnerability in cpCommerce before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors in the advanced search feature. NOTE: this is probably a variant of CVE-2008-4121.
Wed, 22 Oct 08
cpcommerce
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4121
Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce before 1.2.4 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in a search.quick action to search.php and (2) the name parameter in a sendtofriend action to sendtofriend.php.
Wed, 22 Oct 08
veritas_file_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3248
qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, does not initialize filesystem blocks during creation of a file, which allows local users to obtain sensitive information by creating and then reading files.
Wed, 22 Oct 08
sitescope
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4350
Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message.
Wed, 22 Oct 08
hisa_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4635
Unspecified vulnerability in Hisanaga Electric Co, Ltd. hisa_cart 1.29 and earlier, a module for XOOPS, allows remote attackers to obtain sensitive user information via unknown vectors.
Wed, 22 Oct 08
movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4634
Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.21 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the administrative page, a different vulnerability than CVE-2008-4079.
Wed, 22 Oct 08
node_clone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4633
SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote."
Wed, 22 Oct 08
kure
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4632
Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magic_quotes_gpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. (dot dot) in the (1) post and (2) doc parameters.
Wed, 22 Oct 08
muscle
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4631
Stack-based buffer overflow in the Message::AddToString function in message/Message.cpp in MUSCLE before 4.40 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted message. NOTE: some of these details are obtained from third party information.
Wed, 22 Oct 08
midgard_components_framework
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4630
Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 have unknown impact and attack vectors.
Wed, 22 Oct 08
mynets
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4629
Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 22 Oct 08
minibloggie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4628
SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter.
Wed, 22 Oct 08
rgallery_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4627
SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab Burning Board (WBB) allows remote attackers to execute arbitrary SQL commands via the itemID parameter in the RGalleryImageWrapper page in index.php.
Wed, 22 Oct 08
yappa-ng
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4626
Directory traversal vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 and possibly other versions through 2.3.3-beta0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the album parameter.
Wed, 22 Oct 08
shifthis_newsletter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4625
SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683.
Wed, 22 Oct 08
fast_click_sql_lite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4624
PHP remote file inclusion vulnerability in init.php in Fast Click SQL Lite 1.1.7, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CFG[CDIR] parameter.
Wed, 22 Oct 08
com_ds-syndicate
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4623
SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index.php.
Wed, 22 Oct 08
phpfastnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4622
fastnews-code.php in phpFastNews 1.0.0 allows remote attackers to bypass authentication and gain administrative access by setting the fn-loggedin cookie to 1.
Wed, 22 Oct 08
zeeproperty
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4621
SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter.
Wed, 22 Oct 08
mrbs
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4620
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
Wed, 22 Oct 08
exchange_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1547
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.
Wed, 22 Oct 08
solaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4619
The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8, related to the XDR_DECODE operation and the taddr2uaddr function.
Wed, 22 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4618
The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect data types in function calls.
Tue, 21 Oct 08
com_actualite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4617
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 21 Oct 08
spambam_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4616
The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key.
Tue, 21 Oct 08
portalapp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4615
Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.
Tue, 21 Oct 08
portalapp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4614
PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.
Tue, 21 Oct 08
portalapp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4613
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
Tue, 21 Oct 08
portalapp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4612
Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp.
Tue, 21 Oct 08
php_ziyaretci_defteri
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4611
SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
Tue, 21 Oct 08
mplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4610
MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718.
Tue, 21 Oct 08
CVE-2008-4609
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4609
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Tue, 21 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3831
The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.
Tue, 21 Oct 08
mplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6718
MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mp...
Tue, 21 Oct 08
ip_reg
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4606
Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to it.php. NOTE: the vlanview.php and vlandel.php vectors are already covered by CVE-2007-6579.
Tue, 21 Oct 08
easycafeengine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4605
SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php.
Tue, 21 Oct 08
easycafeengine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4604
SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
Tue, 21 Oct 08
cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4603
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
Tue, 21 Oct 08
post_affiliate_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4602
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter.
Tue, 21 Oct 08
cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4601
Cross-site scripting (XSS) vulnerability in the login feature in Habari CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the habari_username parameter.
Tue, 21 Oct 08
pokermax_poker_league_tournament_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4600
configure.php in PokerMax Poker League Tournament Script 0.13 allows remote attackers to bypass authentication and gain administrative access by setting the ValidUserAdmin cookie.
Tue, 21 Oct 08
mosaic_commerce
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4599
SQL injection vulnerability in category.php in Mosaic Commerce allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Tue, 21 Oct 08
shindig-integrator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4598
Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597.
Tue, 21 Oct 08
shindig-integrator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4597
Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote attackers to gain privileges via unspecified vectors.
Tue, 21 Oct 08
shindig-integrator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4596
Cross-site scripting (XSS) vulnerability in Shindig-Integrator 5.x, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in generated pages.
Tue, 21 Oct 08
content_plus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4595
Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 have unknown impact and remote attack vectors.
Tue, 21 Oct 08
wap400n
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4594
Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote.
Tue, 21 Oct 08
iphone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4593
Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device screen, aka Apple bug number 6267416.
Tue, 21 Oct 08
systems_insight_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4412
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors.
Tue, 21 Oct 08
flash_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4473
Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters.
Sat, 18 Oct 08
flash_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4401
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote attackers to create a browse dialog box, and possibly have unspecified other impact, via an SWF file.
Fri, 17 Oct 08
sports_clubs_web_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4592
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Fri, 17 Oct 08
phpwebgallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4591
Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters.
Fri, 17 Oct 08
stash
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4590
Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to admin/login.php and (2) the post parameter to admin/news.php.
Fri, 17 Oct 08
resuce_and_recovery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4589
Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name.
Fri, 17 Oct 08
eserv
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4588
Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command.
