Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Tue, 31 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1170
Unspecified vulnerability in Sun OpenSolaris snv_100 through snv_101 allows local users, with privileges in a non-global zone, to execute arbitrary code in the global zone when a global-zone user is using mdb on a non-global zone process.
Tue, 31 Mar 09
opensuse, suse_linux_enterprise_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0115
multipath-tools in SUSE openSUSE 10.3 through 11.0 and SUSE Linux Enterprise Server (SLES) 10 uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
Tue, 31 Mar 09
micro-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6553
microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote attackers to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a delete_admin action, and (3) modify administrative passwords via a change_password action.
Tue, 31 Mar 09
cluster_project
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6552
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.
Tue, 31 Mar 09
e-vision_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6551
Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) an adminlang cookie to admin/ind_ex.php; or the module parameter to (2) 3rdparty/adminpart/add3rdparty.php, (3) polling/adminpart/addpolling.php, (4) contact/adminpart/addcontact.php, (5) brandnews/adminpart/addbrandnews.php, (6) newsletter/adminpart/addnewsletter.php, (7) game/adminpart...
Tue, 31 Mar 09
glossaire
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6550
Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire 2.0 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 31 Mar 09
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6549
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.
Tue, 31 Mar 09
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6548
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.
Tue, 31 Mar 09
formencode
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6547
schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators feature, which allows attackers to bypass intended access restrictions via unknown vectors.
Tue, 31 Mar 09
phpns
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6546
Unspecified vulnerability in phpns before 2.1.3 has unknown impact and attack vectors related to "activation permissions."
Tue, 31 Mar 09
web_server_creator_web_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6545
PHP remote file inclusion vulnerability in news/include/createdb.php in Web Server Creator Web Portal 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the langfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 31 Mar 09
simple_machines_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6544
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF) 1.1.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) settings[default_theme_dir] parameter to Sources/Subs-Graphics.php and (2) settings[default_theme_dir] parameter to Sources/Themes.php. NOTE: CVE and multiple third parties dispute this issue because the files contain a protection mechanism against direct request.
Tue, 31 Mar 09
quick_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6543
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8) pass.php3, (9) remember.php3 (10) sign-up.php3, (11) update.php3, (12) userSet.php3, and (13) verify.php3 in controlcenter/; (14) alterCats.php3, (15) alterFeatured.php3, (16) alterHomepage.php3, (17) alterNews.php3...
Tue, 31 Mar 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6542
Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform "server-side execution of application logic" by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files.
Tue, 31 Mar 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6541
Unrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified vectors.
Tue, 31 Mar 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6540
DotNetNuke before 4.8.2, during installation or upgrade, does not warn the administrator when the default (1) ValidationKey and (2) DecryptionKey values cannot be modified in the web.config file, which allows remote attackers to bypass intended access restrictions by using the default keys.
Tue, 31 Mar 09
destar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6539
Static code injection vulnerability in user/settings/ in DeStar 0.2.2-5 allows remote authenticated users to add arbitrary administrators and inject arbitrary Python code into destar_cfg.py via a crafted pin parameter.
Tue, 31 Mar 09
CVE-2008-6538
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6538
DeStar 0.2.2-5 allows remote attackers to add arbitrary users via a direct request to config/add/CfgOptUser.
Tue, 31 Mar 09
lightneasy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6537
LightNEasy/lightneasy.php in LightNEasy No database version 1.2 allows remote attackers to obtain the hash of the administrator password via the setup "do" action to LightNEasy.php, which is cleared from $_GET but later accessed using $_REQUEST.
Tue, 31 Mar 09
7-zip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6536
Unspecified vulnerability in 7-zip before 4.5.7 has unknown impact and remote attack vectors, as demonstrated by the PROTOS GENOME test suite for Archive Formats (c10).
Tue, 31 Mar 09
bouncy-castle-crypto-package, legion-of-the-bouncy-castle-java-crytography-api
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6721
The Legion of the Bouncy Castle Java Cryptography API before release 1.38 (aka 2.5.2), as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes."
Tue, 31 Mar 09
kerberos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0845
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token.
Tue, 31 Mar 09
openssl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0789
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
Tue, 31 Mar 09
ios, ios_s, ios_t, ios_xr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0637
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
Tue, 31 Mar 09
ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0636
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.
Tue, 31 Mar 09
ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0635
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets.
Sat, 28 Mar 09
cisco_ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0634
Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337.
Sat, 28 Mar 09
cisco_ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0633
Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220.
Sat, 28 Mar 09
ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0630
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, ...
Sat, 28 Mar 09
ios, ios_s, ios_t, ios_xr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0629
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload)...
Sat, 28 Mar 09
cisco_ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0628
Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak.
Sat, 28 Mar 09
ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0626
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
Sat, 28 Mar 09
openssl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0591
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
Sat, 28 Mar 09
openssl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0590
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Sat, 28 Mar 09
ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0631
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet.
Sat, 28 Mar 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1169
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox 3.0.7 and earlier allows remote attackers to cause a denial of service (crash) via an XML file with a crafted XSLT transform.
Sat, 28 Mar 09
paypal_estores
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6535
admin/settings.php in PayPal eStores allows remote attackers to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter.
Sat, 28 Mar 09
null_ftp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6534
Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1.0.7 allows remote authenticated users to execute arbitrary commands via a custom SITE command containing shell metacharacters such as "&" (ampersand) in the middle of an argument.
Sat, 28 Mar 09
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6533
Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input format is deleted, which prevents the content from being properly filtered and allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
Sat, 28 Mar 09
jira
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6531
The WebWork 1 web application framework in Atlassian JIRA before 3.13.2 allows remote attackers to invoke exposed public JIRA methods via a crafted URL that is dynamically transformed into method calls, aka "WebWork 1 Parameter Injection Hole."
Fri, 27 Mar 09
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6532
Multiple cross-site request forgery (CSRF) vulnerabilities in the update feature in Drupal 5.x before 5.13 and 6.x before 6.7 allow remote attackers to perform unauthorized actions as the superuser via unspecified vectors, as demonstrated by causing the superuser to "execute old updates" that modify the database.
Fri, 27 Mar 09
living_local
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6530
Unrestricted file upload vulnerability in editimage.php in eZoneScripts Living Local 1.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file.
Fri, 27 Mar 09
living_local
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6529
Cross-site scripting (XSS) vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to inject arbitrary web script or HTML via the r parameter.
Fri, 27 Mar 09
gigaset_se461__wimax_router
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1152
Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly other versions, allows remote attackers to cause a denial of service (device restart and loss of configuration) by connecting to TCP port 53, then closing the connection.
Fri, 27 Mar 09
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1151
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
Fri, 27 Mar 09
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1150
Multiple cross-site scripting (XSS) vulnerabilities in the export page (display_export.lib.php) in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pma_db_filename_template cookie.
Fri, 27 Mar 09
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1149
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters.
Fri, 27 Mar 09
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1148
Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable).
Fri, 27 Mar 09
jeus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6528
NTFS TmaxSoft JEUS 5 before Fix 26 allows remote attackers to read the source code for scripts by appending ::$DATA to the URL, which accesses the alternate data stream.
Fri, 27 Mar 09
icarus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1071
Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crach) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file.
Fri, 27 Mar 09
expressionengine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1070
Cross-site scripting (XSS) vulnerability in system/index.php in ExpressionEngine 1.6.4 through 1.6.6, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the avatar parameter.
Fri, 27 Mar 09
content_construction_kit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1069
Multiple cross-site scripting (XSS) vulnerabilities in the node edit form feature in Drupal Content Construction Kit (CCK) 6.x before 6.x-2.2, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the (1) titles of candidate referenced nodes in the Node reference sub-module and the (2) names of candidate referenced users in the User reference sub-module.
Fri, 27 Mar 09
CVE-2009-1068 (bs.player)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1068
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
Fri, 27 Mar 09
pixie_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1067
Cross-site scripting (XSS) vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to inject arbitrary web script or HTML via the x parameter.
Fri, 27 Mar 09
pixie_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1066
SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request.
