Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Sat, 31 Jan 09
rianxosencabos_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6014
SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 31 Jan 09
freeway
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6013
Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 allow remote attackers to execute arbitrary SQL commands via unspecified vectors involving the (1) advanced search result and (2) service resource pages.
Sat, 31 Jan 09
pritlog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6012
Directory traversal vulnerability in index.php in Pritlog 0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a viewEntry action.
Sat, 31 Jan 09
sg_real_estate_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6011
SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
Sat, 31 Jan 09
sg_real_estate_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6010
Multiple directory traversal vulnerabilities in SG Real Estate Portal 2.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod, (2) page, or (3) lang parameter to index.php; or the (4) action or (5) folder parameter in a security request to admin/index.php.
Sat, 31 Jan 09
sg_real_estate_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6009
SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1.
Sat, 31 Jan 09
hybook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6008
hyBook Guestbook Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for hyBook.mdb.
Sat, 31 Jan 09
bookmarks_favourites_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6007
SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 31 Jan 09
micronation_banking_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6006
Multiple PHP remote file inclusion vulnerabilities in Micronation Banking System (minba) 1.5.0 allow remote attackers to execute arbitrary PHP code via a URL in the minsoft_path parameter to (1) utdb_access.php and (2) utgn_message.php in utility/.
Sat, 31 Jan 09
winftp_ftp_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0351
Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remote authenticated users to execute arbitrary code via a long LIST argument beginning with an * (asterisk) character.
Sat, 31 Jan 09
media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0350
Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information.
Sat, 31 Jan 09
ftpshell_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0349
Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string in a licensing key (aka .key) file.
Sat, 31 Jan 09
java_system_access_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0348
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Sat, 31 Jan 09
ultraseek
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0347
Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
Sat, 31 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0346
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection.
Sat, 31 Jan 09
fire_x2100_m2, fire_x2200_m2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0345
Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6648082, a different vulnerability than CVE-2007-5717.
Sat, 31 Jan 09
fire_x2100_m2, fire_x2200_m2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0344
Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6633175, a different vulnerability than CVE-2007-5717.
Sat, 31 Jan 09
systrace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0343
Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.
Sat, 31 Jan 09
systrace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0342
Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
Sat, 31 Jan 09
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0341
The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers to execute arbitrary code via a long VALUE attribute in an INPUT element, possibly related to a stack consumption vulnerability.
Fri, 30 Jan 09
simple_php_newsletter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0340
Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
Fri, 30 Jan 09
blog_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0339
SQL injection vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action.
Fri, 30 Jan 09
blog_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0338
Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action.
Fri, 30 Jan 09
CVE-2009-0337 (blogit!)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0337
SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 30 Jan 09
CVE-2009-0336 (blogit!)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0336
Katy Whitton BlogIt! stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for database/Blog.mdb. NOTE: some of these details are obtained from third party information.
Fri, 30 Jan 09
CVE-2009-0335 (blogit!)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0335
Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter.
Fri, 30 Jan 09
CVE-2009-0334 (blogit!)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0334
SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action.
Fri, 30 Jan 09
com_waticketsystem
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0333
SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
Fri, 30 Jan 09
avbooklibrary
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0332
Multiple SQL injection vulnerabilities in AV Book Library before 1.1 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/edit.php, (2) admin/add.php, (3) lib/book_search.php, and possibly other components.
Fri, 30 Jan 09
espg
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0331
Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as a vulnerability in ESPG.
Fri, 30 Jan 09
simple_content_management_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0330
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Fri, 30 Jan 09
com_pccookbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0329
SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844.
Fri, 30 Jan 09
digital_sales_ipn
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0328
ROBS-PROJECTS Digital Sales IPN (aka DS-IPN.NET or DS-IPN Paypal Shop) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for Database/Sales.mdb.
Fri, 30 Jan 09
free_bible_search_php_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0327
SQL injection vulnerability in readbible.php in Free Bible Search PHP Script 1.0 allows remote attackers to execute arbitrary SQL commands via the version parameter.
Fri, 30 Jan 09
dark_age_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0326
SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 30 Jan 09
ninja_blog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0325
Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.
Fri, 30 Jan 09
bibciter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0324
Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) idp parameter to reports/projects.php, the (2) idc parameter to reports/contacts.php, and the (3) idu parameter to reports/users.php.
Fri, 30 Jan 09
amaya
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0323
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
Fri, 30 Jan 09
amaya_web_browser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6005
Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs.
Fri, 30 Jan 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0322
drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.
Fri, 30 Jan 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0321
Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (dot dot) sequence.
Fri, 30 Jan 09
windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0320
Microsoft Windows XP, Server 2003 and 2008, and Vista exposes I/O activity measurements of all processes, which allows local users to obtain sensitive information, as demonstrated by reading the I/O Other Bytes column in Task Manager (aka taskmgr.exe) to estimate the number of characters that a different user entered at a runas.exe password prompt, related to a "benchmarking attack."
Fri, 30 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0319
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."
Fri, 30 Jan 09
netweaver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3358
Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.
Fri, 30 Jan 09
aj_auction
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6004
Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter.
Fri, 30 Jan 09
aj_auction
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6003
SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter.
Fri, 30 Jan 09
web-cp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6002
Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when register_globals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parameter.
Fri, 30 Jan 09
adnforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6001
index.php in ADN Forum 1.0b and earlier allows remote attackers to bypass authentication and gain sysop access via a fpusuario cookie composed of an initial sysop: string, an arbitrary password field, and a final :sysop:0 string.
Fri, 30 Jan 09
antivirus_2008, internetsecurity_2008, totalcare_2008
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6000
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents.
Thu, 29 Jan 09
ajax_checklist
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5999
Cross-site scripting (XSS) vulnerability in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal allows remote authenticated users, with create and edit permissions for posts, to inject arbitrary web script or HTML via unspecified vectors involving the ajax_checklist filter.
Thu, 29 Jan 09
ajax_checklist
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5998
Multiple SQL injection vulnerabilities in the ajax_checklist_save function in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal allow remote authenticated users, with "update ajax checklists" permissions, to execute arbitrary SQL commands via a save operation, related to the (1) nid, (2) qid, and (3) state parameters.
Thu, 29 Jan 09
omnicom_content_platform
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5997
Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform (OCP) 2.0 allows remote attackers to list arbitrary directories via a full pathname in the root parameter.
Thu, 29 Jan 09
simplenews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5996
Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x before 5.x-1.5 and 6.x before 6.x-1.0-beta4, a module for Drupal, allows remote authenticated users, with "administer taxonomy" permissions, to inject arbitrary web script or HTML via a Newsletter category field.
Thu, 29 Jan 09
freecap_captcha_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5995
Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 29 Jan 09
connectra_ngx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5994
Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 29 Jan 09
barcodegen_1d
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5993
Directory traversal vulnerability in image.php in Barcode Generator 1D (barcodegen) 2.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the code parameter.
Thu, 29 Jan 09
jetik_emlak_sistem_a
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5992
Multiple SQL injection vulnerabilities in Jetik Emlak Sistem A (ESA) 2.0 allow remote attackers to execute arbitrary SQL commands via the KayitNo parameter to (1) diger.php and (2) sayfalar.php.