Fri, 17 Oct 08
flexnet_connect
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4587
Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. NOTE: this could be leveraged for code execution by uploading executable files to Startup folders.
Fri, 17 Oct 08
flexnet_connect
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4586
Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method.
Fri, 17 Oct 08
site_builder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4585
Belong Software Site Builder 0.1 beta allows remote attackers to bypass intended access restrictions and perform administrative actions via a direct request to admin/home.php.
Fri, 17 Oct 08
mail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4584
Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method.
Fri, 17 Oct 08
ftp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4583
Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method.
Fri, 17 Oct 08
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4582
Mozilla Firefox 3.0.1 through 3.0.3 on Windows does not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via an HTML document that is directly accessible through a filesystem, as demonstrated by documents in (1) local folders, (2) Windows share folders, and (3) RAR archives, and as demonstrated by IFRAMEs referencing shortcuts that point to (a) about:cache?device=memory a...
Fri, 17 Oct 08
enovia_smarteam
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4581
The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process (aka Flow Process) view.
Fri, 17 Oct 08
cman, fence
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4580
fence_manual in fence allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.
Fri, 17 Oct 08
cman, fence
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4579
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.
Fri, 17 Oct 08
dovecot
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4578
The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
Fri, 17 Oct 08
dovecot
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4577
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
Fri, 17 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4576
sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.
Fri, 17 Oct 08
jhead
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4575
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) possibly other unspecified vectors.
Fri, 17 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4554
The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.
Fri, 17 Oct 08
qemu
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4553
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.
Fri, 17 Oct 08
ayco_okul_portali
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4574
SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
Fri, 17 Oct 08
munzursoft_web_portal_w3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4573
SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter.
Fri, 17 Oct 08
guildftpd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4572
GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow.
Fri, 17 Oct 08
plone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4571
Cross-site scripting (XSS) vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as demonstrated using the onerror Javascript even in an IMG tag.
Fri, 17 Oct 08
real-estate-scripts
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4570
SQL injection vulnerability in index.php in Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Fri, 17 Oct 08
absolute_poll_manager_xe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4569
SQL injection vulnerability in xlacomments.asp in XIGLA Software Absolute Poll Manager XE 4.1 allows remote attackers to execute arbitrary SQL commands via the p parameter.
Thu, 16 Oct 08
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4038
Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability."
Thu, 16 Oct 08
windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4036
Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability."
Thu, 16 Oct 08
windows_2000
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4023
Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability."
Thu, 16 Oct 08
office
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4020
Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability."
Thu, 16 Oct 08
CVE-2008-4019 (office, office_compatibility_pack_for_word_excel_ppt_2007, office_excel_viewer, o...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4019
Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Pars...
Thu, 16 Oct 08
windows_2000
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3479
The Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 SP4 does not properly validate parameters to string APIs, which allows remote attackers to execute arbitrary code via a crafted RPC call that overflows a "heap request," aka "Message Queuing Service Remote Code Execution Vulnerability."
Thu, 16 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3477
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Calendar Object Validation Vulnerability."
Thu, 16 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3476
Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle errors associated with access to uninitialized memory, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Objects Memory Corruption Vulnerability."
Thu, 16 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3475
Microsoft Internet Explorer 6 does not properly handle errors associated with access to an object that has been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability."
Thu, 16 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3474
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy and obtain sensitive information via a crafted HTML document, aka "Cross-Domain Information Disclosure Vulnerability."
Thu, 16 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3473
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability."
Thu, 16 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3472
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "HTML Element Cross-Domain Vulnerability."
Thu, 16 Oct 08
CVE-2008-3471 (office, office_compatibility_pack_for_word_excel_ppt_2007, office_excel_viewer, o...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3471
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac do not properly allocate memory when loading Excel objects during parsing of the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted BIFF file, aka "File For...
Thu, 16 Oct 08
host_integration_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3466
Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary code via a crafted SNA RPC message, aka "HIS Command Execution Vulnerability."
Thu, 16 Oct 08
windows_2003_server, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3464
afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "AFD Kernel Overwrite Vulnerability."
Thu, 16 Oct 08
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2252
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability."
Thu, 16 Oct 08
windows_2000, windows_server_2003, windows_server_2008, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2251
Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled Exception Vulnerability." NOTE: according to Microsoft, this is not a duplicate of CVE-2008-4510.
Thu, 16 Oct 08
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2250
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate window properties sent from a parent window to a child window during creation of a new window, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Window Creation Vulnerability."
Thu, 16 Oct 08
iis, windows_2000, windows_server_2003, windows_server_2008, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1446
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
Thu, 16 Oct 08
vlc_media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4558
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.
Thu, 16 Oct 08
cutenews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4557
plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.
Thu, 16 Oct 08
solaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4556
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.
Thu, 16 Oct 08
edirectory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4480
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer.
Thu, 16 Oct 08
edirectory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4479
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header.
Thu, 16 Oct 08
edirectory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4478
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.
Thu, 16 Oct 08
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4013
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Oct 08
weblogic_workshop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4012
Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite WLW 8.1SP5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Oct 08
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4011
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors.
Thu, 16 Oct 08
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4010
Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Oct 08
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4009
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Oct 08
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4008
Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Oct 08
database_11i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4005
Unspecified vulnerability in the Oracle Application Express component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Oct 08
enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4004
Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Oct 08
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4003
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality via unknown vectors.
Thu, 16 Oct 08
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4002
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 16 Oct 08
jd_edwards_enterpriseone_ep, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4001
Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne EP 8.9 and EP 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Oct 08
CVE-2008-4000 (enterpriseone, jd_edwards_enterpriseone, peoplesoft_enterprise, peoplesoft_people...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4000
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Thu, 16 Oct 08
e-business_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3998
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Oct 08
database_10g, database_11i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3996
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_IPUBLISH.
