Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Wed, 29 Apr 09
razorcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1463
Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitrary PHP code into any page by saving content as a .php file.
Wed, 29 Apr 09
razorcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1462
The Security Manager in razorCMS before 0.4 does not verify the permissions of every file owned by the apache user account, which is inconsistent with the documentation and allows local users to have an unspecified impact.
Wed, 29 Apr 09
razorcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1461
Cross-site scripting (XSS) vulnerability in the Create New Page form in razorCMS 0.3 RC2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Page Title field.
Wed, 29 Apr 09
razorcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1460
razorCMS before 0.4 uses weak permissions for (1) admin/core/admin_config.php, which allows local users to obtain the administrator's password hash and FTP user credentials; and (2) the root directory, (3) datastore/, and (4) admin/core/, which allows local users to have an unspecified impact.
Wed, 29 Apr 09
razorcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1459
Cross-site request forgery (CSRF) vulnerability in razorCMS before 0.4 allows remote attackers to hijack the authentication of administrators for requests that create a web page containing PHP code.
Wed, 29 Apr 09
razorcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1458
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in razorCMS before 0.4 allow remote attackers to inject arbitrary web script or HTML via (1) the slab parameter in an edit action, (2) the catname parameter in a showcats action, and (3) the cat parameter in a reordercat action.
Wed, 29 Apr 09
nuke_evolution_xtreme
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1457
Cross-site scripting (XSS) vulnerability in player.php in Nuke Evolution Xtreme 2.x allows remote attackers to inject arbitrary web script or HTML via the defaultVisualExt parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 29 Apr 09
malleo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1456
Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
Wed, 29 Apr 09
webcollab
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1455
Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat) allow remote attackers to hijack the authentication of administrators for requests that change an arbitrary password or have other unspecified impact.
Wed, 29 Apr 09
webcollab
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1454
Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action.
Wed, 29 Apr 09
tiny_blogr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third party information.
Wed, 29 Apr 09
sma-db
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1452
Multiple PHP remote file inclusion vulnerabilities in theme/format.php in SMA-DB 0.3.13 allow remote attackers to execute arbitrary PHP code via a URL in the (1) _page_css and (2) _page_javascript parameters. NOTE: the _page_content vector is already is covered by CVE-2009-1450.
Wed, 29 Apr 09
wordpress
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6767
wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.
Wed, 29 Apr 09
viart_shop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6766
cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to cause a denial of service (excessive shopping carts) via a flood of requests.
Wed, 29 Apr 09
viart_shop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6765
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access the contents of an arbitrary shopping cart via a modified cart_name parameter.
Wed, 29 Apr 09
silentum_loginsys
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6764
Cross-site scripting (XSS) vulnerability in login.php in Silentum LoginSys 1.0.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Wed, 29 Apr 09
silentum_loginsys
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6763
login2.php in Silentum LoginSys 1.0.0 allows remote attackers to bypass authentication and obtain access to an arbitrary account by setting the logged_in cookie to that account's username.
Wed, 29 Apr 09
wordpress
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6762
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
Wed, 29 Apr 09
CVE-2008-6761 (flexcustomer0.0.6)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6761
Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions specify deleting admin/install.php.
Wed, 29 Apr 09
viart_shop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6760
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an unauthenticated add and save action for a shopping cart in cart_save.php, which reveals the SQL table names in an error message, related to code that mishandles the lack of a user_id parameter.
Wed, 29 Apr 09
viart_shop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6759
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a URL in the POST_DATA parameter to manuals_search.php, which reveals the installation path in an error message.
Wed, 29 Apr 09
viart_shop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6758
Cross-site request forgery (CSRF) vulnerability in cart_save.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to hijack the authentication of arbitrary users for requests that conduct persistent cross-site scripting (XSS) attacks via the cart_name parameter in a save action.
Wed, 29 Apr 09
viart_shop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6757
Cross-site scripting (XSS) vulnerability in manuals_search.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to inject arbitrary web script or HTML via the manuals_search parameter.
Wed, 29 Apr 09
openview_network_node_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2438
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
Wed, 29 Apr 09
sma-db
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1451
Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Wed, 29 Apr 09
sma-db
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1450
PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote attackers to execute arbitrary PHP code via a URL in the _page_content parameter.
Wed, 29 Apr 09
coolplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1449
Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 allows remote attackers to execute arbitrary code via a skin file (skin.ini) with a large PlaylistSkin parameter. NOTE: this may overlap CVE-2008-5735.
Wed, 29 Apr 09
CVE-2009-1448 (apricot.php)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1448
Cross-site scripting (XSS) vulnerability in apricot.php in LovPop.net APRICOT, probably 1.20, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Wed, 29 Apr 09
jdk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1190
Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540.
Wed, 29 Apr 09
zoneminder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6756
ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local users to obtain the database username and password by reading this file.
Wed, 29 Apr 09
zoneminder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
Wed, 29 Apr 09
free_shopping_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1447
Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Wed, 29 Apr 09
image_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1446
Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of these details are obtained from third party information.
Wed, 29 Apr 09
webportal_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1445
Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta allow remote attackers to (1) read arbitrary files via directory traversal sequences in the lang parameter to libraries/helpdocs/help.php and (2) include and execute arbitrary local files via directory traversal sequences in the error parameter to index.php.
Wed, 29 Apr 09
webportal_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1444
PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS 0.8-beta allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.
Wed, 29 Apr 09
ocs_inventory_ng
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors.
Wed, 29 Apr 09
the_personal_sticky_threads
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6754
The Personal Sticky Threads addon 1.0.3c for vBulletin allows remote authenticated users to read the title, author, and pages of an arbitrary thread by toggling a personal sticky.
Wed, 29 Apr 09
amule
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1440
Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename.
Wed, 29 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1439
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
Wed, 29 Apr 09
libmodplug
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1438
Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow.