Thu, 29 Jan 09
mailwatch
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5991
Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the doc parameter.
Thu, 29 Jan 09
emergecolab
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5990
Directory traversal vulnerability in connect/init.inc in emergecolab 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sitecode parameter to connect/index.php.
Thu, 29 Jan 09
phpcounter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5989
Directory traversal vulnerability in defs.php in PHPcounter 1.3.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter.
Thu, 29 Jan 09
jadu_cms_for_government
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5988
SQL injection vulnerability in scripts/recruit_details.php in Jadu CMS for Government allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 29 Jan 09
gnumeric
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0318
Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
nautilus-python
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0317
Untrusted search path vulnerability in the Python language bindings for Nautilus (nautilus-python) allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
vim
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0316
Untrusted search path vulnerability in the Python module in vim allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
xchat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0315
Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
gedit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0314
Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
eog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5987
Untrusted search path vulnerability in the Python interface in eog 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
csound
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5986
Untrusted search path vulnerability in the (1) "VST plugin with Python scripting" and (2) "VST plugin for writing score generators in Python" in Csound 5.08.2, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
epiphany
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5985
Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
dia
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5984
Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Thu, 29 Jan 09
winetricks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0313
winetricks before 20081223 allows local users to overwrite arbitrary files via a symlink attack on the x_showmenu.txt temporary file.
Thu, 29 Jan 09
python
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5983
Untrusted search path vulnerability in the PySys_SetArgv API function in Python before 2.6 prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory.
Thu, 29 Jan 09
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0312
Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content.
Thu, 29 Jan 09
CVE-2009-0042 (anti-spyware, anti-spyware_for_the_enterprise, anti-virus, anti-virus_for_the_ent...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0042
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.
Thu, 29 Jan 09
imail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2795
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon.
Thu, 29 Jan 09
autostart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0311
The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 allows remote attackers to execute arbitrary code via a packet with a crafted value that is dereferenced as a function pointer.
Thu, 29 Jan 09
patrol_agent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5982
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.
Thu, 29 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0304
The kernel in Sun Solaris 10 and 11 snv_101b allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, as demonstrated by SunOSipv6.c.
Thu, 29 Jan 09
web_help_desk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0303
Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa.
Thu, 29 Jan 09
downloads_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0302
SQL injection vulnerability in the Downloads 8.0 module for PHP-Nuke, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
Thu, 29 Jan 09
flexcell_grid_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0301
Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in FlexCell Grid Control 5.6.9 allow remote attackers to create and overwrite arbitrary files via the (1) SaveFile and (2) ExportToXML methods.
Thu, 29 Jan 09
newscmslite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0300
NewsCMSlite allows remote attackers to bypass authentication and gain administrative access by setting the loggedIn cookie to "xY1zZoPQ".
Thu, 29 Jan 09
glinks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0299
SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Thu, 29 Jan 09
barcode_activex
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0298
Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control (Barcode.MW6Barcode.1, Barcode.dll) 3.0.0.1 allows remote attackers to execute arbitrary code via a long Supplement property.
Thu, 29 Jan 09
clickauction
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0297
SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.
Thu, 29 Jan 09
script_toko_online
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0296
SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Thu, 29 Jan 09
itpoll
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0295
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 29 Jan 09
wbnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0294
Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) search.php, (2) archive.php, (3) comments.php, and (4) news.php; (5) News.php, (6) SendFriend.php, (7) Archive.php, and (8) Comments.php in base/; and possibly other components, different vectors than CVE-2007-1288.
Thu, 29 Jan 09
wazzum_dating_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0293
SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the userid parameter.
Thu, 29 Jan 09
shop-inet
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0292
SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter.
Thu, 29 Jan 09
openx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0291
Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter.
Thu, 29 Jan 09
corporate_server, cups, linux, multi_network_firewall
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0032
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
Wed, 28 Jan 09
gnuboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0290
Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the g4_path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share pathname.
Wed, 28 Jan 09
tftputil
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0289
k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to cause a denial of service (service crash) via a long filename in a crafted request.
Wed, 28 Jan 09
tftputil
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0288
Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request.
Wed, 28 Jan 09
CVE-2009-0287
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0287
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.
Wed, 28 Jan 09
opengoo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0286
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter.
Wed, 28 Jan 09
bbsxp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0285
Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Wed, 28 Jan 09
flax_article_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0284
SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Wed, 28 Jan 09
oblog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0283
Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Wed, 28 Jan 09
rt73
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0282
Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and possibly other wireless card drivers, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error.
Wed, 28 Jan 09
walking_club
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0281
SQL injection vulnerability in login.aspx in WarHound Walking Club allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Wed, 28 Jan 09
asp-project
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0280
Asp Project Management 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the crypt cookie to 1.
Wed, 28 Jan 09
pardalcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0279
SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 28 Jan 09
java_system_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0278
Sun Java System Application Server (AS) 8.1 and 8.2 allows remote attackers to read the Web Application configuration files in the (1) WEB-INF or (2) META-INF directory via a malformed request.
Wed, 28 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0277
Unspecified vulnerability in the kernel in OpenSolaris snv_100 through snv_102 on the Sun UltraSPARC T2 and T2+ sun4v platforms allows local users to cause a denial of service (panic) via unknown vectors.
Wed, 28 Jan 09
pacpoll
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5981
PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) poll.mdb or (2) poll97.mdb.
Wed, 28 Jan 09
mailing_list_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5980
Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb.
Wed, 28 Jan 09
mailing_list_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5979
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter.
Wed, 28 Jan 09
mailing_list_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5978
Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp.
Wed, 28 Jan 09
php_jobwebsite_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5977
SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action.
Wed, 28 Jan 09
php_jobwebsite_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5976
Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO allow remote attackers to inject arbitrary web script or HTML via (1) the adname parameter in a Submit action or (2) the UserName field.
Wed, 28 Jan 09
active_price_comparison
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5975
SQL injection vulnerability in links.asp in Active Price Comparison 4.0 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 28 Jan 09
active_price_comparison
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5974
Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) username fields.
Wed, 28 Jan 09
active_web_mail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5973
SQL injection vulnerability in login.aspx in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
Wed, 28 Jan 09
active_business_directory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5972
SQL injection vulnerability in default.asp in Active Business Directory 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Wed, 28 Jan 09
orkut_clone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5971
Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to inject arbitrary web script or HTML via the id parameter.
Wed, 28 Jan 09
orkut_clone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5970
SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Wed, 28 Jan 09
e-flower
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5969
SQL injection vulnerability in popupproduct.php in Sunbyte e-Flower allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 27 Jan 09
phosheezy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0275
Static code injection vulnerability in admin.php in Ryneezy phoSheezy 0.2 allows remote authenticated administrators to inject arbitrary PHP code into config/header via the header parameter. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2009-0250. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 27 Jan 09
phpicalendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5968
Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cookie_language parameter in a phpicalendar_* cookie, a different vector than CVE-2006-1292.
Tue, 27 Jan 09
phpicalendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5967
admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web root.