Fri, 27 Mar 09
pixie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1065
SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the x parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 27 Mar 09
orbit_downloader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1064
Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier ActiveX control allows remote attackers to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to the download method.
Fri, 27 Mar 09
exescope
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1063
Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via a crafted executable (.exe) file.
Fri, 27 Mar 09
freebsd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1041
The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value.
Fri, 27 Mar 09
webcit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0364
Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.
Fri, 27 Mar 09
java
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1107
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing JLabel HTML parsing vulnerability," aka CR 6782871.
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1106
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948.
Fri, 27 Mar 09
java
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1105
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490.
Fri, 27 Mar 09
java
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1104
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.2_19 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted attackers to bypass intended access restrictions via LiveConnect, aka CR 6724331. NOTE: this vulnerability can be leveraged with separate cross-site scripting (XSS) vulnerabilities for remote attack ...
Fri, 27 Mar 09
java
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1103
Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "deserializing applets," aka CR 6646860.
Fri, 27 Mar 09
java
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1102
Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation."
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1101
Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak."
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1100
Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.
Fri, 27 Mar 09
java
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1099
Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a crafted Type1 font, which triggers a buffer overflow.
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1098
Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1097
Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via a crafted (1) PNG image, aka CR 6804996, and (2) GIF image, aka CR 6804997.
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1096
Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1095
Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1094
Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data.
Fri, 27 Mar 09
jdk, jre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1093
LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang).
Fri, 27 Mar 09
system_tap
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0784
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to gain privileges via unknown vectors.
Fri, 27 Mar 09
liveaudio_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1092
Use after free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote attackers to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.
Fri, 27 Mar 09
rapidleech
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1090
Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uploaded parameter.
Fri, 27 Mar 09
cascade
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1088
Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with "extension elements and extension functions" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime.
Fri, 27 Mar 09
pplive
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1087
Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share pathname in the LoadModule argument to the (1) synacast, (2) Play, (3) pplsv, or (4) ppvod URI handler. NOTE: some of these details are obtained from third party information.
Fri, 27 Mar 09
piwik
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1085
Piwik 0.2.32 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the API key and other sensitive information via a direct request for misc/cron/archive.sh.
Fri, 27 Mar 09
openinvoice
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6524
resetpass.php in openInvoice 0.90 beta and earlier allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords without authentication.
Fri, 27 Mar 09
openinvoice
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6523
auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbitrary users.
Fri, 27 Mar 09
openterracotta
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6522
Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.
Thu, 26 Mar 09
rapid_leech
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1091
Cross-site scripting (XSS) vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to inject arbitrary web script or HTML via the uploaded parameter.
Thu, 26 Mar 09
rapid_leech
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1089
Absolute path traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to read arbitrary files via a base64-encoded absolute path in the filename parameter.
Thu, 26 Mar 09
ldns
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1086
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field.
Thu, 26 Mar 09
CVE-2008-6527 (go41.net_asp_forum)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6527
SQL injection vulnerability in forum.asp in GO4I.NET ASP Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the iFor parameter.
Thu, 26 Mar 09
bos_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6526
SQL injection vulnerability in index.php in BosDev BosClassifieds allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2008-1838.
Thu, 26 Mar 09
nicephpscripts
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6525
SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field).
Thu, 26 Mar 09
openterracotta
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6521
index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message.
Thu, 26 Mar 09
xitami
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6520
Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a URI that ends in (1) .ssi, (2) .shtm, or (3) .shtml, which triggers incorrect logging code involving the sendfmt function in the SMT kernel.
Thu, 26 Mar 09
xitami
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6519
Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a Long Running Web Process (LRWP) request, which triggers incorrect logging code involving the sendfmt function in the SMT kernel.
Thu, 26 Mar 09
vidiscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6518
Unrestricted file upload vulnerability in the profile feature in VidiScript allows registered remote authenticated users to execute arbitrary code by uploading a PHP file as an Avatar, then accessing the avatar via a direct request.
Thu, 26 Mar 09
CVE-2008-6517 (1.0.3_beta)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6517
SQL injection vulnerability in NewsHOWLER 1.03 Beta allows remote attackers to execute arbitrary SQL commands via the news_user cookie parameter.
Thu, 26 Mar 09
phpkf-portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6516
Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1084
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not properly restrict access to the System Configuration object, which allows remote authenticated administrators and possibly remote attackers to have an unspecified impact by modifying this object.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1083
Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote attackers to execute arbitrary commands via vectors involving "resource adapters."
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1082
Sun Java System Identity Manager (IdM) 7.0 through 8.0 allows remote authenticated users to gain privileges by submitting crafted commands to the Admin Console, as demonstrated by privileges for account creation and other administrative capabilities, related to the saveNoValidate action and saveNoValidateAllowedFormsAndWorkflows IDs.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1081
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19595 and 19661.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1080
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1079
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19659, 19660, and 19683.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1078
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, which allows remote authenticated users to have an unspecified impact.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1077
The Change My Password implementation in the admin interface in Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the RequiresChallenge property setting, which allows remote authenticated users to change the passwords of other users, as demonstrated by changing the administrator's password.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1076
Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the end-user question-based login feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1075
Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the Forgot Password feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Thu, 26 Mar 09
java_system_identity_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1074
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not use SSL in all expected circumstances, which makes it easier for remote attackers to obtain sensitive information by sniffing the network, related to "ssl termination devices" and lack of support for relative URLs.
Thu, 26 Mar 09
access_support_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0215
Stack-based buffer overflow in the GetXMLValue method in the IBM Access Support ActiveX control in IbmEgath.dll, as distributed on IBM and Lenovo computers, allows remote attackers to execute arbitrary code via unspecified vectors.
Thu, 26 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1072
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.
Thu, 26 Mar 09
acrobat_reader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1062
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1061.
Thu, 26 Mar 09
acrobat, reader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1061
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062.
Thu, 26 Mar 09
acrobat_professional, acrobat_reader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0928
Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.
Thu, 26 Mar 09
network_node_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0921
Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4.
Thu, 26 Mar 09
network_node_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0920
Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long OvOSLocale cookie, a variant of CVE-2008-0067.
Thu, 26 Mar 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0891
The Web Services Security component in IBM WebSphere Application Server 7.0 before Fix Pack 1 (7.0.0.1), 6.1 before Fix Pack 23 (6.1.0.23),and 6.0.2 before Fix Pack 33 (6.0.2.33) does not properly enforce (1) nonce and (2) timestamp expiration values in WS-Security bindings as stored in the com.ibm.wsspi.wssecurity.core custom property, which allows remote authenticated users to conduct session hijacking attacks.
Thu, 26 Mar 09
linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0787
The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.
Thu, 26 Mar 09
hp-ux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0207
Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.23 running VRTSodm 4.1 or VERITAS File System (VRTSvxfs) 4.1, B.11.23 running VRTSodm 5.0 or VRTSvxfs 5.0, and B.11.31 running VRTSodm 5.0 allows local users to gain root privileges via unknown vectors.
Thu, 26 Mar 09
acrobat, reader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0193
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-1061 and CVE-2009-1062.
Wed, 25 Mar 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1060
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Charlie Miller during a PWN2OWN competition at CanSecWest 2009.
Wed, 25 Mar 09
powerzip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1059
Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote attackers to execute arbitrary code via a crafted .zip file. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
Wed, 25 Mar 09
zipgenius
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1058
Stack-based buffer overflow in ZipGenius might allow remote attackers to execute arbitrary code via a crafted .zip file that triggers an SEH overwrite. NOTE: it is possible that this overlaps CVE-2005-3317. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
Wed, 25 Mar 09
zipitfast
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1057
MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file that triggers memory corruption, related to a "format string buffer overflow." NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
Wed, 25 Mar 09
rational_appscan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1056
IBM Rational AppScan Enterprise before 5.5 FP1 allows remote attackers to read arbitrary exported reports by "forcefully browsing."