Wed, 29 Apr 09
freebsd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1436
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
Tue, 28 Apr 09
coolplayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1437
Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408.
Tue, 28 Apr 09
officescan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1435
NTRtScan.exe in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 allows local users to cause a denial of service (application crash) via directories with long pathnames. NOTE: some of these details are obtained from third party information.
Tue, 28 Apr 09
dbus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1189
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834.
Tue, 28 Apr 09
silverstripe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6753
SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.
Tue, 28 Apr 09
silverstripe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1433
SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter.
Tue, 28 Apr 09
chrome
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1414
Google Chrome 2.0.x lets modifications to the global object persist across a page transition, which makes it easier for attackers to conduct Universal XSS attacks via unspecified vectors.
Tue, 28 Apr 09
chrome
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1413
Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. NOTE: this can be leveraged for a remote attack by exploiting a chromehtml: argument-injection vulnerability.
Tue, 28 Apr 09
chrome
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1412
Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that sets document.location to a chromehtml: value, as demonstrated by use of a (1) javascript: or (2) data: URL. NOTE: this can be leveraged for Universal XSS by exploiting certain behavior involving per...
Tue, 28 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1192
drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.
Tue, 28 Apr 09
acpid
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0798
The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.
Tue, 28 Apr 09
seditio
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1411
SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the c parameter to plug.php.
Sat, 25 Apr 09
cups
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0164
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
Sat, 25 Apr 09
brightmail_gateway_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0064
Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allow remote authenticated users to gain privileges, and possibly obtain sensitive information or hijack sessions of arbitrary users, via vectors involving (1) administrative scripts or (2) console functions.
Sat, 25 Apr 09
brightmail_gateway_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0063
Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Sat, 25 Apr 09
CVE-2009-1410 (quick.cms.lite)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1410
SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 25 Apr 09
e107
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320.
Sat, 25 Apr 09
webspell
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1408
Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using (1) email, (2) img, and (3) url tags.
Sat, 25 Apr 09
notftp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1407
Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a certain languages[][file] parameter.
Sat, 25 Apr 09
totalcalendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1406
Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the include parameter.
Sat, 25 Apr 09
pastelcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1405
Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the set_lng parameter.
Sat, 25 Apr 09
pastelcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1404
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user (Username) parameter.
Sat, 25 Apr 09
cre_loaded
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1403
SQL injection vulnerability in product_info.php in CRE Loaded 6.2 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
Sat, 25 Apr 09
revou
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6752
adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator's password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation.
Sat, 25 Apr 09
revou
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6751
Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settings/my_photo.
Sat, 25 Apr 09
flexphpdirectory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6750
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/.
Sat, 25 Apr 09
flexphpdirectory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6749
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters.
Sat, 25 Apr 09
megacubo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6748
Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitrary PHP code via the play action in a mega:// URI.
Sat, 25 Apr 09
poppler
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1188
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to SplashBitmap (splash/SplashBitmap.cc).
Sat, 25 Apr 09
poppler
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1187
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0165
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."
Sat, 25 Apr 09
java_system_delegated_administrator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1357
CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELP_PAGE parameter.
Sat, 25 Apr 09
apache_http_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1191
mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1183
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1182
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file.
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1181
The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1180
The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1179
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file.
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0800
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file.
Sat, 25 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0799
The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
Sat, 25 Apr 09
mahara
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0664
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field in a user profile or (2) an arbitrary text block in a user view.
Fri, 24 Apr 09
plonepas
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0662
The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitrary user via unspecified vectors.
Fri, 24 Apr 09
cups, xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0195
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.
Fri, 24 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0166
The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
Fri, 24 Apr 09
cups
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0163
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) imagetops and (2) imagetoraster filters.
Fri, 24 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0147
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier allow remote attackers to cause a denial of service (crash) via a crafted PDF file.
Fri, 24 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0146
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) setBitmap and (2) readSymbolDictSeg.
Fri, 24 Apr 09
dotproject
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6747
dotProject before 2.1.2 does not properly restrict access to administrative pages, which allows remote attackers to gain privileges. NOTE: some of these details are obtained from third party information.
Fri, 24 Apr 09
turba_h3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6746
Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name.
Fri, 24 Apr 09
blogphp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6745
index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted email parameter in a register2 action.
Fri, 24 Apr 09
cybozu_dezie, cybozu_garoon, cybozu_office
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6744
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Fri, 24 Apr 09
clamav
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1372
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.
Fri, 24 Apr 09
clamav
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1371
The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding.
Fri, 24 Apr 09
xilisoft_video_converter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1370
Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.0402 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .cue file.
Fri, 24 Apr 09
mozilocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1369
moziloCMS 1.11 allows remote attackers to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message.
Fri, 24 Apr 09
mozilocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1368
Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3.
Fri, 24 Apr 09
mozilocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1367
Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote attackers to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a.
Fri, 24 Apr 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1366
Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) before 4.9.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "name/value pairs" and "paypal IPN functionality."
Fri, 24 Apr 09
rsmscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6743
RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, which bypasses the security check that is performed by verify.php.
Fri, 24 Apr 09
chcounter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1362
SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 24 Apr 09
dns_tools
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 24 Apr 09
firefox, seamonkey
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1312
Mozilla Firefox before 3.0.9 and SeaMonkey do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header.
Fri, 24 Apr 09
firefox, seamonkey
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1311
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.
Fri, 24 Apr 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1310
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1309
Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1308
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1307
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1306
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1305
The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1304
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1303
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree.
Fri, 24 Apr 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1302
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBinding...
Fri, 24 Apr 09
blackberry_enterprise_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0307
Cross-site scripting (XSS) vulnerability in admin/statistics/ConfigureStatistics in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a malformed URL. NOTE: some of these details are obtained from third party information.
Thu, 23 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1360
The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.
Thu, 23 Apr 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1359
Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors.