Tue, 27 Jan 09
globsy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5966
globsy_edit.php in Globsy 1.0 and earlier allows remote attackers to create or overwrite arbitrary files via a filename in the file parameter and file contents in the data parameter.
Tue, 27 Jan 09
lokicms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5965
Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to check for the existence of arbitrary files via a .. (dot dot) in the page parameter.
Tue, 27 Jan 09
systemcastwizard_lite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0271
Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors.
Tue, 27 Jan 09
systemcastwizard_lite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0270
Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet.
Tue, 27 Jan 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0269
fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.
Tue, 27 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0268
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.
Tue, 27 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0267
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.
Tue, 27 Jan 09
media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0266
Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3l playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 27 Jan 09
bind
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0265
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
Tue, 27 Jan 09
systemcastwizard_lite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0264
Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors.
Tue, 27 Jan 09
axis_camera_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5260
Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value.
Tue, 27 Jan 09
winamp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0263
Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file.
Tue, 27 Jan 09
media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0262
Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information.
Tue, 27 Jan 09
total_video_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0261
Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary code via a Skins\DefaultSkin\DefaultSkin.ini file with a large ColumnHeaderSpan value.
Tue, 27 Jan 09
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0260
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with (1) the rename parameter or (2) the drawing parameter (aka the basename variable).
Tue, 27 Jan 09
impresscms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5964
Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Tue, 27 Jan 09
gravity-gtd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5963
Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter.
Tue, 27 Jan 09
gravity-gtd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5962
Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the objectname parameter.
Tue, 27 Jan 09
tribiq_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5961
Cross-site scripting (XSS) vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote attackers to inject arbitrary web script or HTML via the cID parameter in a document action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 27 Jan 09
tribiq_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5960
SQL injection vulnerability in index.php in Tribiq CMS Community 5.0.10B and 5.0.11E allows remote attackers to execute arbitrary SQL commands via the cID parameter in a document action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 27 Jan 09
active_test
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5959
Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information.
Tue, 27 Jan 09
active_test
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5958
Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp.
Tue, 27 Jan 09
mydyngallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5957
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.
Tue, 27 Jan 09
webboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5956
Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request to connect.inc.
Tue, 27 Jan 09
webboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5955
SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 27 Jan 09
ktp_computer_customer_database
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5954
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 27 Jan 09
ktp_computer_customer_database
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5953
Directory traversal vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to the default URI.
Tue, 27 Jan 09
ktp_computer_customer_database
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5952
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a vtech action to the default URI.
Tue, 27 Jan 09
template_creature
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5951
ASP Template Creature stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for workDB/templatemonster.mdb.
Tue, 27 Jan 09
template_creature
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5950
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter.
Tue, 27 Jan 09
cctiddly
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5949
Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 and 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the cct_base parameter to (1) index.php; (2) handle/proxy.php; (3) header.php, (4) include.php, and (5) workspace.php in includes/; and (6) plugins/RSS/files/rss.php.
Tue, 27 Jan 09
bncwi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5948
Directory traversal vulnerability in index.php in BNCwi 1.04 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter.
Sun, 25 Jan 09
CVE-2009-0259 (openoffice.org)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0259
The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remnote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841.
Sun, 25 Jan 09
typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0258
Unspecified vulnerability in the Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via unknown vectors related to the command-line indexer.
Sun, 25 Jan 09
typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0257
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files to the (a) Indexed Search Engine (indexed_search) system extension; (b) unspecified test scripts in the ADOdb system extension; and (c) unspecified vectors in the Workspace module.
Sun, 25 Jan 09
typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0256
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.
Sun, 25 Jan 09
typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0255
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.
Fri, 23 Jan 09
easyhdr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0254
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System (FITS) file. NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0253
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.
Fri, 23 Jan 09
unified_communications_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0057
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely."
Fri, 23 Jan 09
quicktime_mpeg-2_playback_component
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0008
Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie.
Fri, 23 Jan 09
security_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3820
Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
Fri, 23 Jan 09
mod_auth_mysql
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2384
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input.
Fri, 23 Jan 09
ereservations
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0252
Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
phosheezy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0251
Static code injection vulnerability in admin.php in Ryneezy phoSheezy 0.2 allows remote authenticated administrators to inject arbitrary PHP code into config/footer via the footer parameter. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2009-0250. NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
phosheezy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0250
Ryneezy phoSheezy 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the file containing the administrator's password hash via a direct request for config/password.
Fri, 23 Jan 09
rankem
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0249
Katy Whitton RankEm stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for database/topsites.mdb.
Fri, 23 Jan 09
rankem
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0248
Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter.
Fri, 23 Jan 09
web_im_2009
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0247
The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable.
Fri, 23 Jan 09
easyhdr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0246
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Radiance RGBE (aka .hdr) file.
Fri, 23 Jan 09
yapbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5947
PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the cfgIncludeDirectory parameter.
Fri, 23 Jan 09
php-fusion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5946
SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
Fri, 23 Jan 09
nukeviet
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5945
Nukeviet 2.0 Beta allows remote attackers to bypass authentication and gain administrative access by setting the admf cookie to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 23 Jan 09
navboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5944
Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 (2.6.0) allows remote attackers to inject arbitrary web script or HTML via the module parameter.
Fri, 23 Jan 09
navboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5943
Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to (1) admin_modules.php and (2) modules.php.
Fri, 23 Jan 09
modxcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5942
Multiple cross-site scripting (XSS) vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the preserveUrls function and (2) "username input." NOTE: vector 2 may be related to CVE-2008-5939.
Fri, 23 Jan 09
modxcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5941
Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
Fri, 23 Jan 09
modxcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5940
SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the searchid parameter. NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
modxcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5939
Cross-site scripting (XSS) vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in the id parameter, possibly related to snippet.ditto.php.
Fri, 23 Jan 09
modxcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5938
PHP remote file inclusion vulnerability in assets/snippets/reflect/snippet.reflect.php in MODx CMS 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the reflect_base parameter.
Fri, 23 Jan 09
mynets
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0245
Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4629.
Fri, 23 Jan 09
ayeview
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5937
AyeView 2.20 allows user-assisted attackers to cause a denial of service (memory consumption or application crash) via a bitmap (aka .bmp) file with large height and width values.
Fri, 23 Jan 09
mini-pub
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5936
front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP source code via a filename in the sFileName parameter.
Fri, 23 Jan 09
windows_mobile
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0244
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Fri, 23 Jan 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0243
Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, which allows physically proximate attackers to execute arbitrary code by (1) inserting CD-ROM media, (2) inserting DVD media, (3) connecting a USB device, and (4) connecting a Firewire device; (5) allows user-assisted remote attackers to execute arbitrary code by mapping a network drive; and allows user-assisted attackers to execute arbitrary code by clicking on (6) an icon under My Computer\Device...
Fri, 23 Jan 09
squirrelmail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0030
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3663.
Fri, 23 Jan 09
jackrabbit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0026
Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp.
Fri, 23 Jan 09
quicktime
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0007
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QuickTime movie file containing crafted JPEG atoms.