Thu, 16 Oct 08
database_10g, database_11i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3995
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH.
Thu, 16 Oct 08
database_10g, database_11i, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3994
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM.
Thu, 16 Oct 08
e-business_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3993
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors.
Thu, 16 Oct 08
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3992
Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to DMSYS.DBMS_DM_EXP_INTERNAL.
Thu, 16 Oct 08
database_10g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3991
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL.
Thu, 16 Oct 08
database_10g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3990
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL.
Thu, 16 Oct 08
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3989
Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability, related to DMSYS.ODM_MODEL_UTIL.
Thu, 16 Oct 08
e-business_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3988
Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.
Thu, 16 Oct 08
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3987
Unspecified vulnerability in the Oracle Discoverer Desktop component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.
Thu, 16 Oct 08
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3986
Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows local users to affect confidentiality via unknown vectors.
Thu, 16 Oct 08
e-business_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3985
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.
Thu, 16 Oct 08
database_10g, database_11i, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3984
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT.
Thu, 16 Oct 08
database_10g, database_11i, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3983
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT.
Thu, 16 Oct 08
database_10g, database_11i, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3982
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT.
Thu, 16 Oct 08
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3980
Unspecified vulnerability in the Upgrade component in Oracle Database 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Oct 08
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3977
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.
Thu, 16 Oct 08
database_10g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3976
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Oct 08
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3975
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.
Thu, 16 Oct 08
database_10g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2625
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Thu, 16 Oct 08
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2624
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Oct 08
application_server, e-business_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2619
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors.
Thu, 16 Oct 08
jdeveloper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2588
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors.
Thu, 16 Oct 08
graphviz
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4555
Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements.
Thu, 16 Oct 08
arcserve_backup, business_protection_suite, server_protection_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4400
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
Thu, 16 Oct 08
arcserve_backup, business_protection_suite, server_protection_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4399
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
Thu, 16 Oct 08
arcserve_backup, business_protection_suite, server_protection_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4398
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.
Thu, 16 Oct 08
arcserve_backup, business_protection_suite, server_protection_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4397
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
Thu, 16 Oct 08
system_requirements_lab
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4385
Husdawg, LLC Systems Requirements Lab 3 allows remote attackers to force the download and execution of arbitrary programs via unknown vectors in (1) ActiveX control (sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar.
Thu, 16 Oct 08
cups
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3640
Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
Thu, 16 Oct 08
cups
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3639
Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.
Thu, 16 Oct 08
nfs-utils
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4552
nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the host_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions.
Thu, 16 Oct 08
strongswan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4551
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP).
Thu, 16 Oct 08
imageshack_toolbar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4549
The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote attackers to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method.
Thu, 16 Oct 08
rtssentry
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4548
Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (CamPanel.dll) in RTS Sentry 2.1.0.2 allows remote attackers to execute arbitrary code via a long second argument to the ConnectServer method.
Thu, 16 Oct 08
web_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4547
Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (pdvratl.dll) in DVRHOST Web CMS OCX 1.0.1.25 allows remote attackers to execute arbitrary code via a long second argument to the TimeSpanFormat method.
Wed, 15 Oct 08
flash_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4546
Adobe Flash Player 9.0.45.0, 9.0.112.0, 9.0.124.0, and 10.0.12.10 allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Wed, 15 Oct 08
wap400n
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4441
The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197.
Wed, 15 Oct 08
unity
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4545
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory.
Wed, 15 Oct 08
unity
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4544
Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error."
Wed, 15 Oct 08
unity
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4543
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections.
Wed, 15 Oct 08
unity
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4542
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store).
Wed, 15 Oct 08
java_system_web_proxy_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4541
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via unspecified vectors.
Wed, 15 Oct 08
windows_mobile
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4540
Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access.
Wed, 15 Oct 08
system_management_homepage
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4411
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663.
Wed, 15 Oct 08
openview_network_node_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3545
Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536, CVE-2008-3537, and CVE-2008-3544. NOTE: due to insufficient details from the vendor, it is not clear whether this is the same as CVE-2008-1853.
Wed, 15 Oct 08
openview_network_node_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3544
Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954.
Wed, 15 Oct 08
tomcat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3271
Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
Sat, 11 Oct 08
ec-cube
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4537
Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.1.1-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17336 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4535 and CVE-2008-4536.
Sat, 11 Oct 08
ec-cube
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4536
Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.2.0-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17319 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4535 and CVE-2008-4537.
Sat, 11 Oct 08
ec-cube
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4535
Cross-site scripting (XSS) vulnerability in EC-CUBE Ver2 2.1.2a and earlier, EC-CUBE Ver2 Beta(RC) 2.2.0-beta and earlier, and EC-CUBE Community Edition Nighly-Build r17623 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4536 and CVE-2008-4537.
Sat, 11 Oct 08
ec-cube
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4534
SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and Ver2 RC 2.3.0-rc1 and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 11 Oct 08
web_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4533
Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Sat, 11 Oct 08
portage
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4394
Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetchmail, (3) app-editors/leo ebuilds, and other ebuilds.
Sat, 11 Oct 08
mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4215
Weblog in Mac OS X Server 10.4.11 does not properly check an error condition when a weblog posting access control list is specified for a user that has multiple short names, which might allow attackers to bypass intended access restrictions.
Sat, 11 Oct 08
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4214
Unspecified vulnerability in Script Editor in Mac OS X 10.4.11 and 10.5.5 allows local users to cause the scripting dictionary to be written to arbitrary locations, related to an "insecure file operation" on temporary files.
Sat, 11 Oct 08
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4212
Unspecified vulnerability in rlogind in the rlogin component in Mac OS X 10.4.11 and 10.5.5 applies hosts.equiv entries to root despite what is stated in documentation, which might allow remote attackers to bypass intended access restrictions.