Thu, 23 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1338
The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.
Thu, 23 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1337
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
Thu, 23 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1336
fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the encode_lookup function.
Thu, 23 Apr 09
apt
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1358
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories.
Thu, 23 Apr 09
foxy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6742
Foxy P2P software allows remote attackers to cause a denial of service (memory consumption) via a foxy URI with a download action and a large fs value.
Thu, 23 Apr 09
simple_machines_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6741
SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the db_character_set parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "\" (backslash) sequence that does not quote the "'" (single quote) character, as demonstrated via a manlabels action to index.php.
Thu, 23 Apr 09
homap
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6740
PHP remote file inclusion vulnerability in html/admin/modules/plugin_admin.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the _settings[pluginpath] parameter.
Thu, 23 Apr 09
asp_download
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6739
Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request.
Thu, 23 Apr 09
myshoutpro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6738
MyShoutPro 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin_access cookie to 1.
Thu, 23 Apr 09
crysis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6737
Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information.
Thu, 23 Apr 09
flat_calendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6736
Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to (1) add new events via calAdd.php, as reachable from admin/add.php, or (2) delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's security documentation.
Thu, 23 Apr 09
thaiquickcart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6735
Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the sLanguage cookie.
Thu, 23 Apr 09
kwa
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6734
Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Thu, 23 Apr 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6733
Cross-site scripting (XSS) vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8.3 allows remote attackers to inject arbitrary web script or HTML via the querystring parameter.
Thu, 23 Apr 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6732
Cross-site scripting (XSS) vulnerability in the Language skin object in DotNetNuke before 4.8.4 allows remote attackers to inject arbitrary web script or HTML via "newly generated paths."
Thu, 23 Apr 09
myshoutpro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7238
Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 22 Apr 09
elecard_avc_hd_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1356
Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file.
Wed, 22 Apr 09
aix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1355
Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename.
Wed, 22 Apr 09
mongoose
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1354
Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
Wed, 22 Apr 09
zervit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1353
Buffer overflow in the http_parse_hex function in libz/misc.c in Zervit Webserver 0.02 allows remote attackers to cause a denial of service (daemon crash) via a long URI, related to http.c.
Wed, 22 Apr 09
powerchm
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1352
Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL.
Wed, 22 Apr 09
apollo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1351
Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file.
Wed, 22 Apr 09
CVE-2009-1350 (netidentity_client1.2.3)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1350
Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer.
Wed, 22 Apr 09
stronghold
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1349
Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI.
Wed, 22 Apr 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1266
Unspecified vulnerability in Wireshark before 1.0.7-0.1-1 has unknown impact and attack vectors.
Wed, 22 Apr 09
storageworks_storage_mirroring
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0718
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to execute arbitrary code via unknown vectors.
Wed, 22 Apr 09
storageworks_storage_mirroring
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0717
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service via unknown vectors.
Wed, 22 Apr 09
storageworks_storage_mirroring
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0716
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service or obtain "access" via unknown vectors.
Wed, 22 Apr 09
storage_essentials
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0715
Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors.
Tue, 21 Apr 09
chcounter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1347
Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field).
Tue, 21 Apr 09
nethoteles
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1346
SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execute arbitrary SQL commands via the id_establecimiento parameter.
Tue, 21 Apr 09
cpcommerce
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1345
SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows remote attackers to execute arbitrary SQL commands via the id_document parameter.
Tue, 21 Apr 09
localization_client
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1344
Cross-site scripting (XSS) vulnerability in the Localization client module 5.x before 5.x-1.2 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the translation functionality.
Tue, 21 Apr 09
print
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1343
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.5 and 6.x before 6.x-1.5, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via content titles.
Tue, 21 Apr 09
cck_comment_reference
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1342
Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via certain comment titles associated with a node edit form.
Tue, 21 Apr 09
flexphplink
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6731
Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.
Tue, 21 Apr 09
flexphplink
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6730
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php.
Tue, 21 Apr 09
phpmotion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6729
Multiple cross-site request forgery (CSRF) vulnerabilities in password.php in PHPmotion 2.1 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that modify an account via the (1) password or (2) email_address parameter.
Tue, 21 Apr 09
php-nuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6728
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
Tue, 21 Apr 09
upb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6727
Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.
Sat, 18 Apr 09
ie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1335
Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large document composed of unprintable characters, aka MSRC 9011jr.
Sat, 18 Apr 09
tivoli_continuous_data_protection_for_files
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1334
Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html in IBM Tivoli Continuous Data Protection (CDP) for Files 3.1.4.0 allows remote attackers to inject arbitrary web script or HTML via the reason parameter.
Sat, 18 Apr 09
deskjet_6840
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1333
Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the web interface on the HP Deskjet 6840 printer with firmware XF1M131A allows remote attackers to inject arbitrary web script or HTML via the POST request body.
Sat, 18 Apr 09
java_system_directory_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1332
The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.
Sat, 18 Apr 09
windows_media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1331
Integer overflow in Microsoft Windows Media Player (WMP) 11.0.5721.5260 allows remote attackers to cause a denial of service (application crash) via a crafted .mid file, as demonstrated by crash.mid.
Sat, 18 Apr 09
udev
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1186
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
Sat, 18 Apr 09
udev
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1185
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
Sat, 18 Apr 09
geronimo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0039
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
Sat, 18 Apr 09
geronimo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0038
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/.
Sat, 18 Apr 09
geronimo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager port...
Sat, 18 Apr 09
easy_rm_to_mp3_converter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1330
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
Sat, 18 Apr 09
shadow_stream_recorder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1329
Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Sat, 18 Apr 09
rm-mp3_converter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1328
Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Sat, 18 Apr 09
wm_downloader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1327
Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Sat, 18 Apr 09
rm_downloader
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1326
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Sat, 18 Apr 09
ripper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1325
Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Sat, 18 Apr 09
asx_to_mp3_converter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1324
Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Sat, 18 Apr 09
web_file_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1323
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Sat, 18 Apr 09
asp_product_catalog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1322
ASP Product Catalog 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for database/aspProductCatalog.mdb.