Fri, 23 Jan 09
quicktime
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0006
Integer signedness error in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted Cinepak encoded movie file that triggers a heap-based buffer overflow.
Fri, 23 Jan 09
quicktime
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0005
Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption.
Fri, 23 Jan 09
quicktime
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0004
Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file.
Fri, 23 Jan 09
quicktime
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0003
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted AVI movie file.
Fri, 23 Jan 09
quicktime
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0002
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms.
Fri, 23 Jan 09
quicktime
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0001
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted RTSP URL.
Fri, 23 Jan 09
internet_security_2007, internet_security_2008, officescan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3866
The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.
Fri, 23 Jan 09
internet_security_2007, internet_security_2008, officescan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3865
Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.
Fri, 23 Jan 09
internet_security_2007, internet_security_2008, officescan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3864
The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field.
Fri, 23 Jan 09
factosystem_weblog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5935
Facto stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for database/facto.mdb. NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
cms_isweb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5934
SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the id_sezione parameter.
Fri, 23 Jan 09
cms_isweb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5933
Multiple cross-site scripting (XSS) vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the strcerca parameter (aka the input field for the cerca action) or (2) the id_oggetto parameter. NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
freeforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5932
CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for _private/CAForum.mdb. NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
aspired2blog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5931
The Net Guys ASPired2Blog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for admin/blog.mdb. NOTE: some of these details are obtained from third party information.
Fri, 23 Jan 09
aspired2blog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5930
SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter.
Thu, 22 Jan 09
vp-asp_shopping_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5929
VP-ASP Shopping Cart 6.50 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database containing the password via a direct request for database/shopping650.mdb. NOTE: some of these details are obtained from third party information.
Thu, 22 Jan 09
flds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5928
SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 22 Jan 09
flexphpnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5927
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote attackers to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of these details are obtained from third party information.
Thu, 22 Jan 09
internal_e-mail_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5926
Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote attackers to execute arbitrary SQL commands via the (1) login parameter (aka user field) or the (2) password parameter (aka pass field). NOTE: some of these details are obtained from third party information.
Thu, 22 Jan 09
xm_events_diary
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5925
ASP-DEv XM Events Diary stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for diary.mdb.
Thu, 22 Jan 09
xm_events_diary
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5924
SQL injection vulnerability in diary_viewC.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 22 Jan 09
xm_events_diary
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5923
SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands the cat parameter.
Thu, 22 Jan 09
cfagcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5922
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Cant Find A Gaming CMS (CFAGCMS) 1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) main and (2) right parameters.
Thu, 22 Jan 09
songs_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5921
SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 22 Jan 09
ganglia
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0242
Ganglia 3.1.1 allows remote attackers to cause a denial of service via a request to the gmetad service with a path does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth.
Thu, 22 Jan 09
ganglia
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0241
Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a denial of service (crash) via a request to the gmetad service with a long pathname.
Thu, 22 Jan 09
websvn
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0240
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.
Thu, 22 Jan 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0031
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
Thu, 22 Jan 09
websvn
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5920
The create_anchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary PHP code via a crafted username that is processed by the preg_replace function with the eval switch.
Thu, 22 Jan 09
websvn
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5919
Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter.
Thu, 22 Jan 09
websvn
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5918
Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Thu, 22 Jan 09
application_framework
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5917
Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes.
Thu, 22 Jan 09
git
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5916
gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query.
Thu, 22 Jan 09
blackberry_enterprise_server, blackberry_professional_software, blackberry_unite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0219
The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.
Thu, 22 Jan 09
vuplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0182
Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.
Thu, 22 Jan 09
vuplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0181
Buffer overflow in VUPlayer allows user-assisted attackers to have an unknown impact via a long file, as demonstrated by a file composed entirely of 'A' characters.
Thu, 22 Jan 09
nfs-utils
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0180
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008-1376.
Thu, 22 Jan 09
libmikmod
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0179
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
Thu, 22 Jan 09
hardware_management_console
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0178
Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors.
Thu, 22 Jan 09
chrome
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5915
An unspecified function in the JavaScript implementation in Google Chrome creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tr...
Thu, 22 Jan 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5914
An unspecified function in the JavaScript implementation in Apple Safari creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tra...
Thu, 22 Jan 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5913
An unspecified function in the JavaScript implementation in Mozilla Firefox creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for ...
Wed, 21 Jan 09
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5912
An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE ide...
Wed, 21 Jan 09
git, linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5516
The web interface in git before 1.5.6.6-0.1-1 on rPath Linux 2 allows remote attackers to execute arbitrary commands via shell metacharacters in an unspecified context. NOTE: because of the lack of details, it is not clear whether CVE-2008-5516 and CVE-2008-5517 are distinct issues on the rPath Linux 2 platform.
Wed, 21 Jan 09
appstream_client
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4388
The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods.
Wed, 21 Jan 09
certificate_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2368
Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.
Wed, 21 Jan 09
certificate_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2367
Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.
Wed, 21 Jan 09
libmikmod
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6720
libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels.
Wed, 21 Jan 09
vmware_player, vmware_workstation
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0177
vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130 and earlier, and VMware Player 2.5.1 build 126130 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.
Wed, 21 Jan 09
blackberry_enterprise_server, blackberry_professional_software, blackberry_unite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0176
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."
Wed, 21 Jan 09
mp3_trackmaker
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0175
Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file.
Wed, 21 Jan 09
vuplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0174
Stack-based buffer overflow in VUPlayer 2.49 allows remote attackers to execute arbitrary code via a long .asf URI in the HREF attribute of a REF element in a .asx file.
Wed, 21 Jan 09
helix_server, helix_server_mobile
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5911
Multiple buffer overflows in RealNetworks Helix Server and Helix Mobile Server 11.x before 11.1.8 and 12.x before 12.0.1 allow remote attackers to (1) cause a denial of service via three crafted RTSP SETUP commands, or execute arbitrary code via (2) an NTLM authentication request with malformed base64-encoded data, (3) an RTSP DESCRIBE command, or (4) a DataConvertBuffer request.
Tue, 20 Jan 09
db2_universal_database
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0173
Unspecified vulnerability in the server in IBM DB2 9.1 before FP6a and 9.5 before FP3a allows remote attackers to cause a denial of service (trap) via a crafted data stream.
Tue, 20 Jan 09
db2_universal_database
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0172
Unspecified vulnerability in IBM DB2 9.1 before FP6a and 9.5 before FP3a allows remote attackers to cause a denial of service via a crafted CONNECT data stream.
Tue, 20 Jan 09
sparc_enterprise_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0171
The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows attackers to use the manufacturing root password and have unspecified other impact.
Tue, 20 Jan 09
java_system_access_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Tue, 20 Jan 09
java_system_access_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0169
Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.
Tue, 20 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0168
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.
Tue, 20 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0167
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."
Tue, 20 Jan 09
ironport_encryption_appliance, ironport_postx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0056
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
Tue, 20 Jan 09
ironport_encryption_appliance, ironport_postx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0055
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.
Tue, 20 Jan 09
ironport_encryption_appliance, ironport_postx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0054
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message.