Sat, 11 Oct 08
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4211
Integer signedness error in QuickLook in Mac OS X 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access.
Sat, 11 Oct 08
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3647
Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment.
Sat, 11 Oct 08
mac_os_x
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3646
The Postfix configuration file in Mac OS X 10.5.5 causes Postfix to be network-accessible when mail is sent from a local command-line tool, which allows remote attackers to send mail to local Mac OS X users.
Sat, 11 Oct 08
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3645
Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors.
Sat, 11 Oct 08
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3643
Unspecified vulnerability in Finder in Mac OS X 10.5.5 allows user-assisted attackers to cause a denial of service (continuous termination and restart) via a crafted Desktop file that generates an error when producing its icon, related to an "error recovery issue."
Sat, 11 Oct 08
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3642
Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile.
Sat, 11 Oct 08
cups
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3641
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
Sat, 11 Oct 08
vim
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3432
Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
Sat, 11 Oct 08
website_directory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4532
Cross-site scripting (XSS) vulnerability in index.php in MaxiScript Website Directory allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action.
Sat, 11 Oct 08
brilliant_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4531
SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338.
Sat, 11 Oct 08
brilliant_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4530
Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote authenticated users with permissions to inject arbitrary web script or HTML via unspecified vectors related to posting of answers.
Sat, 11 Oct 08
asicms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4529
Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the _ENV[asicms][path] parameter to (1) Association.php, (2) BigMath.php, (3) DiffieHellman.php, (4) DumbStore.php, (5) Extension.php, (6) FileStore.php, (7) HMAC.php, (8) MemcachedStore.php, (9) Message.php, (10) Nonce.php, (11) SQLStore.php, (12) SReg.php, (13) TrustRoot.php, and (14) URINorm.php in classes/Auth/OpenID/; and (15) XRDS.php, (16) XRI.php a...
Sat, 11 Oct 08
personal_information_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4528
Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action.
Sat, 11 Oct 08
recepies_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4527
SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information.
Sat, 11 Oct 08
ccms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4526
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and (6) pages/poll.php.
Sat, 11 Oct 08
ampjuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4525
SQL injection vulnerability in index.php in AmpJuke 0.7.5 allows remote attackers to execute arbitrary SQL commands via the special parameter in a performerid action.
Sat, 11 Oct 08
adaptcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4524
SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
Sat, 11 Oct 08
ip_reg
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4523
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
Sat, 11 Oct 08
jmweb_mp3_music_audio_search_and_download_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4522
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.
Sat, 11 Oct 08
world_of_warcraft_tracker_infusion_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4521
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the INFO_RAID_ID parameter.
Sat, 11 Oct 08
autonessus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4520
Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter.
Sat, 11 Oct 08
fastpublish_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4519
Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the target parameter to (1) index2.php and (2) index.php.
Sat, 11 Oct 08
fastpublish_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4518
Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php.
Fri, 10 Oct 08
geccbblite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4517
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 10 Oct 08
galerie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4516
SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter.
Fri, 10 Oct 08
k9_web_protection
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4515
Blue Coat K9 Web Protection 4.0.230 Beta relies on client-side JavaScript as a protection mechanism, which allows remote attackers to bypass authentication and access the (1) summary, (2) detail, (3) overrides, and (4) pwemail pages by disabling JavaScript.
Fri, 10 Oct 08
konqueror
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4514
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
Fri, 10 Oct 08
phorum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4513
Cross-site scripting (XSS) vulnerability in BBcode API module in Phorum 5.2.8 allows remote attackers to inject arbitrary web script or HTML via nested BBcode image tags.
Fri, 10 Oct 08
CVE-2008-4512
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4512
ASP/MS Access Shoutbox, probably 1.1 beta, stores db/shoutdb.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
Fri, 10 Oct 08
asp_news_management
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4511
Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
Fri, 10 Oct 08
windows-nt
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4510
Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier allows local users to cause a denial of service (page fault and system crash) via multiple attempts to access a virtual address in a PAGE_NOACCESS memory page.
Fri, 10 Oct 08
foss_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4509
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the root directory.
Fri, 10 Oct 08
internet_download_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4508
Stack-based buffer overflow in the file parsing function in Tonec Internet Download Manager, possibly 5.14 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AppleDouble file containing a long string. NOTE: this is probably a different vulnerability than CVE-2005-2210.
Fri, 10 Oct 08
lotus_quickr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4507
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
Fri, 10 Oct 08
lotus_quickr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4506
Unspecified vulnerability in IBM Lotus Quickr 8.1 beford Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors.
Fri, 10 Oct 08
lotus_quickr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4505
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a "nonstandard URL argument" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability.
Fri, 10 Oct 08
hero_dvd_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4504
Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD Player 3.0.8 allows user-assisted remote attackers to execute arbitrary code via an M3u file with a "long entry." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 10 Oct 08
flash_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4503
The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking."
Fri, 10 Oct 08
dff_framework_api
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4502
Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote attackers to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (1) DFF_affiliate_client_API.php, (2) DFF_featured_prdt.func.php, (3) DFF_mer.func.php, (4) DFF_mer_prdt.func.php, (5) DFF_paging.func.php, (6) DFF_rss.func.php, and (7) DFF_sku.func.php in include/.
Fri, 10 Oct 08
serv-u_file_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4501
Directory traversal vulnerability in the FTP server in Serv-U 7.3, and 7.2.0.1 and earlier, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command.
Fri, 10 Oct 08
serv-u_file_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4500
Serv-U 7.3, and 7.2.0.1 and earlier, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1".
Fri, 10 Oct 08
php_web_explorer_lite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4499
Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php.