Sat, 18 Apr 09
asp_product_catalog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1321
Cross-site scripting (XSS) vulnerability in search.asp in ASP Product Catalog 1.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
Sat, 18 Apr 09
store_builder
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1320
Multiple cross-site scripting (XSS) vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) gridPage and (2) gridSort parameters. NOTE: some of these details are obtained from third party information.
Sat, 18 Apr 09
guest_cal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1319
Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the lang parameter to index.php.
Sat, 18 Apr 09
jamroom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1318
Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter.
Sat, 18 Apr 09
aqua_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1317
Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) userSID cookie parameter to droplets/functions/base.php and the (2) username parameter to admin/index.php.
Sat, 18 Apr 09
ablespace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1316
Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php.
Sat, 18 Apr 09
ablespace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1315
Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter to groups_profile.php, (2) cat_id and (3) razd_id parameters to adv_cat.php, and the (4) URL to blogs_full.php.
Sat, 18 Apr 09
cmscout
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6726
Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-3415.
Sat, 18 Apr 09
cmscout
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6725
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Sat, 18 Apr 09
pnopaste
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6724
Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste 1.0 allows remote attackers to inject arbitrary web script or HTML via the language parameter. NOTE: some of these details are obtained from third party information.
Sat, 18 Apr 09
web_file_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1314
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
Sat, 18 Apr 09
freetype
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0946
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Sat, 18 Apr 09
CVE-2008-1107 (danskesikker.ocx)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1107
Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control (DanskeSikker.ocx) 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function.
Fri, 17 Apr 09
mpg123
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1301
Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.
Fri, 17 Apr 09
apt
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1300
apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.
Fri, 17 Apr 09
liferay_enterprise_portal, teaming
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1294
Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 (1.0.3) allow remote attackers to inject arbitrary web script or HTML via the (1) p_p_state or (2) p_p_mode parameters.
Fri, 17 Apr 09
teaming
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1293
The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
Fri, 17 Apr 09
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1285
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.
Fri, 17 Apr 09
linux-pam
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0579
Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.
Fri, 17 Apr 09
ghostscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0196
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.
Fri, 17 Apr 09
divx_web_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5259
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.
Fri, 17 Apr 09
sap_gui
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4830
Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.
Fri, 17 Apr 09
intelligent_application_gateway_2007
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2238
Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.
Fri, 17 Apr 09
replistor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1119
Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.
Thu, 16 Apr 09
application_server, application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1017
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 16 Apr 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1016
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS.
Thu, 16 Apr 09
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1014
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1013
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1012
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to IIS.
Thu, 16 Apr 09
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1011
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML.
Thu, 16 Apr 09
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1010
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML.
Thu, 16 Apr 09
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1009
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML.
Thu, 16 Apr 09
application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1008
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML.
Thu, 16 Apr 09
jrockit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1006
Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Apr 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1005
Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Apr 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1004
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1003
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect integrity via unknown vectors.
Thu, 16 Apr 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1002
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
bea_product_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1001
Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 8.1 SP6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
e-business_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1000
The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors.
Thu, 16 Apr 09
e-business_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0999
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Apr 09
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0998
Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0997
Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL.
Thu, 16 Apr 09
application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0996
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 16 Apr 09
e-business_suite, e-business_suite_12
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0995
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 allows remote attackers to affect integrity via unknown vectors.
Thu, 16 Apr 09
application_server, application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0994
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 16 Apr 09
application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0993
Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Apr 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0992
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN.
Thu, 16 Apr 09
database_10g, database_11g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0991
Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors.
Thu, 16 Apr 09
application_server, application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0990
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
application_server, application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0989
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0988
Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors.
Thu, 16 Apr 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0986
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Apr 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0985
Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users with the IMP_FULL_DATABASE role to affect confidentiality, integrity, and availability.
Thu, 16 Apr 09
database_10g, database_11g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0984
Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL.
Thu, 16 Apr 09
application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0983
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974.
Thu, 16 Apr 09
jd_edwards_enterpriseone, peoplesoft_enterprise
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0982
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote authenticated users to affect integrity via unknown vectors.
Thu, 16 Apr 09
database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0981
Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX.
Thu, 16 Apr 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0980
Unspecified vulnerability in the SQLX Functions component in Oracle Database 10.2.0.3 and 11.1.0.6 allows remote authenticated users to affect integrity and availability, related to AGGXQIMP.
Thu, 16 Apr 09
database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0979
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Apr 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0978
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
database_10g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0977
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN.
Thu, 16 Apr 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0976
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to LTADM.
Thu, 16 Apr 09
database_10g, database_11g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0975
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Thu, 16 Apr 09
application_server_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0974
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors.
Thu, 16 Apr 09
database_10g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0973
Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows remote attackers to affect availability via unknown vectors.
Thu, 16 Apr 09
database_10g, database_11g, database_9i
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0972
Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Thu, 16 Apr 09
desktop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0681
PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys.
Thu, 16 Apr 09
procurve_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4514
Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors.
Thu, 16 Apr 09
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0554
Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."
Thu, 16 Apr 09
CVE-2009-0553
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0553
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."
Thu, 16 Apr 09
ie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0552
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."
Thu, 16 Apr 09
internet_explorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0551
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisement...
Thu, 16 Apr 09
CVE-2009-0550 (windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0550
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a "credential-reflecti...
Thu, 16 Apr 09
forefront_threat_management_gateway, internet_security_and_acceleration_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0237
Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote attackers to inject arbitrary web script or HTML via "authentication input" to this component, aka "Cross-Site Scripting Vulnerability."
Thu, 16 Apr 09
windows_2000, windows_2003_server, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0235
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, aka "WordPad Word 97 Text Converter Stack Overflow Vulnerability."