Tue, 20 Jan 09
ironport_encryption_appliance, ironport_postx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0053
PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a "logic error."
Tue, 20 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5910
Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653462.
Tue, 20 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5909
Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors, related to improper handling of temporary files, aka Bug ID 6655641.
Tue, 20 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5908
Unspecified vulnerability in the root/boot archive tool in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653455.
Tue, 20 Jan 09
realvnc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4770
The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol data, related to "encoding type."
Tue, 20 Jan 09
unified_ip_phone_7940g, unified_ip_phone_7960g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4444
Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers.
Tue, 20 Jan 09
ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3821
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
Tue, 20 Jan 09
ons_15310-cl, ons_15310-ma, ons_15327, ons_15454, ons_15454sdh, ons_15600
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3818
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
Tue, 20 Jan 09
amarok
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0136
Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via an Audible Audio (.aa) file with a crafted (1) nlen or (2) vlen Tag value, each of which can lead to an invalid pointer dereference, or the writing of a 0x00 byte to an arbitrary memory location, after an allocation failure.
Tue, 20 Jan 09
amarok
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0135
Multiple integer overflows in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to execute arbitrary code via an Audible Audio (.aa) file with a large (1) nlen or (2) vlen Tag value, each of which triggers a heap-based buffer overflow.
Sat, 17 Jan 09
easy_grid_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0134
Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the (1) DoSaveFile or (2) DoSaveHtmlFile method. NOTE: vector 1 could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information.
Sat, 17 Jan 09
html_help_workshop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0133
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
Sat, 17 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0132
Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).
Sat, 17 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0131
The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call.
Sat, 17 Jan 09
erlang
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0130
** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value from the OpenSSL DSA_do_verify function, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE: a package maintainer disputes this issue, reporting that there is a proper check within the only code that uses the applicable part of crypto_drv.c, and thus "this report is invalid."
Sat, 17 Jan 09
libcrypt-openssl-dsa-perl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0129
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Sat, 17 Jan 09
slurm
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0128
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Sat, 17 Jan 09
m2crypto
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0127
** DISPUTED ** M2Crypto does not properly check the return value from the OpenSSL EVP_VerifyFinal, DSA_verify, ECDSA_verify, DSA_do_verify, and ECDSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE: a Linux vendor disputes the relevance of this report to the M2Crypto product because "these functions are not used anywhere in m2crypto."
Sat, 17 Jan 09
boinc_client
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0126
The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Sat, 17 Jan 09
libnasl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0125
nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library (aka libnasl) 2.2.11 does not properly check the return value from the OpenSSL DSA_do_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Sat, 17 Jan 09
tqsllib
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0124
The tqsl_verifyDataBlock function in openssl_cert.cpp in American Radio Relay League (ARRL) tqsllib 2.0 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Sat, 17 Jan 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0123
Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to read arbitrary files on a client machine via vectors related to the association of Safari with the (1) feed, (2) feeds, and (3) feedsearch URL types for RSS feeds. NOTE: as of 20090114, the only disclosure is a vague pre-advisory. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Sat, 17 Jan 09
hplip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0122
hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to correct the ownership of its configuration files within home directories.
Fri, 16 Jan 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0029
The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.
Fri, 16 Jan 09
libpng
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5907
The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.
Fri, 16 Jan 09
ktorrent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5906
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.
Fri, 16 Jan 09
ktorrent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5905
The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.
Fri, 16 Jan 09
xrdp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5904
The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow.
Fri, 16 Jan 09
xrdp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5903
Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member.
Fri, 16 Jan 09
xrdp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5902
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.
Fri, 16 Jan 09
CVE-1999-1593 (windows_286, windows_386, windows_95, windows_98, windows_98se, windows_9x, windo...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1593
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable.
Fri, 16 Jan 09
goople_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0121
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 16 Jan 09
websphere_datapower_xml_security_gateway_xs40
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0120
The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers to cause a denial of service (device reboot) by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data.
Fri, 16 Jan 09
internet_information_services
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1567
The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly protection mechanism, by using TRACK to read the contents of the HTTP headers that are returned in the response, a technique that is similar to cross-site tracing (XST) using HTTP TRACE.
Fri, 16 Jan 09
internet_information_services
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1566
Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, which allows remote attackers to obtain sensitive information without detection.
Fri, 16 Jan 09
windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0119
Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .chm file.
Fri, 16 Jan 09
asterisk_business_edition, open_source, s800i_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0041
IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Fri, 16 Jan 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4835
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficiently validating the buffer size," aka "SMB Validation Remote Code Execution Vulnerability."
Fri, 16 Jan 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4834
Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability."
Thu, 15 Jan 09
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5463
Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5462
Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0, MP1, 9.2, MP3, 8.1, and SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5461
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1, 9.0, 8.1, SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS.
Thu, 15 Jan 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5460
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1, and 9.0 allows remote attackers to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5459
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
e-business_suite, e-business_suite_12
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5458
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 and CU2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5457
Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1, 9.0, 8.1, SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5456
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5455
Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
e-business_suite_11i, e-business_suite_12
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5454
Unspecified vulnerability in the iProcurement component in Oracle E-Business Suite 11.5.10, CU2, and 12.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5452
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5451
Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.5 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
e-business_suite, e-business_suite_11i, e-business_suite_12
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5450
Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10, CU2, and 12.0.6 allows local users to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
enterprise_manager_grid_control_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5447
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
e-business_suite, e-business_suite_11i, e-business_suite_12
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5446
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10, CU2, and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5445
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5443
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors.
Thu, 15 Jan 09
application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5438
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors.
Thu, 15 Jan 09
application_server, application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4017
Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
collaboration_suite, collaboration_suite_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4016
Unspecified vulnerability in the Collaborative Workspaces component in Oracle Collaboration Suite 10.1.2 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4014
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server None allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4007
Unspecified vulnerability in the PeopleSoft Enterprise Components component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
jdeveloper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2623
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5449
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5448
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5444
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5442
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5441
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors.
Thu, 15 Jan 09
timesten_in-memory_database
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5440
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5439
Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
database_10g, database_11i, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5437
Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB.
Thu, 15 Jan 09
database_10g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5436
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors.
Thu, 15 Jan 09
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4015
Unspecified vulnerability in the Oracle Streams component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_STREAMS_AUTH.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4006
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 15 Jan 09
database_10g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3999
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
Thu, 15 Jan 09
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3997
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect availability, related to SYS.DBMS_XSOQ_ODBO.
Thu, 15 Jan 09
secure_backup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3981
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3979
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3978
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 15 Jan 09
database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3974
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
Thu, 15 Jan 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3973
Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local users to affect confidentiality via unknown vectors.
Thu, 15 Jan 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0024
The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the mmap_region and do_munmap functions.
Thu, 15 Jan 09
opensuse
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5517
The web interface in git in SUSE openSUSE 10.3 allows remote attackers to execute arbitrary commands via shell metacharacters in an unspecified context.
Thu, 15 Jan 09
developers_image_library
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5262
Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.
Thu, 15 Jan 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4307
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.