Fri, 10 Oct 08
phpautos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4498
SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Fri, 10 Oct 08
real_estate_listings
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4497
SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
Fri, 10 Oct 08
php_realtor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4496
SQL injection vulnerability in view_cat.php in PHP Realtor 1.5 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
Fri, 10 Oct 08
php_auto_dealer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4495
SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter.
Fri, 10 Oct 08
torrenttrader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4494
SQL injection vulnerability in completed-advance.php in TorrentTrader Classic 1.08 and 1.04 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 10 Oct 08
digital_image
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4493
Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.
Fri, 10 Oct 08
condor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3830
Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.
Fri, 10 Oct 08
condor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3829
Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via unknown vectors.
Fri, 10 Oct 08
condor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3828
Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
Fri, 10 Oct 08
condor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3826
Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors.
Fri, 10 Oct 08
unity
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3814
Unspecified vulnerability in Cisco Unity 4.x before 4.0ES161, 5.x before 5.0ES53, and 7.x before 7.0ES8, when using anonymous authentication, allows remote attackers to bypass authentication and read or modify system configuration parameters via unknown vectors.
Thu, 9 Oct 08
yourownbux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4492
SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows remote attackers to execute arbitrary SQL commands via the usNick cookie.
Thu, 9 Oct 08
mail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4491
Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail.
Thu, 9 Oct 08
phpabook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4490
Directory traversal vulnerability in config.inc.php in phpAbook 0.8.8b and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the userInfo cookie.
Thu, 9 Oct 08
atarone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4489
Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 9 Oct 08
atarone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4488
Cross-site scripting (XSS) vulnerability in ap-pages.php in Atarone CMS 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 9 Oct 08
atarone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4487
SQL injection vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) site_name, (2) email, (3) theme_chosen, (4) hp, (5) c_meta, (6) id, and (7) c_js parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 9 Oct 08
yerba
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4486
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
Thu, 9 Oct 08
security_gateway_os
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4485
Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL.
Thu, 9 Oct 08
gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4484
main.php in Crux Gallery 1.32 and earlier assumes that the user is an administrator if the name parameter is not "users", which allows remote attackers to gain administrative access by setting the name parameter to "users", as demonstrated via index.php.
Thu, 9 Oct 08
gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4483
Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter.
Thu, 9 Oct 08
xerces-c++
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4482
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.
Thu, 9 Oct 08
redmine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4481
Cross-site scripting (XSS) vulnerability in Redmine 0.7.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 9 Oct 08
v-webmail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3061
Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the to parameter.
Thu, 9 Oct 08
mon
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4477
alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file.
Thu, 9 Oct 08
v-webmail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3063
SQL injection vulnerability in login.php in V-webmail 1.5.0 might allow remote attackers to execute arbitrary SQL commands via the username parameter.
Thu, 9 Oct 08
v-webmail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3060
V-webmail 1.5.0 allows remote attackers to obtain sensitive information via (1) malformed input in the login page (includes/local.hooks.php) and (2) an invalid session ID, which reveals the installation path in an error message.
Thu, 9 Oct 08
sympa
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4476
sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability.
Thu, 9 Oct 08
ibackup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4475
ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files.
Thu, 9 Oct 08
freeradius
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4474
freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct.
Wed, 8 Oct 08
CVE-2008-3834 (dbus, dbus1.0, dbus1.1.0)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3834
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
Wed, 8 Oct 08
design_review, dwf_viewer, revit_architecture
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4472
The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.
Wed, 8 Oct 08
design_review, dwf_viewer, revit_architecture
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4471
Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method.
Wed, 8 Oct 08
metagauge
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4421
Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably other versions before 1.0.3.38, allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the URL.
Wed, 8 Oct 08
kontiki_delivery_management_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4393
Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery Management System (DMS) 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to zodiac/servlet/zodiac.
Wed, 8 Oct 08
lpviewer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4384
Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
Wed, 8 Oct 08
oncplus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3543
Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on HP-UX B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
Wed, 8 Oct 08
cue
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4470
Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a long absolute pathname.
Wed, 8 Oct 08
freelance_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4469
SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the coder_id parameter.
Wed, 8 Oct 08
share_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4468
SQL injection vulnerability in view_news.php in Vastal I-Tech Share Zone allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 8 Oct 08
toner_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4467
SQL injection vulnerability in show_series_ink.php in Vastal I-Tech Toner Cart allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 8 Oct 08
cosmetics_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4466
SQL injection vulnerability in view_products_cat.php in Vastal I-Tech Cosmetics Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Wed, 8 Oct 08
dvd_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4465
SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Wed, 8 Oct 08
mag_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4464
SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Wed, 8 Oct 08
jobs_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4463
SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
Wed, 8 Oct 08
visa_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4462
SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
Wed, 8 Oct 08
dating_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4461
SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter.
Wed, 8 Oct 08
mmorpg_zone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4460
SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the game_id parameter.
Wed, 8 Oct 08
thyme
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4459
SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information.
Wed, 8 Oct 08
b2b_trading_marketplace_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4458
SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action.
Wed, 8 Oct 08
memht_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4457
SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal 3.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a stats_res cookie to index.php.
Wed, 8 Oct 08
mysql
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4456
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document.
Wed, 8 Oct 08
mysql_quick_admin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4455
Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
Wed, 8 Oct 08
mysql_quick_admin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4454
Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 8 Oct 08
light_imaging_toolkit, pro_imaging_sdk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4453
The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control (gdpicture4s.ocx) 4.7.0.1 and (2) Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control (gdpicturepro5s.ocx) 5.7.0.1 allows remote attackers to create, overwrite, and modify arbitrary files via the SaveAsPDF method. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: this can be leveraged for remote code execution by accessing files using hcp:// URLs...
Wed, 8 Oct 08
vxftpsrv
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4452
Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allows remote attackers to cause a denial of service (crash and hang) and possibly execute arbitrary code via a long CWD request.