Thu, 16 Apr 09
CVE-2009-0100 (office, office_compatibility_pack_for_word_excel_ppt_2007, office_excel, office_e...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0100
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that contains a malformed object, aka "Memory Corruption Vulnerability."
Thu, 16 Apr 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0089
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a different https web site that has a valid certificate matching its own domain name, but not a certificate matching the domain name of the host requested by the user, aka "Windows HTTP Services Certificate Name Mismatch Vulnerability."
Thu, 16 Apr 09
office_converter_pack, office_word, windows_2000, windows_server_2003, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0088
The WordPerfect 6.x Converter in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability."
Thu, 16 Apr 09
windows, windows_server, windows_srv, windows_xp, office_word
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0087
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Converter Memory Corruption Vulnerability."
Thu, 16 Apr 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0086
Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in a response, related to error handling, aka "Windows HTTP Services Integer Underflow Vulnerability."
Thu, 16 Apr 09
directx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0084
DirectShow in Microsoft DirectX 8.1 and 9.0 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted MJPEG (1) file or (2) video stream, aka "MJPEG Decompression Vulnerability."
Thu, 16 Apr 09
windows_server, windows_vista
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0080
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability."
Thu, 16 Apr 09
windows_server_2003, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0079
The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."
Thu, 16 Apr 09
windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0078
The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows WMI Service Isolation Vulnerability."
Thu, 16 Apr 09
forefront_threat_management_gateway, internet_security_and_acceleration_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0077
The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka "Web Proxy TCP State Limited Denial of Service Vulnerability."
Wed, 15 Apr 09
rational_clearcase
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1292
UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process.
Wed, 15 Apr 09
ghostscript, argyllcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0792
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related ...
Wed, 15 Apr 09
entertainment_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6723
TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator.
Wed, 15 Apr 09
access_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6722
Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache.
Wed, 15 Apr 09
aj_article
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6721
SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field).
Wed, 15 Apr 09
ntp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0159
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Wed, 15 Apr 09
advanced_management_module, bladecenter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1290
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration interface in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to hijack the authentication of administrators, as demonstrated by a power-off request to the private/blade_power_action script.
Wed, 15 Apr 09
advanced_management_module, bladecenter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1289
private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter.
Wed, 15 Apr 09
advanced_management_module, bladecenter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1288
Multiple cross-site scripting (XSS) vulnerabilities in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to inject arbitrary web script or HTML via (1) the username in a login action or (2) the PATH parameter to private/file_management.ssi in the File manager.
Wed, 15 Apr 09
subscriber_edge_services_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1287
Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: some of these details are obtained from third party information.
Wed, 15 Apr 09
lotus_domino
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1286
The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remote attackers to cause a denial of service (daemon crash) via a MIME e-mail message with RFC822 attachments (aka blobs) containing malformed root entities.
Wed, 15 Apr 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1269
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
Wed, 15 Apr 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1268
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
Tue, 14 Apr 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1267
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
Tue, 14 Apr 09
ace, esx, esxi, fusion, player, server, workstation
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1244
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
Tue, 14 Apr 09
openjdk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0794
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line.
Tue, 14 Apr 09
intralaunch
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0218
Insecure method vulnerability in Particle Software IntraLaunch Application Launcher ActiveX control in IntraLaunch.ocx, as used in LDRA TBbrowse and possibly other products, allows remote attackers to execute arbitrary code via unknown vectors.
Tue, 14 Apr 09
openview_performance_agent, dynazip_max, dynazip_max_secure, turbozip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4420
Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to execute arbitrary code via a long filename in a ZIP archive during a (1) Fix (aka Repair), (2) Add, (3) Update, or (4) Freshen action, a related issue to CVE-2006-3985.
Tue, 14 Apr 09
php_links
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6720
SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin field).
Tue, 14 Apr 09
justlistit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6719
U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) start.php, (2) aktivitet.php, (3) prop_aktivitet.php, (4) kategorier.php, (5) konfig.php, (6) security.php, (7) manual.php, and possibly (8) index.php.
Tue, 14 Apr 09
justbookit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6718
U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) user_manual.php, (2) user_config.php, (3) user_kundnamn.php, (4) user_kundlista.php, (5) user_aktiva_kunder.php, (6) database.php, and possibly (7) index.php.
Tue, 14 Apr 09
signup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6717
U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) adminstart.php, (2) admineventtype.php, (3) admineventdetails.php, (4) admineventlist.php, (5) adminuserslist.php, (6) adminleaderslist.php, (7) admindatabase.php, and possibly (8) index.php.
Tue, 14 Apr 09
pre_ads_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6716
homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request.
Tue, 14 Apr 09
pre_ads_portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6715
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
Tue, 14 Apr 09
xecms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6714
admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to bypass authentication and access the admin panel by setting the xecms_username cookie.
Tue, 14 Apr 09
wic
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6713
World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (access violation and crash) via a zero-byte data block to TCP port 48000, which triggers a NULL pointer dereference.
Tue, 14 Apr 09
crysis
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6712
The HTTP/XML-RPC service in Crysis 1.21 (game version 1.1.1.6156) and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request, which triggers a NULL pointer dereference.
Tue, 14 Apr 09
communication_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6711
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs."
Tue, 14 Apr 09
communication_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6710
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials."
Tue, 14 Apr 09
communication_manager, sip_enablement_services
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6709
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allows remote authenticated users to execute arbitrary commands via unknown vectors related to configuration of "local data viewing or restoring parameters."
Tue, 14 Apr 09
communication_manager, sip_enablement_services
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6708
Unspecified vulnerability in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x and 4.x, allows remote authenticated administrators to gain root privileges via unknown vectors related to configuration of "data viewing or restoring parameters."