Tue, 13 Jan 09
iyzi_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5901
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for db/iyziforum.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
articles
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5900
CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAArticles.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
freeforall
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5899
CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFFAPage.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
directory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5898
CodeAvalanche Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CADirectory.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
freewallpaper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5897
CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFreeWallpaper.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
ratemysite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5896
CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CARateMySite.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
mediatheka
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5895
SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.
Tue, 13 Jan 09
mediatheka
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5894
Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Tue, 13 Jan 09
click&email
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5893
Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action.
Tue, 13 Jan 09
click&email
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5892
Multiple SQL injection vulnerabilities in ClickAndEmail allow remote attackers to execute arbitrary SQL commands via (1) the ID parameter to admin_dblayers.asp in an update action, (2) the adminid parameter to admin_loginCheck.asp (aka the USERNAME field in admin_main.asp), and (3) the PassWord parameter to admin_loginCheck.asp (aka the PASSWORD field in admin_main.asp). NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
injader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5891
Cross-site scripting (XSS) vulnerability in the profile editing functionality in Injader before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
injader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5890
SQL injection vulnerability in feeds.php in Injader before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
click&rank
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5889
Cross-site scripting (XSS) vulnerability in user.asp in Click&Rank allows remote attackers to inject arbitrary web script or HTML via the action parameter.
Tue, 13 Jan 09
click&rank
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5888
Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hitcounter.asp, (2) user_delete.asp, and (3) user_update.asp; (4) the userid parameter to admin_login.asp (aka the USERNAME field in admin.asp); and (5) the PassWord parameter to admin_login.asp (aka the PASSWORD field in admin.asp). NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
phplist
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5887
phplist before 2.10.8 allows remote attackers to include files via unknown vectors, related to a "local file include vulnerability."
Tue, 13 Jan 09
discussion_web
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5886
TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for _private/discussion.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
aspired2quote
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5885
The Net Guys ASPired2Quote stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for admin/quote.mdb. NOTE: some of these details are obtained from third party information.
Tue, 13 Jan 09
ayeview
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5884
AyeView 2.20 allows user-assisted attackers to cause a denial of service (application crash) via a GIF file with a malformed header.
Tue, 13 Jan 09
mini-pub
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5883
Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.
Sat, 10 Jan 09
xstandard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0113
Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.
Sat, 10 Jan 09
poll_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0112
Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.asp in PollPro 3.0 allows remote attackers to create or modify accounts as administrators via the username, password, and name parameters.
Sat, 10 Jan 09
goople_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0111
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
Sat, 10 Jan 09
riotpix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0110
SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
Sat, 10 Jan 09
riotpix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0109
SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
Sat, 10 Jan 09
phpauctions
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0108
PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies.
Sat, 10 Jan 09
phpauctions
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0107
Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.
Sat, 10 Jan 09
phpauctions
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0106
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
Sat, 10 Jan 09
ezpack
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0105
Cross-site scripting (XSS) vulnerability in index.php in EZpack 4.2b2 allows remote attackers to inject arbitrary web script or HTML via the mdfd parameter in a prog action.
Sat, 10 Jan 09
ezpack
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0104
SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action.
Sat, 10 Jan 09
playsms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0103
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php.
Sat, 10 Jan 09
application_gateway, broadcast_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5882
SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) before 6.1, as used by Avaya AG250 - Broadcast Server before 2.0 and possibly other products, allows remote attackers to execute arbitrary SQL commands via the txtUID parameter.
Sat, 10 Jan 09
playsms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5881
Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php.
Sat, 10 Jan 09
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0072
Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of service (application crash) via an onload=screen[""] attribute value in a BODY element.
Sat, 10 Jan 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0071
Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call.
Sat, 10 Jan 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0070
Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issue to CVE-2008-2307.
Sat, 10 Jan 09
service_level_management, service_metric_analysis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0043
The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors.
Fri, 9 Jan 09
gobbl_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5880
admin/auth.php in Gobbl CMS 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "ok".
Fri, 9 Jan 09
phpclanwebsite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5879
Cross-site scripting (XSS) vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors.
Fri, 9 Jan 09
phpclanwebsite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5878
Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the (1) boxname parameter to theme/superchrome/box.php and the (2) theme parameter to phpclanwebsite/footer.php.
Fri, 9 Jan 09
phpclanwebsite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5877
Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) form_id parameter to pcw/processforms.php, (3) pcwlogin and (4) pcw_pass parameters to pcw/setlogin.php, (5) searchvalue parameter to pcw/downloads.php, and the (6) searchvalue and (7) whichfield parameter to pcw/downloads.php, a different vector than CVE-2006-0...
Fri, 9 Jan 09
irrlicht
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5876
Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors in the B3D loader.
Fri, 9 Jan 09
com_lowcosthotels, hotel_booking_reservation_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5875
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
Fri, 9 Jan 09
com_5starhotels, com_allhotels, hotel_booking_reservation_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5874
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.
Fri, 9 Jan 09
sap_gui, sizerone, tabone, tsc2_help_desk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4827
Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions.
Fri, 9 Jan 09
CVE-2008-3819 (gss_4480_global_site_selector, gss_4490_global_site_selector, gss_4491_global_sit...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3819
dnsserver in Cisco Application Control Engine Global Site Selector (GSS) before 3.0(1) allows remote attackers to cause a denial of service (daemon crash) via a series of crafted DNS requests, aka Bug ID CSCsj70093.
Fri, 9 Jan 09
openview_network_node_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0067
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.51 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.
Fri, 9 Jan 09
yerba
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5873
Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
Fri, 9 Jan 09
multimedia_communication_server_5100
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5872
Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attackers to cause a denial of service (device outage) via a UFTP message that has a negative block size or other crafted Connection Details values.
Fri, 9 Jan 09
multimedia_communication_server_5100
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5871
Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.
Fri, 9 Jan 09
image_viewer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5870
FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to CVE-2007-1942.
Fri, 9 Jan 09
CVE-2008-5869 (tsunami_mp.11_2411)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5869
Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID.
Fri, 9 Jan 09
intellitamper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5868
Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file.
Fri, 9 Jan 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0069
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors.
Fri, 9 Jan 09
yerba
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5867
Directory traversal vulnerability in Yerba SACphp 6.3 allows remote attackers to read arbitrary files, and possibly have other impact, via directory traversal sequences in the mod field contained in the base64-encoded SID parameter to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 9 Jan 09
CVE-2008-5866 (tsunami_mp.11_2411)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5866
The Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 has public as its default SNMP read/write community, which makes it easier for remote attackers to obtain sensitive information or modify SNMP variables.
Fri, 9 Jan 09
xdg-open
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0068
Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as demonstrated by overwriting the .desktop file.
Fri, 9 Jan 09
trusted_execution_technology
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0066
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. NOTE: as of 20090107, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Fri, 9 Jan 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0065
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.
Thu, 8 Jan 09
zxid
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0051
ZXID 0.29 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and probably CVE-2009-0021.
Thu, 8 Jan 09
lasso
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0050
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and probably CVE-2009-0021.
Thu, 8 Jan 09
eidlib
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0049
Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and probably CVE-2009-0021.