Wed, 25 Mar 09
cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1055
Unspecified vulnerability in the web service in Sitecore CMS 5.3.1 rev. 071114 allows remote authenticated users to gain access to security databases, and obtain administrative and user credentials, via unknown vectors related to SOAP and XML requests.
Wed, 25 Mar 09
ichitaro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1054
Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to execute arbitrary code via a crafted file, as exploited in the wild by Trojan.Tarodrop.H in March 2009.
Wed, 25 Mar 09
CVE-2009-1053
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1053
chaozzDB 1.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv.
Wed, 25 Mar 09
fireant
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1052
FireAnt 1.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv.
Wed, 25 Mar 09
fubarforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1051
FubarForum 1.6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv.
Wed, 25 Mar 09
bloginator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1050
Bloginator 1A allows remote attackers to bypass authentication and gain administrative access by setting the identifyYourself cookie.
Wed, 25 Mar 09
CVE-2009-1049
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1049
SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 25 Mar 09
yappa-ng
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6515
Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generation (yappa-ng) allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
Wed, 25 Mar 09
compiz_fusion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6514
The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts, a related issue to CVE-2007-3920.
Wed, 25 Mar 09
aphpkb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6513
Unrestricted file upload vulnerability in saa.php in Andy's PHP Knowledgebase (aphpkb) 0.92.9 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a link that is listed by authors.php.
Wed, 25 Mar 09
gears
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6512
Cross-domain vulnerability in the WorkerPool API in Google Gears before 0.5.4.2 allows remote attackers to bypass the Same Origin Policy and the intended access restrictions of the allowCrossOrigin function by hosting an assumed-safe file type containing Google Gear commands on the target domain, then accessing that file from the attacking domain, whose response headers are not checked and cause the worker code to run in the target domain.
Wed, 25 Mar 09
drupal, print
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1047
Cross-site scripting (XSS) vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via vectors involving outbound HTML e-mail.
Wed, 25 Mar 09
cms, ghostscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0584
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
Wed, 25 Mar 09
ghostscript, cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0583
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related ...
Wed, 25 Mar 09
openfire
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6511
Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
Wed, 25 Mar 09
openfire
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6510
Cross-site scripting (XSS) vulnerability in login.jsp in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Wed, 25 Mar 09
openfire
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6509
SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp.
Wed, 25 Mar 09
openfire
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6508
Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. (dot dot) in a URI that matches the Exclude-Strings list, as demonstrated by a /setup/setup-/.. sequence in a URI.
Tue, 24 Mar 09
linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1046
The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "an off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.
Tue, 24 Mar 09
vlc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1045
Stack-based buffer overflow in requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (crash) and possible execute arbitrary code via a long input argument in an in_play action.
Tue, 24 Mar 09
phpbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6507
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to obtain sensitive information via unknown vectors related to the lack of password prompts for a private message that quotes a post in a password-protected forum.
Tue, 24 Mar 09
phpbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6506
Unspecified vulnerability in phpBB before 3.0.4 allows attackers to bypass intended access restrictions and activate de-activated accounts via unknown vectors.
Tue, 24 Mar 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1044
Unspecified vulnerability in Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
Tue, 24 Mar 09
ie, windows
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1043
Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
Tue, 24 Mar 09
mac_os_x, safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1042
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
Tue, 24 Mar 09
lcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.
Tue, 24 Mar 09
firefox, gimp, lcms, openjdk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0723
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Tue, 24 Mar 09
lcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0581
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.
Tue, 24 Mar 09
struts
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6505
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
Tue, 24 Mar 09
CVE-2008-6504 (xwork2.0.0, xwork2.0.1, xwork2.0.2, xwork2.0.3, xwork2.0.4, xwork2.0.5, xwork2.1....)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6504
ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
Tue, 24 Mar 09
winasm_studio
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1040
Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file.
Tue, 24 Mar 09
cdex
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1039
Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file.
Tue, 24 Mar 09
yap_blog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1038
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) image_id parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the (2) user parameter in a modif action to admin/index.php.
Tue, 24 Mar 09
print_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1037
Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API.
Sat, 21 Mar 09
plus1
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1036
Cross-site request forgery (CSRF) vulnerability in the Plus 1 module before 6.x-2.6, a module for Drupal, allows remote attackers to cast votes for content via unspecified aspects of the URI.
Sat, 21 Mar 09
tasklist
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1035
Cross-site scripting (XSS) vulnerability in Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via Cascading Style Sheets (CSS).
Sat, 21 Mar 09
tasklist
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1034
SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.
Sat, 21 Mar 09
deluxebb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1033
SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503.
Sat, 21 Mar 09
advanced_image_hosting_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1032
SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.
Sat, 21 Mar 09
prestashop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6503
Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php.
Sat, 21 Mar 09
pro_chat_rooms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6502
Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to select an arbitrary local PHP script as an avatar via a .. (dot dot) in the avatar parameter, and cause other users to execute this script by using sendData.php to send a message to (1) an individual user or (2) a room, leading to cross-site request forgery (CSRF), cross-site scripting (XSS), or other impacts.
Sat, 21 Mar 09
pro_chat_rooms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6501
Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the gud parameter.
Sat, 21 Mar 09
asp_shopping_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6500
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
Sat, 21 Mar 09
serv-u
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1031
Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request.
Sat, 21 Mar 09
wordpress_mu
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1030
Cross-site scripting (XSS) vulnerability in the choose_primary_blog function in wp-includes/wpmu-functions.php in WordPress MU (WPMU) before 2.7 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.
Sat, 21 Mar 09
pop_peeper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1029
Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.
Sat, 21 Mar 09
ezip_wizard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1028
Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file.
Sat, 21 Mar 09
opencart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1027
SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers to execute arbitrary SQL commands via the order parameter.
Sat, 21 Mar 09
websites
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1026
Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Sat, 21 Mar 09
phplinkadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1025
PHP remote file inclusion vulnerability in linkadmin.php in Beerwin PHPLinkAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
Sat, 21 Mar 09
phplinkadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1024
Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote attackers to execute arbitrary SQL commands via the linkid parameter to edlink.php, and unspecified other vectors.
Sat, 21 Mar 09
phpcomasy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1023
SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter.
Sat, 21 Mar 09
gom_encoder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1022
Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.
Sat, 21 Mar 09
xampp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6499
security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTE_ADDR variable to 127.0.0.1.
Sat, 21 Mar 09
xampp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6498
Cross-site request forgery (CSRF) vulnerability in security/xamppsecurity.php in XAMPP 1.6.8 allows remote attackers to change a certain .htaccess password via the xampppasswd parameter.
Sat, 21 Mar 09
neostrada_livebox_adsl_router
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6497
The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service (network outage) via multiple HTTP requests for the /- URI.
Sat, 21 Mar 09
expert_pdf_editorx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6496
Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.
Sat, 21 Mar 09
yappa-ng
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6495
Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter.
Sat, 21 Mar 09
CVE-2008-6494 (asp_user_engine.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6494
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb.
Sat, 21 Mar 09
easy_content_management_publishing
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6493
Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database/News.mdb.
Sat, 21 Mar 09
tizag_countdown_creator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6492
Unrestricted file upload vulnerability in process.php in Tizag Countdown Creator 3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via index.php, then accessing the uploaded file via a direct request to the file in pics/. NOTE: some of these details are obtained from third party information.
Fri, 20 Mar 09
access_analyzer_cgi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0971
Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Fri, 20 Mar 09
phpprobid
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0970
PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 20 Mar 09
phpfox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0969
Cross-site request forgery (CSRF) vulnerability in account/settings/account/ in phpFoX 1.6.21 allows remote attackers to change the administrator's email address via the act[update] action.
Fri, 20 Mar 09
fmoblog_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0968
SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.
Fri, 20 Mar 09
serv-u_file_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0967
The FTP server in Serv-U 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument.
Fri, 20 Mar 09
mega_file_hosting_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0966
PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences.
Fri, 20 Mar 09
ganesha_digital_library
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0965
SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php.
Fri, 20 Mar 09
phprunner
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0964
UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the database, which allows attackers to gain privileges. NOTE: this can be leveraged with a separate SQL injection vulnerability to obtain passwords remotely without authentication.