Tue, 14 Apr 09
communication_manager, sip_enablement_services
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6707
The Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via (1) the certificate installation utility, (2) unspecified scripts in the objects folder, (3) an "unnecessary default application," (4) unspecified scripts in the states folder, (5) an unspecified "default ap...
Tue, 14 Apr 09
communication_manager, sip_enablement_services
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6706
Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."
Tue, 14 Apr 09
CVE-2008-6705 (s.t.a.l.k.e.r.:_shadow_of_chernobyl)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6705
The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server termination) via a crafted packet without an expected 0xe0 or 0xe1 value, which triggers the INT3 instruction.
Tue, 14 Apr 09
CVE-2008-6704 (s.t.a.l.k.e.r.:_shadow_of_chernobyl)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6704
Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.
Tue, 14 Apr 09
stalker
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6703
Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to execute arbitrary code via a compressed 0x39 packet, which is decompressed by the NET_Compressor::Decompress function.
Tue, 14 Apr 09
CVE-2008-6702 (s.t.a.l.k.e.r.:_shadow_of_chernobyl)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6702
S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception.
Tue, 14 Apr 09
ngenius_infinistream, visualizer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6701
NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request.
Tue, 14 Apr 09
butterfly_organizer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6700
Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable parameter to viewdb2.php, (3) tablehere parameter to category-rename.php, and (4) letter parameter to module-contacts.php.
Tue, 14 Apr 09
tjs_reslib, typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6699
Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Tue, 14 Apr 09
worldcup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6698
Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Tue, 14 Apr 09
worldcup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6697
SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
toto, typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6696
SQL injection vulnerability in Fussballtippspiel (toto) 0.1.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
timtab_sociable
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6695
SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
ste_prayer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6694
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
sb_downloader, typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6693
SQL injection vulnerability in Download system (sb_downloader) extension 0.1.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
pd_trainingcourses
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6692
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
pd_calendar_today, typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6691
SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
nd_antispam
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6690
Unspecified vulnerability in nepa-design.de Spam Protection (nd_antispam) extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors.
Tue, 14 Apr 09
dmmjobcontrol
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6689
SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
dmmjobcontrol
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6688
Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Tue, 14 Apr 09
dcdgooglemap
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6687
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Tue, 14 Apr 09
cooluri, typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6686
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Tue, 14 Apr 09
air_filemanager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6685
Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
Tue, 14 Apr 09
apartment_search_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6684
Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in Member_Admin/logo/.
Tue, 14 Apr 09
apartment_search_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6683
Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter.
Fri, 10 Apr 09
bibtex
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1284
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.
Fri, 10 Apr 09
glfusion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1283
glFusion before 1.1.3 performs authentication with a user-provided password hash instead of a password, which allows remote attackers to gain privileges by obtaining the hash and using it in the glf_password cookie, aka "User Masquerading." NOTE: this can be leveraged with a separate SQL injection vulnerability to steal hashes.
Fri, 10 Apr 09
glfusion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1282
SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter.
Fri, 10 Apr 09
glfusion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1281
Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Fri, 10 Apr 09
joomla
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1280
Multiple cross-site request forgery (CSRF) vulnerabilities in the com_media component for Joomla! 1.5.x through 1.5.9 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Fri, 10 Apr 09
joomla
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1279
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component.
Fri, 10 Apr 09
gbx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1278
Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php.
Fri, 10 Apr 09
gbx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1277
SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to execute arbitrary SQL commands via the member_id parameter in a viewprofile action. NOTE: the board_id issue is already covered by CVE-2008-2996.2.
Fri, 10 Apr 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1276
XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications.
Fri, 10 Apr 09
apache_tiles, struts
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1275
Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.
Fri, 10 Apr 09
adaptive_security_appliance, cisco_adaptive_security_appliance, cisco_pix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1160
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
Fri, 10 Apr 09
adaptive_security_appliance, cisco_adaptive_security_appliance, cisco_pix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1159
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets.
Fri, 10 Apr 09
cisco_asa, cisco_pix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1158
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet.
Fri, 10 Apr 09
CVE-2009-1157
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1157
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet.
Fri, 10 Apr 09
adaptive_security_appliance, cisco_adaptive_security_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1156
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
Fri, 10 Apr 09
CVE-2009-1155
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1155
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
Fri, 10 Apr 09
xpdf
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1144
Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library.
Fri, 10 Apr 09
lcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0793
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
Fri, 10 Apr 09
formats, irfanview
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0197
Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
Fri, 10 Apr 09
struts
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6682
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
Fri, 10 Apr 09
dojo_editor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6681
Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers to inject arbitrary web script or HTML via XML entities in a TEXTAREA element.
Fri, 10 Apr 09
mod_jk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5519
The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included a Content-Length header but no POST data or (2) a rapid series of requests, related to noncompliance with the AJP protocol's requirements for requests containing Content-Length headers.
Fri, 10 Apr 09
linux_enterprise_server, opensuse, struts
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2025
Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."
Fri, 10 Apr 09
dojo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6726
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/.
Fri, 10 Apr 09
tunapie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1254
James Stone Tunapie 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a stream URL.
Fri, 10 Apr 09
tunapie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1253
James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file.
Fri, 10 Apr 09
openafs, unix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1251
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.
Fri, 10 Apr 09
linux, openafs
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1250
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.
Fri, 10 Apr 09
kerberos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0847
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
Fri, 10 Apr 09
kerberos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0846
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.
Fri, 10 Apr 09
kerberos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0844
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read.
Thu, 9 Apr 09
xine-lib
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1274
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
Thu, 9 Apr 09
pam_ssh
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1273
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
Thu, 9 Apr 09
php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1272
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.
Thu, 9 Apr 09
php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1271
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
Thu, 9 Apr 09
CVE-2009-1270 (0.11, 0.80_rc4, clamav)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1270
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted file that causes (1) clamd and (2) clamscan to hang.