Thu, 8 Jan 09
openevidence
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0048
OpenEvidence 1.0.6 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and probably CVE-2009-0021.
Thu, 8 Jan 09
gale
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0047
Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and probably CVE-2009-0021.
Thu, 8 Jan 09
grid_engine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0046
Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and probably CVE-2009-0021.
Thu, 8 Jan 09
bind
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0025
BIND 9.4.3 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and CVE-2009-0025.
Thu, 8 Jan 09
ntp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0021
NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a different vulnerability than CVE-2008-5077 and CVE-2009-0025.
Thu, 8 Jan 09
openssl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5077
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature.
Thu, 8 Jan 09
hotel_booking_reservation_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5865
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
Thu, 8 Jan 09
com_tophotelmodule, hotel_booking_reservation_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5864
SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
Thu, 8 Jan 09
userlocator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5863
SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the y parameter in a get_user action.
Thu, 8 Jan 09
webcamxp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5862
Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI.
Thu, 8 Jan 09
freelyrics
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5861
Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.
Thu, 8 Jan 09
constructr-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5860
Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file parameter.
Thu, 8 Jan 09
constructr-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5859
SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the show_page parameter.
Thu, 8 Jan 09
knowledgetree_document_management
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5858
Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-4281.
Thu, 8 Jan 09
knowledgetree_document_management
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5857
The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests.
Thu, 8 Jan 09
class
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5856
Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. NOTE: some of these details are obtained from third party information.
Thu, 8 Jan 09
login_session
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt.
Thu, 8 Jan 09
login_session
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5854
Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. NOTE: some of these details are obtained from third party information.
Thu, 8 Jan 09
chicomas
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5853
Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups via a request for a backup/ URI.
Thu, 8 Jan 09
emefa_guestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5852
Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for guestbook.mdb.
Thu, 8 Jan 09
mypbs
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5851
SQL injection vulnerability in index.php in My PHP Baseball Stats (MyPBS) allows remote attackers to execute arbitrary SQL commands via the seasonID parameter.
Wed, 7 Jan 09
vpn-1
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5850
Unspecified vulnerability in the SmartCenter server for Check Point VPN-1 R55 through R65, as used in SecurePlatform, allows remote attackers to change the (1) admin and (2) expert passwords, and possibly have other impact, via unknown vectors involving a TCP session on the Check Point Management Interface (CPMI) port (18190/tcp), aka "SPLAT Remote Root Exploit."
Wed, 7 Jan 09
vpn-1
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5849
Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264.
Wed, 7 Jan 09
CVE-2008-5848 (adam-6015, adam-6017, adam-6018, adam-6022, adam-6024, adam-6050, adam-6050w, ada...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5848
The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.
Wed, 7 Jan 09
samba
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0022
Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name.
Wed, 7 Jan 09
constructr-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5847
Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
Wed, 7 Jan 09
movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5846
Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for posts to bypass intended access restrictions and publish posts via a "system-wide entry listing screen."
Wed, 7 Jan 09
movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5845
Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 allow remote attackers to inject arbitrary web script or HTML via a (1) MTEntryAuthorUsername, (2) MTAuthorDisplayName, (3) MTEntryAuthorDisplayName, or (4) MTCommenterName field in a Profile View template; a (5) listing screen or (6) edit screen in the CMS app; (7) a TrackBack title, related to the HTML sanitization library; or (8) a user archive name (aka archive title) on a published Community Bl...
Wed, 7 Jan 09
php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5844
PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct SQL injection attacks and unspecified other attacks.
Wed, 7 Jan 09
pdfjam
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5843
Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a Trojan horse program in (1) the current working directory or (2) /var/tmp, related to the (a) pdf90, (b) pdfjoin, and (c) pdfnup scripts.
Wed, 7 Jan 09
webtransactions
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5842
Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with (1) a demo application shipped with WebTransactions and possibly (2) an unspecified "dynamic application."
Wed, 7 Jan 09
md5
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2761
The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.
Tue, 6 Jan 09
igaming_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5841
Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action.
Tue, 6 Jan 09
CVE-2008-5840 (phpicalendar, phpicalendar2.0)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5840
PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.
Tue, 6 Jan 09
foxmail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5839
Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element.
Tue, 6 Jan 09
e-shop_shopping_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5838
SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Tue, 6 Jan 09
windows_live_messenger
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5828
Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is used over a NAT session, allows remote attackers to discover intranet IP addresses and port numbers by reading the (1) IPv4InternalAddrsAndPorts, (2) IPv4Internal-Addrs, and (3) IPv4Internal-Port header fields.
Tue, 6 Jan 09
6131_nfc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5827
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag.
Tue, 6 Jan 09
6131_nfc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5826
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers to cause a denial of service (device crash) via (1) a large value in the payload length field in an NDEF record, or a certain length for a (2) tel: or (3) sms: NDEF URI.
Tue, 6 Jan 09
6131_nfc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5825
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware does not properly display the URI record when the Title record contains a certain combination of space, CR (aka \r), and . (dot) characters, which allows remote attackers to trick a user into loading an arbitrary URI via a crafted NDEF tag, as demonstrated by (1) an http: URI for a malicious web site, (2) a tel: URI for a premium-rate telephone number, and (3) an sms: URI that triggers pu...
Tue, 6 Jan 09
audiofile
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5824
Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.
Tue, 6 Jan 09
money
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5823
An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script Host (WSH) on Windows Vista, allows remote attackers to cause a denial of service (access violation and application crash) via a zero value for the Startup property.
Tue, 6 Jan 09
libxul
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5822
Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other products, allows remote attackers to cause a denial of service (memory consumption and browser hang) via a long CLASS attribute in an HR element in an HTML document.
Tue, 6 Jan 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5821
Memory leak in WebKit.dll in WebKit, as used by Apple Safari 3.2 on Windows Vista SP1, allows remote attackers to cause a denial of service (memory consumption and browser crash) via a long ALINK attribute in a BODY element in an HTML document.
Tue, 6 Jan 09
gforge
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2381
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
Tue, 6 Jan 09
ednews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5820
SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
Tue, 6 Jan 09
ednews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5819
Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information.
Tue, 6 Jan 09
edcontainer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5818
Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information.
Tue, 6 Jan 09
webclassifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5817
Multiple SQL injection vulnerabilities in index.php in Web Scribble Solutions webClassifieds 2005 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) password fields in a sign_in action.
Tue, 6 Jan 09
ilias
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5816
SQL injection vulnerability in repository.php in ILIAS 3.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ref_id parameter.
Tue, 6 Jan 09
phpalumni
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5815
SQL injection vulnerability in Acomment.php in phpAlumni allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 6 Jan 09
php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5814
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.
Tue, 6 Jan 09
spip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5813
SQL injection vulnerability in inc/rubriques.php in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: some of these details are obtained from third party information.
Tue, 6 Jan 09
spip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5812
Multiple unspecified vulnerabilities in SPIP 1.8 before 1.8.3b, 1.9 before 1.9.2g, and 2.0 before 2.0.2 have unknown impact and attack vectors.