Fri, 20 Mar 09
phprunner
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0963
Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the SearchField parameter to (1) UserView_list.php, (2) orders_list.php, (3) users_list.php, and (4) Administrator_list.php.
Fri, 20 Mar 09
acrobat, acrobat_reader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0927
Unspecified vulnerability in Adobe Reader and Adobe Acrobat 9.1 and 7.1.1 allows remote attackers to execute arbitrary code via unknown vectors related to a JavaScript method and input validation, a different vulnerability than CVE-2009-0658.
Fri, 20 Mar 09
weechat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0661
Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attackers to cause a denial of service (crash) via a crafted IRC message that contains unspecified "special chars."
Fri, 20 Mar 09
phpgkit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6491
PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 20 Mar 09
flaber
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6490
function/update_xml.php in FLABER 1.1 and earlier allows remote attackers to overwrite arbitrary files by specifying the target filename in the target_file parameter. NOTE: this can be leveraged for code execution by overwriting a PHP file, as demonstrated using function/upload_file.php.
Fri, 20 Mar 09
com_myalbum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6489
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php.
Fri, 20 Mar 09
mp_form_mail_cgi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0962
Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors.
Fri, 20 Mar 09
CVE-2009-0941 (8100c_digital_sender, 9100c_digital_sender, 9200c_digital_sender, 9250c_digital_s...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0941
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
Fri, 20 Mar 09
digital_senders, edgeline_printers, laserjet
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0940
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.
Fri, 20 Mar 09
pcanywhere
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0538
Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).
Fri, 20 Mar 09
php_image_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6488
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action.
Fri, 20 Mar 09
digiaffiliate
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6487
Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.
Fri, 20 Mar 09
sharedlog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6486
PHP remote file inclusion vulnerability in slideshow_uploadvideo.content.php in SharedLog, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_dir] parameter.
Fri, 20 Mar 09
php_image_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6485
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter.
Fri, 20 Mar 09
taxi_calc_dist_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6484
SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote attackers to execute arbitrary SQL commands via the user field.
Fri, 20 Mar 09
com_googlebase
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6483
PHP remote file inclusion vulnerability in admin.googlebase.php in the Ecom Solutions VirtueMart Google Base (aka com_googlebase or Froogle) component 1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Fri, 20 Mar 09
CVE-2008-4564 (altiris_deployment_solution, brightmail, data_loss_prevention_detection_servers, ...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4564
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
Thu, 19 Mar 09
com_treeg
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6482
PHP remote file inclusion vulnerability in admin.treeg.php in the Flash Tree Gallery (com_treeg) component 1.0 for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_live_site parameter.
Thu, 19 Mar 09
miranda_im
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5543
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
Thu, 19 Mar 09
miranda_im
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5542
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
Thu, 19 Mar 09
tor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0939
Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0.
Thu, 19 Mar 09
tor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0938
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input."
Thu, 19 Mar 09
tor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0937
Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors.
Thu, 19 Mar 09
tor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0936
Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes."
Thu, 19 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0935
The inotify_read function in the Linux kernel 2.6 before 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.
Thu, 19 Mar 09
ejabberd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0934
Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs.
Thu, 19 Mar 09
dotclear
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0933
Cross-site scripting (XSS) vulnerability in the administrative interface in Dotclear before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 19 Mar 09
horde, horde_groupware
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0932
Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
Thu, 19 Mar 09
horde, horde_groupware
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0931
Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 19 Mar 09
horde_imp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0930
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
Thu, 19 Mar 09
nucleus_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0929
Directory traversal vulnerability in the media manager in Nucleus CMS before 3.40 allows remote attackers to read arbitrary files via unknown vectors.
Thu, 19 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0926
Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732.
Thu, 19 Mar 09
CVE-2009-0925
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0925
Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723.
Thu, 19 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0924
Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712.
Thu, 19 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0923
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server.
Thu, 19 Mar 09
com_versioning
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6481
SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.
Wed, 18 Mar 09
postgresql
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0922
PostgreSQL 8.3.6 allows remote authenticated users to cause a denial of service (stack consumption) via mismatched encoding conversion requests.
Wed, 18 Mar 09
ptk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0919
DFLabs PTK 1.0.0 through 1.0.4 has (1) "lamp" as its default password for the "nobody" account within the included ProFTPD installation, and possibly has (2) a blank default password for the "root" account within the included MySQL installation, which makes it easier for remote attackers to obtain access. NOTE: the vendor states that the product is intended for use in a laboratory with "no contact from / to internet."
Wed, 18 Mar 09
ptk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0918
Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.
Wed, 18 Mar 09
ptk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0917
Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK. NOTE: the vendor states that the product is intended for use in a laboratory with "no contact from / to internet."
Wed, 18 Mar 09
opera, opera_web_browser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0916
Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."
Wed, 18 Mar 09
opera, opera_web_browser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0915
Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.
Wed, 18 Mar 09
opera, opera_web_browser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0914
Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.
Wed, 18 Mar 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0508
The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 5.1.0, 5.1.1.19, 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.23, and 7.0 before 7.0.0.3 allows remote attackers to read arbitrary files contained in war files in (1) web-inf, (2) meta-inf, and unspecified other directories via unknown vectors, related to (a) web-based applications and (b) the administrative console.
Wed, 18 Mar 09
datalife_engine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6480
Cross-site request forgery (CSRF) vulnerability in Datalife Engine 6.7 allows remote attackers to perform unauthorized actions as other users via a link or IMG tag to engine/modules/imagepreview.php with a modified image parameter.
Wed, 18 Mar 09
parallels_virtuozzo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6479
Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd.
Wed, 18 Mar 09
virtuozzo_containers
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6478
Cross-site request forgery (CSRF) vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft (build 4.0.0-365.6.swsoft) and 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to create and delete arbitrary files as the administrator via a link or IMG tag to (1) create-file and (2) list-control in vz/cp/vzdir/infrman/envs/files/; or modify system configuration via the path parameter to vz/cp/vzdir/infrman/envs/files/index.
Tue, 17 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0913
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options.
Tue, 17 Mar 09
perl-mdk-commom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0912
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.
Tue, 17 Mar 09
op4
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6477
SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
Tue, 17 Mar 09
blogengine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6476
Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Tue, 17 Mar 09
drake_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6475
SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php.
Tue, 17 Mar 09
big-ip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6474
The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection.
Tue, 17 Mar 09
blogator-script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6473
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.
Tue, 17 Mar 09
anydvd, clonecd, clonedvd, virtualclonedrive
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0824
Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call.
Mon, 16 Mar 09
evolution-data-server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0587
Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel.
Mon, 16 Mar 09
gst-plugins-base
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0586
Integer overflow in gst-libs/gst/tag/gstvorbistag.c in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a long string that is converted from a base64 representation.
Mon, 16 Mar 09
libsoup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0585
Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.
Mon, 16 Mar 09
evolution-data-server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0582
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount of data in a challenge packet, which allows remote mail servers to read information from the process memory of a client, or cause a denial of service (client crash), via an NTLM authentication type ...
Mon, 16 Mar 09
itunes
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0143
Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast.
Mon, 16 Mar 09
itunes
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0016
Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.
Mon, 16 Mar 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6472
The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
Mon, 16 Mar 09
glib
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4316
Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.
Sat, 14 Mar 09
easylink
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6471
SQL injection vulnerability in detail.php in MountainGrafix easyLink 1.1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a show action.
Sat, 14 Mar 09
clansphere
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6470
Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript insert" and the (1) mods/messages/getusers.php and (2) mods/abcode/listimg.php files. NOTE: some of these details are obtained from third party information.
Sat, 14 Mar 09
plaincart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6469
SQL injection vulnerability in index.php in PlainCart 1.1.2 allows remote attackers to execute arbitrary SQL commands via the p parameter.
Sat, 14 Mar 09
diesel_pay
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6468
SQL injection vulnerability in index.php in Diesel Pay allows remote attackers to execute arbitrary SQL commands via the area parameter in a browse action.