Wed, 8 Oct 08
system_analyzer_tool
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4451
The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain IOCTL request to \Device\esiasdrv that overwrites a pointer.
Wed, 8 Oct 08
xampp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4450
Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for Windows 1.6.8 allows remote attackers to inject arbitrary web script or HTML via the (1) dbserver, (2) host, (3) user, (4) password, (5) database, and (6) table parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 8 Oct 08
mirc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4449
Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.
Wed, 8 Oct 08
h-sphere
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4448
Cross-site request forgery (CSRF) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the (1) overkill, (2) futils, or (3) edit actions.
Wed, 8 Oct 08
h-sphere
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4447
Cross-site scripting (XSS) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via (1) the fn parameter during a dload action, (2) the fld parameter during a search action, and (3) the tab parameter during a sysinfo action.
Wed, 8 Oct 08
nucleus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4446
Cross-site scripting (XSS) vulnerability in Nucleus EUC-JP 3.31 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 8 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4445
The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.
Wed, 8 Oct 08
workstation, player, server, esx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4279
Unspecified vulnerability in the CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges via unknown vectors that cause "the virtual CPU to jump to an incorrect memory address."
Wed, 8 Oct 08
virtualcenter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4278
VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.
Wed, 8 Oct 08
flash_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3872
Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allows remote attackers to bypass the allowScriptAccess parameter setting via a crafted SWF file via unspecified "Filter evasion" manipulations.
Tue, 7 Oct 08
feta
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4440
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on a temporary file.
Tue, 7 Oct 08
datafeed_studio
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4439
PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio allows remote attackers to execute arbitrary PHP code via a URL in the INSTALL_FOLDER parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 7 Oct 08
datafeed_studio
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4438
Cross-site scripting (XSS) vulnerability in search.php in Datafeed Studio 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 7 Oct 08
bugzilla
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4437
Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element.
Tue, 7 Oct 08
wbblog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4436
SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter.
Tue, 7 Oct 08
downloads_plus_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4435
Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT Downloads Plus (rmdp) module 1.5 and 1.7 for Xoops allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to search.php and the (2) id parameter to down.php.
Tue, 7 Oct 08
utorrent, bittorrent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4434
Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Created By field in a .torrent file.
Tue, 7 Oct 08
minishop_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4433
SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter.
Tue, 7 Oct 08
minishop_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4432
Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter.
Tue, 7 Oct 08
icebb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4431
SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
Tue, 7 Oct 08
amarok
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4430
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok 1.4.9.1 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
Tue, 7 Oct 08
virus_security, virus_security_zero
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4429
Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 and earlier and Virus Security 9.5.0173 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via malformed compressed files. NOTE: some of these details are obtained from third party information.
Tue, 7 Oct 08
personal_information_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4428
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-level directory.
Tue, 7 Oct 08
personal_information_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4427
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier does not require administrative authentication, which allows remote attackers to change arbitrary passwords.
Tue, 7 Oct 08
personal_information_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4426
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the date parameter in a new action.
Tue, 7 Oct 08
personal_information_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4425
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.
Tue, 7 Oct 08
goocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4424
Cross-site scripting (XSS) vulnerability in index.php in Domain Group Network GooCMS 1.02 allows remote attackers to inject arbitrary web script or HTML via the s parameter in a comments action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 7 Oct 08
ovidentia
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4423
SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the item parameter in a contact modify action.
Tue, 7 Oct 08
aos, omniswitch
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4383
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.
Tue, 7 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4410
The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247.
Tue, 7 Oct 08
libxml2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4409
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML document, a different vulnerability than CVE-2003-1564 and CVE-2008-3281.
Tue, 7 Oct 08
mediawiki
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4408
Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, and possibly other versions before 1.13.2 allows remote attackers to inject arbitrary web script or HTML via the useskin parameter to an unspecified component.
Tue, 7 Oct 08
xsabre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4407
XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service (application unavailability) by creating a /tmp/sabre.log file that cannot be overwritten.
Tue, 7 Oct 08
xsabre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4406
A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to delete or overwrite arbitrary files via a symlink attack on unspecified .tmp files.
Sat, 4 Oct 08
libvirt
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4405
libvirt 0.3.3 relies on files located under subdirectories of /local/domain in xenstore despite lack of protection against modification by Xen guest virtual machines, which allows guest OS users to have an unspecified impact, as demonstrated by writing to (1) the text console (console/tty) or (2) the VNC port for the graphical framebuffer.
Sat, 4 Oct 08
lighttpd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4360
mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.
Sat, 4 Oct 08
lighttpd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4359
lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.
Sat, 4 Oct 08
fedora, kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3833
The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory, a different vulnerability than CVE-2008-4210.
Sat, 4 Oct 08
fedora
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3832
A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function.
Sat, 4 Oct 08
zseries
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4404
The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeries servers does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476.
Sat, 4 Oct 08
officescan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4403
The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via crafted HTTP headers, related to the "error handling mechanism."
Sat, 4 Oct 08
officescan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4402
Multiple buffer overflows in CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to execute arbitrary code via unspecified vectors.
Sat, 4 Oct 08
enterprise_linux, enterprise_linux_desktop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3825
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
Sat, 4 Oct 08
freebsd, ftos, jnos, netbsd, openbsd, vxworks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2476
The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).
Sat, 4 Oct 08
officescan, worry_free_business_security
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2439
Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from t...
Sat, 4 Oct 08
blosxom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2236
Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the flav parameter (flavour variable). NOTE: some of these details are obtained from third party information.
Sat, 4 Oct 08
filealyzer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4396
Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and 1.6.0.4 beta, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via an executable with malformed version data.
Sat, 4 Oct 08
konqueror
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4382
Konqueror in KDE 3.5.9 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters.