Tue, 6 Jan 09
com_paxgallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5811
SQL injection vulnerability in the PaxGallery (com_paxgallery) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter in a table action to index.php.
Tue, 6 Jan 09
webtransactions
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5810
WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to (1) directory names, (2) template names, and (3) session IDs.
Sat, 3 Jan 09
access_analyzer_cgi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5809
futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Access Analyzer CGI Professional 4.11.3 and earlier use a predictable session id, which makes it easier for remote attackers to hijack sessions, and obtain sensitive information about analysis results, via a modified id.
Sat, 3 Jan 09
movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5808
Cross-site scripting (XSS) vulnerability in Six Apart Movable Type Enterprise (MTE) 1.x before 1.56; Movable Type (MT) 3.x before 3.38; and Movable Type, Movable Type Open Source (MTOS), and Movable Type Enterprise 4.x before 4.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to "application management."
Sat, 3 Jan 09
xterm
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2383
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071.
Sat, 3 Jan 09
xterm
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7236
The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.
Thu, 1 Jan 09
testlink
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5807
Multiple cross-site scripting (XSS) vulnerabilities in TestLink before 1.8 RC1 allow remote attackers to inject arbitrary web script or HTML via (1) Testproject Names and (2) Testplan Names in planEdit.php, and possibly (3) Testcaseprefixes in projectview.tpl.
Thu, 1 Jan 09
php_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5806
SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information.
Thu, 1 Jan 09
php_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5805
SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828.
Thu, 1 Jan 09
number_links_1_php_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5804
SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Number Links 1 Php Script allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action.
Thu, 1 Jan 09
online_store
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5803
SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka username field). NOTE: some of these details are obtained from third party information.
Thu, 1 Jan 09
online_store
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5802
SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
Thu, 1 Jan 09
dictionary_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5801
Unspecified vulnerability in the Dictionary (rtgdictionary) extension 0.1.9 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors.
Thu, 1 Jan 09
fsmi_people
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5800
SQL injection vulnerability in the Wir ber uns [sic] (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 1 Jan 09
wir_ber_uns_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5799
Cross-site scripting (XSS) vulnerability in the Wir ber uns [sic] (fsmi_people) extension 0.0.24 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 1 Jan 09
cms_poll_system_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5798
SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 1 Jan 09
advcalendar_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5797
SQL injection vulnerability in the advCalendar extension 0.3.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 1 Jan 09
eluna_page_comments_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5796
SQL injection vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Thu, 1 Jan 09
eluna_page_comments_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5795
Cross-site scripting (XSS) vulnerability in the eluna Page Comments (eluna_pagecomments) extension 1.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 1 Jan 09
lovecms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5794
Directory traversal vulnerability in system/admin/images.php in LoveCMS 1.6.2 Final allows remote attackers to delete arbitrary files via a .. (dot dot) in the delete parameter.
Thu, 1 Jan 09
clickheat-heatmap
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5793
Multiple PHP remote file inclusion vulnerabilities in the Clickheat - Heatmap stats (com_clickheat) component 1.0.1 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[mosConfig_absolute_path] parameter to (a) install.clickheat.php, (b) Cache.php and (c) Clickheat_Heatmap.php in Recly/Clickheat/, and (d) Recly/common/GlobalVariables.php; and the (2) mosConfig_absolute_path parameter to (e) _main.php and (f) main.php in includes/heatmap, and (g) includ...
Thu, 1 Jan 09
indiscripts_enthusiast
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5792
PHP remote file inclusion vulnerability in show_joined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: the researcher also points out the analogous directory traversal issue.
Thu, 1 Jan 09
prestashop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5791
Multiple unspecified vulnerabilities in PrestaShop e-Commerce Solution before 1.1 Beta 2 (aka 1.1.0.1) have unknown impact and attack vectors, related to the (1) bankwire module, (2) cheque module, and other components.
Thu, 1 Jan 09
competitions
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5790
Multiple PHP remote file inclusion vulnerabilities in the Recly!Competitions (com_competitions) component 1.0 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[mosConfig_absolute_path] parameter to (a) add.php and (b) competitions.php in includes/competitions/, and the (2) mosConfig_absolute_path parameter to (c) includes/settings/settings.php.
Thu, 1 Jan 09
interactive_feederator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5789
Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator (com_feederator) component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the (1) mosConfig_absolute_path parameter to (a) add_tmsp.php, (b) edit_tmsp.php and (c) tmsp.php in includes/tmsp/; and the (2) GLOBALS[mosConfig_absolute_path] parameter to (d) includes/tmsp/subscription.php.
Thu, 1 Jan 09
domain_seller_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5788
SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 1 Jan 09
arab_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5787
Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action.
Thu, 1 Jan 09
silva, silva_find
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5786
Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter.
Thu, 1 Jan 09
v3_chat_profiles_dating_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5785
SQL injection vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
Thu, 1 Jan 09
v3_chat_profiles_dating_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5784
V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.
Thu, 1 Jan 09
v3_chat_live_support
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5783
admin/index.php in V3 Chat Live Support 3.0.4 allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie to 1.
Thu, 1 Jan 09
zeematri
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5782
SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
Thu, 1 Jan 09
cfagcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5781
SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the title parameter.
Thu, 1 Jan 09
forest_blog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5780
Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing passwords via a direct request for blog.mdb.
Thu, 1 Jan 09
flds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5779
SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 1 Jan 09
flds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5778
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
Thu, 1 Jan 09
cadenix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5777
SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Thu, 1 Jan 09
apertoblog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5776
Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) action parameter to admin.php and the (2) get parameter to index.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
Thu, 1 Jan 09
apertoblog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5775
SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 1 Jan 09
homebuilder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5774
Multiple SQL injection vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to (a) type.asp and (b) type2.asp and the (2) iPro parameter to (c) detail.asp.
Thu, 1 Jan 09
nukedit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5773
Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for database/dbsite.mdb.
Thu, 1 Jan 09
realtylistings
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5772
Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp.
Thu, 1 Jan 09
phpweather
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5771
Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Thu, 1 Jan 09
phpweather
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5770
Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Thu, 1 Jan 09
kerio_mailserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5769
Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer before 6.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) folder parameter to mailCompose.php or the (2) daytime parameter to calendarEdit.php. NOTE: some of these details are obtained from third party information.
Thu, 1 Jan 09
am_events_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5768
SQL injection vulnerability in print.php in the AM Events (aka Amevents) module 0.22 for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 1 Jan 09
gnews_publisher
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5767
SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.
Thu, 1 Jan 09
faupload
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5766
SQL injection vulnerability in download.php in Farsi Script Faupload allows remote attackers to execute arbitrary SQL commands via the id parameter.
Thu, 1 Jan 09
worksimple
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5765
WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for data/usr.txt.
Thu, 1 Jan 09
worksimple
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5764
PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.
Thu, 1 Jan 09
simple_text-file_login_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5763
PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote attackers to execute arbitrary PHP code via a URL in the slogin_path parameter.
Thu, 1 Jan 09
simple_text-file_login_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5762
Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for slog_users.txt.