Sat, 14 Mar 09
diesel_job_site
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6467
SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel Job Site allows remote attackers to execute arbitrary SQL commands via the job_id parameter.
Sat, 14 Mar 09
image_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6466
SQL injection vulnerability in image_gallery.php in the Akira Powered Image Gallery (image_gallery) plugin for e107 allows remote attackers to execute arbitrary SQL commands via the image parameter in an image-detail action.
Sat, 14 Mar 09
h-sphere
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6465
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters.
Sat, 14 Mar 09
basic-php-events-lister
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6464
SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 14 Mar 09
pd_churchsearch
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6463
SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
myquizpoll
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6462
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 0.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
ste_prayer2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6461
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
mw_random_objects
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6460
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
autobeuser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6459
SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
fe_address_edit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6458
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
cgswigmore
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6457
SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
hbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6456
SQL injection vulnerability in the HBook (h_book) extension 2.3.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Sat, 14 Mar 09
phpshop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6455
Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote attackers to hijack web sessions via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 14 Mar 09
6rbscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6454
SQL injection vulnerability in section.php in 6rbScript 3.3 allows remote attackers to execute arbitrary SQL commands via the singerid parameter in a singers action.
Sat, 14 Mar 09
6rbscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6453
Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
Sat, 14 Mar 09
oceandir
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6452
SQL injection vulnerability in show_vote.php in Oceandir 2.9 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 14 Mar 09
jportal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6451
SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509.
Sat, 14 Mar 09
linux-pam
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0887
Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt.
Sat, 14 Mar 09
nforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0882
Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.
Fri, 13 Mar 09
oneorzero_helpdesk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0886
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the default_language parameter.
Fri, 13 Mar 09
media_commands
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0885
Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file.
Fri, 13 Mar 09
filezilla_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0884
Buffer overflow in FileZilla Server before 0.9.31 allows remote attackers to cause a denial of service via unspecified vectors related to SSL/TLS packets.
Fri, 13 Mar 09
blue_eye_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0883
SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter.
Fri, 13 Mar 09
isiajax
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0881
SQL injection vulnerability in ejemplo/paises.php in isiAJAX 1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Fri, 13 Mar 09
director
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0880
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
Fri, 13 Mar 09
director
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0879
The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI.
Fri, 13 Mar 09
wesnoth
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0878
The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.
Fri, 13 Mar 09
java_system_communications_express
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0877
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field.
Fri, 13 Mar 09
xvm_virtualbox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0876
Unspecified vulnerability in Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via unknown vectors related to "certain packages."
Fri, 13 Mar 09
solaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0875
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.
Fri, 13 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0874
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function.
Fri, 13 Mar 09
linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0778
The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route, related to an "rt_cache leak."
Fri, 13 Mar 09
unified_communications_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0632
The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests ...
Fri, 13 Mar 09
wesnoth
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0366
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document.
Thu, 12 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0873
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
Thu, 12 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0872
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes.
Thu, 12 Mar 09
asterisk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0871
The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_uri_headers_cmp and (2) sip_uri_params_cmp functions.
Thu, 12 Mar 09
dash
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0854
Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory.
Thu, 12 Mar 09
gtk2, opensuse
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0848
Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to execute arbitrary code via a Trojan horse GTK module in an unspecified "relative search path."
Thu, 12 Mar 09
wmi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0713
Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows remote attackers to obtain sensitive information via unknown vectors.
Thu, 12 Mar 09
wmi_mapper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0712
Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows local users to gain privileges via unknown vectors.
Thu, 12 Mar 09
mahara
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0660
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.10 and 1.1 before 1.1.2 allow remote attackers to inject arbitrary web script or HTML via a (1) profile and (2) blog, a different vulnerability than CVE-2009-0487.
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted DNS queries that trigger "unnecessary lookups," aka "DNS Server Response Validation Vulnerability."
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0233
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not reuse cached DNS responses in all applicable situations, which makes it easier for remote attackers to predict transaction IDs and poison caches by simultaneously sending crafted DNS queries and responses, aka "DNS Server Query Validation Vulnerability."
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0094
The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the (1) "wpad" and (2) "isatap" NetBIOS names, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) features, and conduct man-in-the-middle attacks by spoofing a proxy server or ISATAP route, by registering one of these names in the WINS database, aka "WPAD WINS Server Registration Vulnerabilit...
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0093
Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery (WPAD) feature, and conduct man-in-the-middle attacks by spoofing a proxy server, via a Dynamic Update request for this hostname, aka "DNS Server Vulnerability in WPAD Registration Vulnerability," a related issue to CVE-2007-1692.
Thu, 12 Mar 09
tivoli_storage_manager, tivoli_storage_manager_express
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4563
Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.4.0.0 through 5.4.4.0, 5.3 including 5.3.7.3, and 5.2 allows remote attackers to execute arbitrary code via a crafted length value.
Thu, 12 Mar 09
openttd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3547
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
Thu, 12 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0870
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function.
Thu, 12 Mar 09
tivoli_storage_manager_hsm
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0869
Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0.0 through 5.5.1.4 on Windows allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Thu, 12 Mar 09
CVE-2009-0837 (reader3.0)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0837
Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote attackers to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by the "Open/Execute a file" action.
Thu, 12 Mar 09
CVE-2009-0836 (reader, reader3.0)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0836
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action.
Thu, 12 Mar 09
foxit_reader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0191
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location.
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0085
The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's key exchange data in Transport Layer Security (TLS) handshake messages, which allows remote attackers to spoof authentication by crafting a TLS packet based on knowledge of the certificate but not the private key, aka "SChannel Spoofing Vulnerabili...
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0083
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers use of a crafted pointer, aka "Windows Kernel Invalid Pointer Vulnerability."
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0082
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows Kernel Handle Validation Vulnerability."
Thu, 12 Mar 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0081
The graphics device interface (GDI) implementation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate input received from user mode, which allows remote attackers to execute arbitrary code via a crafted (1) Windows Metafile (aka WMF) or (2) Enhanced Metafile (aka EMF) image file, aka "Windows Kernel Input Validation Vulnerability."
Thu, 12 Mar 09
jasmine2000
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0868
CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Wed, 11 Mar 09
enhanced_support_facility
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0867
The HRM-S service in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 allows remote attackers to obtain (1) hardware and (2) software information via unspecified requests in a client connection.
Wed, 11 Mar 09
phnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0866
pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php.
Wed, 11 Mar 09
livex_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0865
Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods.
Wed, 11 Mar 09
s-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0864
S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie.
Wed, 11 Mar 09
s-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0863
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 11 Mar 09
tangocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0862
Cross-site scripting (XSS) vulnerability in the hook_cntrlr_error_output function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x (aka Eagle) before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
Wed, 11 Mar 09
phpdenora
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0861
Cross-site scripting (XSS) vulnerability in phpDenora before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via an IRC channel name. NOTE: some of these details are obtained from third party information.
Wed, 11 Mar 09
netmri
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0860
Cross-site scripting (XSS) vulnerability in the web user interface in the login application in NetMRI 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to error pages.
Wed, 11 Mar 09
linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0859
The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program.
Wed, 11 Mar 09
djbdns
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0858
The response_addname function in response.c in Daniel J. Bernstein djbdns 1.05 and earlier does not constrain offsets in the required manner, which allows remote attackers, with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary records via crafted zone data for this subdomain.
Wed, 11 Mar 09
management_center
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0857
Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console.
Wed, 11 Mar 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0856
Multiple cross-site scripting (XSS) vulnerabilities in sample applications in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 on z/OS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 11 Mar 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0855
Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 11 Mar 09
CVE-2009-0825 (tinx/cms)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0825
SQL injection vulnerability in system/rss.php in TinX/cms 3.x before 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 11 Mar 09
tomcat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0781
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML."
Wed, 11 Mar 09
interix, openbsd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0537
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
Wed, 11 Mar 09
jboss_enterprise_application_platform
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0027
The request handler in JBossWS in JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP06 and 4.3 before 4.3.0.CP04 does not properly validate the resource path during a request for a WSDL file with a custom web-service endpoint, which allows remote attackers to read arbitrary XML files via a crafted request.