Sat, 4 Oct 08
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4381
Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters.
Sat, 4 Oct 08
insight_diagnostics
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3542
Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to read arbitrary files via unknown vectors.
Sat, 4 Oct 08
jasper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3522
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
Sat, 4 Oct 08
jasper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3521
The jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to overwrite arbitrary files via a symlink attack on a tmp.XXXXXXXXXX temporary file.
Sat, 4 Oct 08
jasper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
Fri, 3 Oct 08
e10000_appliance, smtp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2831
Multiple cross-site scripting (XSS) vulnerabilities in the delegated spam management feature in the Spam Quarantine Management (SQM) component in MailMarshal SMTP 6.0.3.8 through 6.3.0.0 allow user-assisted remote authenticated users to inject arbitrary web script or HTML via (1) the list of blocked senders or (2) the list of safe senders.
Thu, 2 Oct 08
dvr_shr2040
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4380
The web interface in Samsung DVR SHR2040 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, related to the filter for configuration properties and "/x" characters.
Thu, 2 Oct 08
hot_links_sql_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4379
Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Thu, 2 Oct 08
hot_links_sql_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4378
SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 2 Oct 08
creator_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4377
SQL injection vulnerability in index.asp in Creative Mind Creator CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the sideid parameter.
Thu, 2 Oct 08
live_tv_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4376
SQL injection vulnerability in index.php in Live TV Script allows remote attackers to execute arbitrary SQL commands via the mid parameter.
Thu, 2 Oct 08
availscript_classmate_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4375
SQL injection vulnerability in viewprofile.php in Availscript Classmate Script allows remote attackers to execute arbitrary SQL commands via the p parameter.
Thu, 2 Oct 08
cms_buzz
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4374
SQL injection vulnerability in index.php in CMS Buzz allows remote attackers to execute arbitrary SQL commands via the id parameter in a playgame action.
Thu, 2 Oct 08
availscript_jobs_portal_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4373
SQL injection vulnerability in job_seeker/applynow.php in AvailScript Job Portal Script allows remote attackers to execute arbitrary SQL commands via the jid parameter.
Thu, 2 Oct 08
availscript_article_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4372
Cross-site scripting (XSS) vulnerability in articles.php in AvailScript Article Script allows remote attackers to inject arbitrary web script or HTML via the aIDS parameter.
Thu, 2 Oct 08
availscript_article_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4371
SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter.
Thu, 2 Oct 08
availscript_photo_album
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4370
Multiple cross-site scripting (XSS) vulnerabilities in Availscript Photo Album allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to pics.php and the (2) a parameter to view.php.
Thu, 2 Oct 08
availscript_photo_album
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4369
SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter.
Thu, 2 Oct 08
mac_os_x
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4368
The default configuration of Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 contains a jurisdiction policy that limits Java Cryptography Extension (JCE) key sizes to 128 bits, which makes it easier for attackers to decrypt ciphertext produced by JCE.
Thu, 2 Oct 08
camera_life
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4366
Unrestricted file upload vulnerability in the image upload component in Camera Life 2.6.2b4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a user directory under images/photos/upload.
Thu, 2 Oct 08
siteman
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4365
Cross-site scripting (XSS) vulnerability in search.php in Siteman 1.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 2 Oct 08
parsaweb_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4364
SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CMS allows remote attackers to execute arbitrary SQL commands via the (1) id parameter in the "page" page and (2) txtSearch parameter in the "Search" page.
Thu, 2 Oct 08
deslock
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4363
DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.
Thu, 2 Oct 08
deslock
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4362
The Virtual Token driver (vdlptokn.sys) 1.0.2.43 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) via a crafted IOCTL request to \Device\DLPTokenWalter0.
Thu, 2 Oct 08
powerportal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4361
Directory traversal vulnerability in PowerPortal 2.0.13 allows remote attackers to list and possibly read arbitrary files via a .. (dot dot) in the path parameter to the default URI.
Thu, 2 Oct 08
spaw_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4358
Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name.
Thu, 2 Oct 08
plink
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4357
SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 2 Oct 08
kasseler_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4356
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to ...
Thu, 2 Oct 08
pforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4355
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 2 Oct 08
iboutique
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4354
SQL injection vulnerability in the products module in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php.
Thu, 2 Oct 08
linkarity
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4353
SQL injection vulnerability in link.php in Linkarity allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: although one component of Linkarity is distributable PHP code, this issue might be site-specific. If so, it should not be included in CVE.
Thu, 2 Oct 08
phpsmartcom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4352
SQL injection vulnerability in inc/pages/viewprofile.php in phpSmartCom 0.2 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a viewprofile action to index.php.
Thu, 2 Oct 08
phpsmartcom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4351
Directory traversal vulnerability in index.php in phpSmartCom 0.2 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the p parameter.
Thu, 2 Oct 08
tutorial_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4350
SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
Thu, 2 Oct 08
paranews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4349
Multiple cross-site scripting (XSS) vulnerabilities in news.php in s0nic Paranews 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) page parameter in a details action.
Thu, 2 Oct 08
phportfolio
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4348
SQL injection vulnerability in photo.php in PHPortfolio allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 2 Oct 08
pnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4347
SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
Thu, 2 Oct 08
talkback
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4346
Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to comments.php, a different vector than CVE-2008-3371.
Thu, 2 Oct 08
webportal_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4345
SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.
Thu, 2 Oct 08
6rbscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4344
SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
Thu, 2 Oct 08
chilkat_xml_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4343
The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the (1) SaveToFile, (2) SaveToTempFile, or (3) AppendBinary method. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: this can be leveraged for remote code execution by accessing files using hcp:// URLs.