Thu, 9 Apr 09
clamav
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6680
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.
Thu, 9 Apr 09
ghostscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6679
Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.
Thu, 9 Apr 09
ghostscript
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6725
The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function.
Thu, 9 Apr 09
quickersite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6678
SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp.
Thu, 9 Apr 09
quickersite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6677
Unrestricted file upload vulnerability in fckeditor251/editor/filemanager/connectors/asp/upload.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
Thu, 9 Apr 09
quickersite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6676
QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to showThumb.aspx without any parameters, which reveals the installation path in an error message.
Thu, 9 Apr 09
quickersite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6675
Multiple cross-site scripting (XSS) vulnerabilities in QuickerSite 1.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the close parameter to showThumb.aspx; (2) SB_redirect and (3) SB_feedback parameters in process_send.asp, as reachable through default.asp; (4) paramCode and (5) cColor parameters to picker.asp; and the (6) query string, (7) Referer header, and (8) X-FORWARDED-FOR header to rss.asp.
Thu, 9 Apr 09
quickersite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6674
mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter.
Thu, 9 Apr 09
quickersite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6673
asp/bs_login.asp in QuickerSite 1.8.5 does not properly restrict access to administrative functionality, which allows remote attackers to (1) change the admin password via the cSaveAdminPW action; (2) modify site information, such as the contact address, via the saveAdmin; and (3) modify the site design via the saveDesign action.
Thu, 9 Apr 09
sunage
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6672
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service ("runtime error") via a crafted join packet to UDP port 27960, probably related to an invalid nickname command.
Thu, 9 Apr 09
sunage
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6671
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted join packet to UDP port 27960.
Thu, 9 Apr 09
sunage
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6670
Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet to UDP port 27960.
Thu, 9 Apr 09
nweb2fax
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6669
viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to execute arbitrary code via shell metacharacters in the var_filename parameter in a (1) tif or (2) pdf format action.
Thu, 9 Apr 09
nweb2fax
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6668
Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) id parameter to comm.php and (2) var_filename parameter to viewrq.php.
Thu, 9 Apr 09
a_php_scripts_news_management_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6667
A+ PHP Scripts News Management System (NMS) allows remote attackers to bypass authentication and gain administrator privileges by setting the mobsuser and mobspass cookies to 1.
Thu, 9 Apr 09
kronos_webta
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6666
Multiple cross-site scripting (XSS) vulnerabilities in Kronos webTA allow remote attackers to inject arbitrary web script or HTML via the description field to (1) servlet/com.threeis.webta.H710selProject and (2) servlet/com.threeis.webta.H720editProjectInfo. NOTE: BID:29610 states that the initial report was incorrect, but the reason for this conclusion is unknown.
Thu, 9 Apr 09
ananta_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6665
change.php in Ananta CMS 1.0b5, with magic_quotes_gpc disabled, allows remote attackers to gain administrator privileges via a crafted email parameter, possibly related to code injection.
Thu, 9 Apr 09
sh-news
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6664
action.php in SH-News 3.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the shuser and shpass cookies to non-zero values.
Thu, 9 Apr 09
phpauction
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6663
SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the auction_id parameter, a different vector than CVE-2009-0106.
Thu, 9 Apr 09
linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1265
Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.
Thu, 9 Apr 09
sr_feuser_register
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1264
Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors.
Thu, 9 Apr 09
com_bookjoomlas
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Thu, 9 Apr 09
forticlient
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Thu, 9 Apr 09
web_help_desk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1261
Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk 9.1.22 (evaluation version) allow remote attackers to inject arbitrary web script or HTML via the (1) Report Name, (2) Asset No., and (3) Full Name fields in a Models action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 9 Apr 09
ultraiso
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1260
Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
Thu, 9 Apr 09
adaptbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1259
SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php.
Thu, 9 Apr 09
joomla, rd-autos
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1258
SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 9 Apr 09
magic_iso_maker
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1257
Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file.
Thu, 9 Apr 09
flexcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1256
SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. NOTE: some of these details are obtained from third party information.
Thu, 9 Apr 09
mod_perl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0796
Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.
Thu, 9 Apr 09
avg_anti-virus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6662
AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via a malformed UPX compressed file, which triggers memory corruption.
Thu, 9 Apr 09
bitdefender_antivirus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6661
Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file.
Wed, 8 Apr 09
bigdump
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6660
Unrestricted file upload vulnerability in bigdump.php in Alexey Ozerov BigDump 0.29b allows remote attackers to execute arbitrary code by uploading a file with an executable extension followed by a .sql extension, then accessing this file via a direct request. NOTE: some of these details are obtained from third party information.
Wed, 8 Apr 09
simple_machines_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6659
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated users to configure arbitrary local files for execution via directory traversal sequences in the value of the theme_dir field during a jsoption action, related to Sources/QueryString.php and Sources/Themes.php, as demonstrated by a local .gif file in attachments/ with PHP code that was uploaded through a profile2 action to index.php.
Wed, 8 Apr 09
simple_machines_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6658
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated administrators to install packages from arbitrary directories via a .. (dot dot) in the package parameter during an install2 action, as demonstrated by a predictable package filename in attachments/ that was uploaded through a post2 action to index.php.
Wed, 8 Apr 09
simple_machines_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6657
Cross-site request forgery (CSRF) vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote attackers to hijack the authentication of admins for requests that install packages via the package parameter in an install2 action.
Wed, 8 Apr 09
open_auto_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6656
Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php.
Wed, 8 Apr 09
gedcom_to_mysl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6655
Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php; the (3) nom_branche parameter to php/index.php; and the (4) nom_branche, (5) nom, and (6) prenom parameters to php/info.php.
Wed, 8 Apr 09
infobiz_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6654
Cross-site scripting (XSS) vulnerability in search_results.php in InfoBiz Server allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
Wed, 8 Apr 09
com_webhosting
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6653
SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
Wed, 8 Apr 09
onecms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6652
SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter.