Wed, 11 Mar 09
celerbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0853
login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass authentication and obtain administrative access via special characters in the Username parameter, as demonstrated by an admin'# parameter value.
Wed, 11 Mar 09
celerbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0852
showme.php in CelerBB 0.0.2 allows remote attackers to obtain "reserved information" via the user parameter.
Wed, 11 Mar 09
celerbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0851
Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.
Wed, 11 Mar 09
internet_security
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0850
Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a virus-infected file, as demonstrated by a filename inside a (1) rar or (2) zip archive file.
Wed, 11 Mar 09
novanet
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0849
Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attackers to (1) execute arbitrary code on Linux platforms via a long username field during backup domain authentication, related to libnnlindtb.so; or (2) cause a denial of service (daemon crash) on Windows platforms via a long username field during backup domain authentication, related to nnwindtb.dll. NOTE: some of these details are obtained from third party information.
Wed, 11 Mar 09
pc2m
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6450
Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Wed, 11 Mar 09
xr-1100, xr-410, xr-410-l2, xr-440, xr-510, xr-540, xr-640, xr-640-l2, xr-730
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6449
Cross-site request forgery (CSRF) vulnerability in multiple Century Systems routers including XR-410 before 1.6.9, XR-510 before 3.5.3, XR-440 before 1.7.8, and other XR series routers from XR-510 to XR-730 allows remote attackers to modify configuration as the administrator via unknown vectors.
Wed, 11 Mar 09
mtcms_wysiwyg_editor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6448
Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 11 Mar 09
easymail_mailstore
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6447
Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long first argument to the CreateStore method.
Wed, 11 Mar 09
maxsite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6446
Static code injection vulnerability in the Guestbook component in CMS MAXSITE allows remote attackers to inject arbitrary PHP code into the guestbook via the message parameter.
Wed, 11 Mar 09
yourplace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6445
Unspecified vulnerability in YourPlace before 1.0.1 has unknown impact and attack vectors, possibly related to improper authenticated and the ability to upload arbitrary PHP code. NOTE: some of these details are obtained from third party information.
Wed, 11 Mar 09
baidu_hi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6444
Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value.
Wed, 11 Mar 09
phpkf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6443
SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter.
Wed, 11 Mar 09
dloader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6442
Insecure method vulnerability in Sina Inc. DLoader Class ActiveX Control allows remote attackers to overwrite arbitrary files via a URL in the first parameter to the DonwloadAndInstall method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 11 Mar 09
unreal_engine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6441
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games, allows remote servers to execute arbitrary code via (1) the CLASS parameter in a DLMGR command, (2) a malformed package (PKG), and possibly (3) the LEVEL parameter in a WELCOME command.
Tue, 10 Mar 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0838
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.
Tue, 10 Mar 09
cerberus_helpdesk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6440
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
Tue, 10 Mar 09
abledating
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6439
Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
Tue, 10 Mar 09
blog_engine_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6438
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455.
Tue, 10 Mar 09
phpfreeforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6437
Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeForum 1.0 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) message parameter to error.php, and the (2) nickname and (3) randomid parameters to part/menu.php.
Tue, 10 Mar 09
workcentre
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6436
Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235, and 7245 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 10 Mar 09
phpsqlitecms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6435
Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[home], (2) lang[admin_menu], and (3) lang[admin_menu_page_overview] parameters to cms/includes/header.inc.php; and the (4) lang[login_username] and (5) lang[login_password] parameters to cms/includes/login.inc.php.
Tue, 10 Mar 09
sava_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6434
SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to execute arbitrary SQL commands via the LinkServID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 10 Mar 09
sava_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6433
Cross-site scripting (XSS) vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 10 Mar 09
bmforum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6431
Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) outpused parameter to index.php, the (2) footer_copyright and (3) verandproname parameters to newtem/footer/bsd01footer.php, and the (4) topads and (5) myplugin parameters to newtem/header/bsd01header.php.
Tue, 10 Mar 09
com_mycontent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6430
SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
Tue, 10 Mar 09
com_prayercenter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6429
SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php.
Tue, 10 Mar 09
kaya
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6428
The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.
Tue, 10 Mar 09
hivemaker
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6427
SQL injection vulnerability in index.php in Hivemaker Professional 1.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Tue, 10 Mar 09
comicshout
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6425
SQL injection vulnerability in news.php in ComicShout 2.8 allows remote attackers to execute arbitrary SQL commands via the news_id parameter, a different vector than CVE-2008-2456.
Tue, 10 Mar 09
ffftp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6424
Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite arbitrary files via a response to an FTP LIST command with a filename that contains a .. (dot dot).
Tue, 10 Mar 09
passwiki
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6423
Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the site_id parameter.
Tue, 10 Mar 09
psychostats
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6422
Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php.
Tue, 10 Mar 09
social_site_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6421
PHP remote file inclusion vulnerability in social_game_play.php in Social Site Generator (SSG) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
Tue, 10 Mar 09
social_site_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6420
Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.
Tue, 10 Mar 09
social_site_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6419
Multiple SQL injection vulnerabilities in Social Site Generator (SSG) 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) sgc_id parameter to display_blog.php, (2) scm_mem_id parameter to social_my_profile_download.php, and the (3) catid parameter to social_forum_subcategories.php.
Sat, 7 Mar 09
torrenttrader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6418
SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.
Sat, 7 Mar 09
greensql-console
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6417
Unspecified vulnerability in GreenSQL-Console before 0.3.5 allows attackers to obtain the "installation directory" via unknown vectors.
Sat, 7 Mar 09
greensql-console
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6416
Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL-Console before 0.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "internal pages."
Sat, 7 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0835
The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.
Sat, 7 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0834
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
Sat, 7 Mar 09
ccproxy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6415
Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname.
Sat, 7 Mar 09
aj_auction
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6414
SQL injection vulnerability in detail.php in AJ Auction Pro Platinum Skin 2 allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
Sat, 7 Mar 09
answers_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6413
Cross-site scripting (XSS) vulnerability in the Answers module 5.x-1.x-dev and possibly other 5.x versions, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a Simple Answer to a question.
Sat, 7 Mar 09
vignette_content_management
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6412
Unspecified vulnerability in Vignette Content Management 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5 allows "low privileged" users to gain administrator privileges via unknown attack vectors.
Sat, 7 Mar 09
explay_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6411
Explay CMS 2.1 and earlier allows remote attackers to bypass authentication and gain administrative access by setting the login cookie to 1.
Sat, 7 Mar 09
CVE-2008-6410 (ol'bookmarks)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6410
Directory traversal vulnerability in show.php in ol'bookmarks manager 0.7.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter.
Sat, 7 Mar 09
CVE-2008-6409 (ol'bookmarks)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6409
SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action.
Sat, 7 Mar 09
CVE-2008-6408 (ol'bookmarks)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6408
PHP remote file inclusion vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary PHP code via a URL in the framefile parameter.
Sat, 7 Mar 09
CVE-2008-6407 (ol'bookmarks)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6407
Directory traversal vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the framefile parameter.
Sat, 7 Mar 09
datalife_engine
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6406
Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string.
Sat, 7 Mar 09
hotscripts_clone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6405
SQL injection vulnerability in showcategory.php in Hotscripts Clone allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Sat, 7 Mar 09
thyme
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6404
Cross-site scripting (XSS) vulnerability in add_calendars.php in eXtrovert Software Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
Sat, 7 Mar 09
openrat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6403
PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpl_dir parameter.
Sat, 7 Mar 09
sofi_webgui
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6402
PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mod_dir parameter.
Sat, 7 Mar 09
jetik-web
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6401
SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote attackers to execute arbitrary SQL commands via the kat parameter.
Sat, 7 Mar 09
dkim-milter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0770
dkim-milter 2.6.0 through 2.8.0 allows remote attackers to cause a denial of service (crash) by signing a message with a key that has been revoked in DNS, which triggers an assertion error.