Thu, 2 Oct 08
burnaware, cdburnerxp, numedia_dvd_burning_sdk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4342
NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control (NMSDVDX.dll) 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, and possibly other products, allows remote attackers to overwrite and create arbitrary files via calls to the EnableLog and LogMessage methods. NOTE: this issue might only be exploitable in limited environments or non-default browser settings. NOTE: some of these details are obtained from third party information. NOTE: this can be l...
Thu, 2 Oct 08
myblog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4341
add.php in MyBlog 0.9.8 and earlier allows remote attackers to bypass authentication and gain administrative access by setting a cookie with admin=yes and login=admin.
Thu, 2 Oct 08
chrome
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4340
Google Chrome 0.2.149.29 and 0.2.149.30 allows remote attackers to cause a denial of service (memory consumption) via an HTML document containing a carriage return ("\r\n\r\n") argument to the window.open function.
Thu, 2 Oct 08
netbackup_enterprise_server, netbackup_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4339
Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 before 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to "bpjava* binaries."
Thu, 2 Oct 08
brilliant_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4338
SQL injection vulnerability in the brilliant_gallery_checklist_save function in the bgchecklist/save script in Brilliant Gallery 5.x and 6.x, a module for Drupal, allows remote authenticated users with "access brilliant_gallery" permissions to execute arbitrary SQL commands via the (1) nid, (2) qid, (3) state, and possibly (4) user parameters.
Thu, 2 Oct 08
bitweaver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4337
Cross-site scripting (XSS) vulnerability in Bitweaver 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to (1) edit.php and (2) list.php in articles/; (3) list_blogs.php and (4) rankings.php in blogs/; (5) calendar/index.php; (6) calendar.php, (7) index.php, and (8) list_events.php in events/; (9) index.php and (10) list_galleries.php in fisheye/; (11) liberty/list_content.php; (12) newsletters/edition.php; (13) pigeonholes/list.php; (14) recommends/in...
Thu, 2 Oct 08
atomic_photo_album
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4336
Cross-site scripting (XSS) vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to inject arbitrary web script or HTML via the apa_album_ID parameter.
Thu, 2 Oct 08
atomic_photo_album
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4335
SQL injection vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to execute arbitrary SQL commands via the apa_album_ID parameter.
Thu, 2 Oct 08
php_infoboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4334
PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1.
Thu, 2 Oct 08
php_infoboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4333
Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus allows remote attackers to inject arbitrary web script or HTML via the idcat parameter in a newtopic action.
Thu, 2 Oct 08
php_infoboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4332
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php.
Thu, 2 Oct 08
phpocs
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4331
Directory traversal vulnerability in library/pagefunctions.inc.php in phpOCS 0.1 beta3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to index.php.
Thu, 2 Oct 08
lansuite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4330
Directory traversal vulnerability in index.php in LanSuite 3.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the design parameter.
Wed, 1 Oct 08
openengine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4329
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter.
Wed, 1 Oct 08
easyrealtorpro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4328
SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the (1) item, (2) search_ordermethod, and (3) search_order parameters.
Wed, 1 Oct 08
ruby_on_rails
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4094
Multiple SQL injection vulnerabilities in ActiveRecord in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters.
Wed, 1 Oct 08
windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4327
gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly handle crafted .ico files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a certain crash.ico file on a web site, and allows user-assisted attackers to cause a denial of service (divide-by-zero error and persistent application crash) via this crash.ico file on the desktop, a different vulnerability than CVE-2007-2237.
Wed, 1 Oct 08
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4326
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "
Wed, 1 Oct 08
viewvc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4325
lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the HTTP request for the Content-Type header in the HTTP response, which allows remote attackers to cause content to be misinterpreted by the browser via a content-type parameter that is inconsistent with the requested object. NOTE: this issue might not be a vulnerability, since it requires attacker access to the repository that is being viewed.
Wed, 1 Oct 08
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4324
The user interface event dispatcher in Mozilla Firefox 3.0.3 on Windows XP SP2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a series of keypress, click, onkeydown, onkeyup, onmousedown, and onmouseup events.
Wed, 1 Oct 08
windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4323
Windows Explorer in Microsoft Windows XP SP3 allows user-assisted attackers to cause a denial of service (application crash) via a crafted .ZIP file.
Wed, 1 Oct 08
realwin_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4322
Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin Server 2.0, as distributed by DATAC, allows remote attackers to execute arbitrary code via a crafted FC_INFOTAG/SET_CONTROL packet.
Wed, 1 Oct 08
flashget_ftp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4321
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.
Wed, 1 Oct 08
mplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3827
Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.
Wed, 1 Oct 08
opennms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4320
Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.5.94 allow remote attackers to inject arbitrary web script or HTML via (1) the j_username parameter to j_acegi_security_check, (2) the username parameter to notification/list.jsp, and (3) the filter parameter to event/list.
Wed, 1 Oct 08
php_filemanager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4319
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string.
Wed, 1 Oct 08
observer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4318
Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
Wed, 1 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4302
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.
Wed, 1 Oct 08
iis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4301
A certain ActiveX control in iisext.dll in Microsoft Internet Information Services (IIS) allows remote attackers to set a password via a string argument to the SetPassword method.
Wed, 1 Oct 08
iis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4300
A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote attackers to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method.
Wed, 1 Oct 08
internet_authentication_service_helper_com_component
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4299
A certain ActiveX control in the Microsoft Internet Authentication Service (IAS) Helper COM Component in iashlpr.dll allows remote attackers to cause a denial of service (browser crash) via a large integer value in the first argument to the PutProperty method.
Wed, 1 Oct 08
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4210
fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O.
Wed, 1 Oct 08
cman
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4192
The pserver_shutdown function in fence_egenera in cman 2.20080629 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.
Wed, 1 Oct 08
flatpress
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4120
Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) pass parameter to login.php, or the (3) name parameter to contact.php.