Sat, 7 Mar 09
qip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0769
QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and application hang) via a crafted Rich Text Format (RTF) ICQ message, as demonstrated by an {\rtf\pict\&&} message. NOTE: the vulnerability may be in Sergey Tkachenko TRichView. If so, then this should not be treated as a vulnerability in QIP.
Sat, 7 Mar 09
yapbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0768
SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the forumID parameter in a next action.
Sat, 7 Mar 09
kipper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0767
Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data.
Sat, 7 Mar 09
kipper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 7 Mar 09
kipper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0765
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the configfile parameter.
Sat, 7 Mar 09
kipper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0764
Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 7 Mar 09
kipper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0763
Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter.
Sat, 7 Mar 09
ez_php_comment
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0762
Cross-site scripting (XSS) vulnerability in ScriptsEz Ez PHP Comment allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 7 Mar 09
CVE-2009-0761 (1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0761
Cross-site scripting (XSS) vulnerability in online.asp in Team Board 1.x allows remote attackers to inject arbitrary web script or HTML via the lookname parameter.
Sat, 7 Mar 09
team_board
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0760
Team Board 1.x and 2.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for data/team.mdb.
Sat, 7 Mar 09
gen_msn
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0833
Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. NOTE: some of these details are obtained from third party information.
Sat, 7 Mar 09
e-cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0832
SQL injection vulnerability in items.php in the E-Cart module 1.3 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the CA parameter.
Sat, 7 Mar 09
members_cv_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0831
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.
Sat, 7 Mar 09
quotebook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0830
Cross-site scripting (XSS) vulnerability in QuoteBook allows remote attackers to inject arbitrary web script or HTML via the (1) QuoteName and (2) QuoteText parameters to quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 7 Mar 09
quotebook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0829
Multiple SQL injection vulnerabilities in QuoteBook allow remote attackers to execute arbitrary SQL commands via the (1) MyBox and (2) selectFavorites parameters to (a) quotes.php and the (3) QuoteName and (4) QuoteText parameters to (b) quotesadd.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 7 Mar 09
quotebook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0828
QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request.
Sat, 7 Mar 09
pollhelper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0827
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
Sat, 7 Mar 09
bloghelper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0826
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
Sat, 7 Mar 09
refbase
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6400
Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to (1) show.php and (2) search.php. NOTE: some of these details are obtained from third party information.
Sat, 7 Mar 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6399
Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors.
Fri, 6 Mar 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0821
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element.
Fri, 6 Mar 09
phpscheduleit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0820
Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via (1) the end_date parameter to reserve.php and (2) the start_date and end_date parameters to check.php. NOTE: the start_date/reserve.php vector is already covered by CVE-2008-6132.
Fri, 6 Mar 09
mysql
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0819
sql/item_xmlfunc.cc in MySQL before 5.1.32 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
Fri, 6 Mar 09
taxonomy_theme_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0818
Cross-site scripting (XSS) vulnerability in the taxonomy_theme_admin_table_builder function (taxonomy_theme_admin.inc) in Taxonomy Theme module before 5.x-1.2, a module for Drupal, allows remote authenticated users with the "administer taxonomy" permission, or the ability to create pages when tagging is enabled, to inject arbitrary web script or HTML via the Vocabulary name (name parameter) to index.php. NOTE: some of these details are obtained from third party information.
Fri, 6 Mar 09
protected_node_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0817
Cross-site scripting (XSS) vulnerability in the Protected Node module 5.x before 5.x-1.4 and 6.x before 6.x-1.5, a module for Drupal, allows remote authenticated users with "administer site configuration" permissions to inject arbitrary web script or HTML via the Password page info field, which is not properly handled by the protected_node_enterpassword function in protected_node.module.
Fri, 6 Mar 09
typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0816
Cross-site scripting (XSS) vulnerability in the backend user interface in TYPO3 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 3.3.x through 3.8.x allows remote attackers to inject arbitrary web script or HTML via multiple unspecified fields.
Fri, 6 Mar 09
typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0815
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 3.3.x through 3.8.x leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.
Fri, 6 Mar 09
blogsa
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0814
Cross-site scripting (XSS) vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchText parameter.
Fri, 6 Mar 09
teamlinks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0813
Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in Imera TeamLinks Client allows remote attackers to force the download and execution of arbitrary URLs via modified DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI parameters.
Fri, 6 Mar 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0777
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decodes invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.
Fri, 6 Mar 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0776
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
Fri, 6 Mar 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0775
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.
Fri, 6 Mar 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0774
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.
Fri, 6 Mar 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0773
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers ...
Fri, 6 Mar 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0772
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.
Fri, 6 Mar 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0771
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.
Fri, 6 Mar 09
session_border_controller
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0619
Unspecified vulnerability in the Session Border Controller (SBC) before 3.0(2) for Cisco 7600 series routers allows remote attackers to cause a denial of service (SBC card reload) via crafted packets to TCP port 2000.
Fri, 6 Mar 09
ubuntu_linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0578
network-manager-applet in Ubuntu 8.10 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors.
Fri, 6 Mar 09
wesnoth
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0367
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
Fri, 6 Mar 09
ubuntu_linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0365
The dbus request handler in (1) network-manager-applet and (2) NetworkManager in Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10 does not properly verify privileges, which allows local users to discover (a) network connection passwords and (b) pre-shared keys via unspecified queries.
Fri, 6 Mar 09
winamp, libsndfile
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0186
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
Fri, 6 Mar 09
curl, libcurl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0037
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.
Fri, 6 Mar 09
hex_workshop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0812
Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from third party information.
Fri, 6 Mar 09
sopcore_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0811
Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method.
Fri, 6 Mar 09
xguestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0810
SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter.
Fri, 6 Mar 09
catia, enovia_smarteam
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0809
The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object in the document class via a link that is sent from the owner of the document object.
Fri, 6 Mar 09
simplecmms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0808
Multiple SQL injection vulnerabilities in SimpleCMMS before 0.1.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Fri, 6 Mar 09
zfeeder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0807
zFeeder 1.6 allows remote attackers to gain administrative access via a direct request to admin.php.
Fri, 6 Mar 09
opengoo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0806
Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors.
Fri, 6 Mar 09
pical
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0805
Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php.
Fri, 6 Mar 09
sng
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6398
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/recompiled$$.png, (2) /tmp/decompiled$$.sng, and (3) /tmp/canonicalized$$.sng temporary files.
Fri, 6 Mar 09
sgml2x
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6397
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Fri, 6 Mar 09
uploader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6396
Cross-site scripting (XSS) vulnerability in account.php in Celerondude Uploader 6.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.
Thu, 5 Mar 09
wireless_8760_dual-radio
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6395
The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers to cause a denial of service (device crash) via a malformed HTTP POST request.
Thu, 5 Mar 09
cs-cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6394
SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.
Thu, 5 Mar 09
ziproxy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0804
Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Thu, 5 Mar 09
networkguardian, schoolguardian, smoothguardian
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0803
SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Thu, 5 Mar 09
wingate
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0802
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Thu, 5 Mar 09
squid_web_proxy_cache
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0801
Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Thu, 5 Mar 09
openbsd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0780
The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote attackers to cause a denial of service (application crash) via an Autonomous System (AS) advertisement containing a long AS path.
Thu, 5 Mar 09
aix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0779
Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string."
Thu, 5 Mar 09
znc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0759
Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.
Thu, 5 Mar 09
avahi-daemon
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0758
The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.
Thu, 5 Mar 09
gnu_mpfr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0757
Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service (crash) via the (1) mpfr_snprintf and (2) mpfr_vsnprintf functions.
Thu, 5 Mar 09
poppler
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0756
The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.
Thu, 5 Mar 09
poppler
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0755
The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.
Thu, 5 Mar 09
php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0754
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
Thu, 5 Mar 09
mldonkey
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0753
Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" (double slash) in the filename.
Wed, 4 Mar 09
psi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6393
PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer overflow.
Wed, 4 Mar 09
movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0752
Unspecified vulnerability in Movable Type Pro and Community Solution 4.x before 4.24 has unknown impact and attack vectors, possibly related to the password recovery mechanism.
Wed, 4 Mar 09
yaws
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0751
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
Wed, 4 Mar 09
smnews
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0750
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter.
Wed, 4 Mar 09
opensc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0368
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.
Wed, 4 Mar 09
optipng
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0749
Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.
Wed, 4 Mar 09
z1exchange
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6392
SQL injection vulnerability in showads.php in Z1Exchange allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 4 Mar 09
jbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6391
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username (user parameter).
Wed, 4 Mar 09
membership_manager_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6390
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 4 Mar 09
rae_media_contact_management
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6389
SQL injection vulnerability in asadmin/default.asp in Rae Media Contact Management Software SOHO, Standard, and Enterprise allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information.
Wed, 4 Mar 09
rapid_classified
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6388
Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to cldb.mdb.
Wed, 4 Mar 09
quick_tree_view
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6387
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb.
Wed, 4 Mar 09
z1exchange
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6386
Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Wed, 4 Mar 09
revsense
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6385
Cross-site scripting (XSS) vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
Wed, 4 Mar 09
comment_mail_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6384
Multiple cross-site request forgery (CSRF) vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to perform unauthorized actions as administrators via unspecified vectors.
Wed, 4 Mar 09
storm
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6383
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified vectors.
Wed, 4 Mar 09
aspportal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6382
ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.
Wed, 4 Mar 09
bcoos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6381
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
Wed, 4 Mar 09
active_web_helpdesk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6380
SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.
Wed, 4 Mar 09
gallery_mx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6379
SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
Wed, 4 Mar 09
calendar_mx_professional
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6378
SQL injection vulnerability in calendar_Eventupdate.asp in Calendar Mx Professional 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
Wed, 4 Mar 09
multi_seo_phpbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6377
PHP remote file inclusion vulnerability in include/global.php in Multi SEO phpBB 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter.
Wed, 4 Mar 09
jbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6376
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter).
Wed, 4 Mar 09
jbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6375
JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb.
Wed, 4 Mar 09
mailinglistpro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6374
CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to db/MailingList.mdb.
Wed, 4 Mar 09
nagios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6373
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments."
Wed, 4 Mar 09
faq_manager_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6372
SQL injection vulnerability in default.asp in Ocean12 FAQ Manager Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a Cat action. NOTE: some of these details are obtained from third party information.
Wed, 4 Mar 09
membership_manager_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6371
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the username (Username parameter).
Wed, 4 Mar 09
contact_manager_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6370
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to inject arbitrary web script or HTML via the DisplayFormat parameter.
Wed, 4 Mar 09
contact_manager_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6369
SQL injection vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to execute arbitrary SQL commands via the Sort parameter.
Wed, 4 Mar 09
chipmunk_guestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6368
SQL injection vulnerability in index.php in Chipmunk Guestbook 1.4m allows remote attackers to execute arbitrary SQL commands via the start parameter.
Wed, 4 Mar 09
social_groupie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6367
Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in Member_images/.
Wed, 4 Mar 09
affiliate_software_java
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6366
SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information.
Wed, 4 Mar 09
ad_management_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6365
SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp. NOTE: some of these details are obtained from third party information.
Wed, 4 Mar 09
banner_exchange_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6364
SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter). NOTE: some of these details are obtained from third party information.
Wed, 4 Mar 09
designworks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6363
Stack-based buffer overflow in DesignWorks Professional 4.3.1 and 5.0.7 allows remote attackers to execute arbitrary code via a crafted .cct file. NOTE: some of these details are obtained from third party information.
Wed, 4 Mar 09
multiple_membership_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6362
SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 4 Mar 09
feedcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6361
Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 19Beta allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 4 Mar 09
impresscms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6360
Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in ImpressCMS 1.0.2 final allows remote attackers to inject arbitrary web script or HTML via the rank_title parameter. NOTE: some of these details are obtained from third party information.
Wed, 4 Mar 09
CVE-2008-6359 (max's_guestbook)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6359
Cross-site scripting (XSS) vulnerability in index.php in Max's Guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, and (3) message parameters.
Wed, 4 Mar 09
social_groupie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6358
SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 4 Mar 09
mycal_personal_events_calendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6357
MyCal Personal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to mycal.mdb.
Wed, 4 Mar 09
evcal_events_calendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6356
evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to (1) evcal.mdb and (2) evcal97.mdb.
Tue, 3 Mar 09
aspired2protect
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6355
The Net Guys ASPired2Protect stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2Protect.mdb.
Tue, 3 Mar 09
aspired2poll
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6354
The Net Guys ASPired2poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2poll.mdb.
Tue, 3 Mar 09
asp-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6353
SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the cha parameter.
Tue, 3 Mar 09
xpoze_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6352
SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter.
Tue, 3 Mar 09
local_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6351
Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to inject arbitrary web script or HTML via the r parameter.
Tue, 3 Mar 09
local_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6350
SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter.
Tue, 3 Mar 09
business_survey_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6349
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 3 Mar 09
photo_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to gallery_category.php, (2) photo_id parameter to gallery_photo.php, and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
Tue, 3 Mar 09
onguma_time_sheet
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6347
PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_ongumatimesheet20) 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Tue, 3 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0748
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate the superblock configuration, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) by attempting to mount a crafted ext4 filesystem.
Tue, 3 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0747
The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
Tue, 3 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0746
The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain rec_len field, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.
Tue, 3 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0745
The ext4_group_add function in fs/ext4/resize.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not properly initialize the group descriptor during a resize (aka resize2fs) operation, which might allow local users to cause a denial of service (OOPS) by arranging for crafted values to be present in available memory.
Tue, 3 Mar 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0744
Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a feeds: URI beginning with a (1) % (percent), (2) { (open curly bracket), (3) } (close curly bracket), (4) ^ (caret), (5) ` (backquote), or (6) | (pipe) character, followed by an & (ampersand) character.
Tue, 3 Mar 09
unified_meetingplace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0743
Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote authenticated users to inject arbitrary web script or HTML via the E-mail Address field.
Tue, 3 Mar 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0028
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.
Tue, 3 Mar 09
dr_wiki
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6346
Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 3 Mar 09
solarcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6345
SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information.
Tue, 3 Mar 09
tu-clausthal_staff
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6344
SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Tue, 3 Mar 09
tu-clausthal_odin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6343
Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 3 Mar 09
simplefilebrowser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6342
Unspecified vulnerability in the TYPO3 Simple File Browser (simplefilebrowser) extension 1.0.2 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors.
Tue, 3 Mar 09
sb_universal_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6341
Cross-site scripting (XSS) vulnerability in the SB Universal Plugin (SBuniplug) extension 2.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 3 Mar 09
mv_vox_populi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6340
Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Tue, 3 Mar 09
wes_facilities
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6338
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Tue, 3 Mar 09
com_volunteer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6337
SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to index.php.
Tue, 3 Mar 09
text_lines_rearrange_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6336
Directory traversal vulnerability in download.php in Text Lines Rearrange Script 1.0, when register_globals is enabled, allows remote attackers to read arbitrary local files via directory traversal sequences in the filename parameter.
Tue, 3 Mar 09
online_keyword_research_tool
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6335
Directory traversal vulnerability in download.php in eMetrix Online Keyword Research Tool allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
Tue, 3 Mar 09
extract_website
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6334
Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
Tue, 3 Mar 09
rss_simple_news
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6333
SQL injection vulnerability in news.php in RSS Simple News (RSSSN), when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Tue, 3 Mar 09
simple_customer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6332
SQL injection vulnerability in login.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter.
Tue, 3 Mar 09
streber
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6331
Multiple cross-site request forgery (CSRF) vulnerabilities in Streber before 0.08093 have unknown impact and remote attack vectors.
Tue, 3 Mar 09
mytopix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6330
SQL injection vulnerability in index.php in MyTopix 1.3.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the send parameter in a notes action.
Tue, 3 Mar 09
pre_asp_job_board
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6329
SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information.