Wed, 8 Apr 09
oxybox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6651
Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.
Wed, 8 Apr 09
minibloggie
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6650
del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.
Wed, 8 Apr 09
photostore
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6649
SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 8 Apr 09
photostore
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6648
SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647.
Wed, 8 Apr 09
photostore
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6647
SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter.
Wed, 8 Apr 09
phpaddressbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6646
Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Wed, 8 Apr 09
visualsentinel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6645
Cross-site scripting (XSS) vulnerability in Opencosmo VisualSentinel 0.7 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header ($_SERVER ['HTTP_USER_AGENT']), which is not properly handled when displaying log files.
Wed, 8 Apr 09
dotnetnuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6644
Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Wed, 8 Apr 09
lokicms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6643
LokiCMS 0.3.4 and possibly earlier versions does not properly restrict access to administrative functions, which allows remote attackers to bypass intended restrictions and modify configuration settings via the LokiACTION parameter in a direct request to admin.php.
Wed, 8 Apr 09
fluentcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6642
SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information.
Wed, 8 Apr 09
shader_tv
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6641
Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp.
Wed, 8 Apr 09
batmanportal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6640
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 8 Apr 09
ajaxplorer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6639
Cross-site request forgery (CSRF) vulnerability in admin.php in AjaXplorer 2.3.3 and 2.3.4 allows remote attackers to hijack the authentication of administrators for requests that modify passwords via the update_user_pwd action.
Wed, 8 Apr 09
http_file_upload_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6638
Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method.
Wed, 8 Apr 09
safari_montage
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6637
Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and (2) email parameters.
Wed, 8 Apr 09
dagger
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6636
SQL injection vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge r12feb2008, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the dir_edge_skins parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 8 Apr 09
dagger
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6635
SQL injection vulnerability in skins/default.php in Geody Labs Dagger - The Cutting Edge r12feb2008, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the dir_inc parameter.
Wed, 8 Apr 09
roomphplanning
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6634
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php.
Wed, 8 Apr 09
roomphplanning
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6633
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php.
Wed, 8 Apr 09
mercuryboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6632
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']).
Wed, 8 Apr 09
blogphp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6631
Multiple cross-site scripting (XSS) vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter in a sendmessage action and the (2) username parameter when registering a new user, different vectors than CVE-2008-0679.
Wed, 8 Apr 09
wt_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6630
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors.
Wed, 8 Apr 09
web_shop_online
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6629
Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
Wed, 8 Apr 09
web_shop_online
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6628
SQL injection vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Wed, 8 Apr 09
web_shop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6627
SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
Wed, 8 Apr 09
quiz
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6626
SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
Wed, 8 Apr 09
polls
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6625
SQL injection vulnerability in getin.php in WEBBDOMAIN Polls (aka Poll) 1.0 and 1.01 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Wed, 8 Apr 09
petition
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6624
SQL injection vulnerability in getin.php in WEBBDOMAIN Petition 1.02, 2.0, and 3.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Wed, 8 Apr 09
post_card
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6623
SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
Wed, 8 Apr 09
post_card
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6622
SQL injection vulnerability in choosecard.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02, 1.01, and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
Wed, 8 Apr 09
graphicsmagick
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6621
Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information.
Wed, 8 Apr 09
minicwb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6620
Multiple cross-site scripting (XSS) vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errcontext, (2) _GET, (3) _POST, (4) _SESSION, (5) _SERVER, and (6) fckphp_config[Debug_SERVER] parameters.
Wed, 8 Apr 09
class_systems
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6619
Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/.
Wed, 8 Apr 09
classsystem
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6618
Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacher_id parameter in (1) class/HomepageMain.php and (2) class/HomepageTop.php, and (3) the message_id parameter in class/MessageReply.php.
Wed, 8 Apr 09
sitexs_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6617
Unrestricted file upload vulnerability in adm/visual/upload.php in SiteXS CMS 0.1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Wed, 8 Apr 09
zen_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6616
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 8 Apr 09
zen_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6615
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 8 Apr 09
ibd_micro_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6614
Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design (IBD) Micro CMS 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
Wed, 8 Apr 09
feedapi_mapper
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1249
Cross-site scripting (XSS) vulnerability in Feed element mapper 5.x before 5.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the content title in admin/content/node-type/nodetype/map.
Wed, 8 Apr 09
acute_control_panel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1248
Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the theme_directory parameter to (1) container.php and (2) header.php in themes/.
Wed, 8 Apr 09
acutecp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1247
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Tue, 7 Apr 09
blogplus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1246
Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php; (2) row_mysql_blocks_center_top[file] includes/parameter to block_center_top.php; (3) row_mysql_blocks_left[file] parameter to includes/block_left.php; (4) row_mysql_blocks_right[file] parameter to includes/block_right.php; and row_mysql_bloginfo[theme] para...
Tue, 7 Apr 09
cccp_pastebin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1245
Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.
Tue, 7 Apr 09
minimal-ablog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6613
uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request.
Tue, 7 Apr 09
minimal-ablog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6612
Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.
Tue, 7 Apr 09
minimal_ablog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6611
SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 7 Apr 09
phpcksec
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6610
Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter.
Tue, 7 Apr 09
phpcksec
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6609
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
Tue, 7 Apr 09
ace, workstation, player, server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1147
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors.
Tue, 7 Apr 09
ace, player, server, workstation
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1146
Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761.
Tue, 7 Apr 09
vmware_ace, vmware_player, vmware_server, vmware_workstation
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0910
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CVE-436.
Tue, 7 Apr 09
vmware_ace, vmware_player, vmware_server, vmware_workstation
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0909
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CVE-435.
Tue, 7 Apr 09
ace
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0908
Unspecified vulnerability in the ACE shared folders implementation in the VMware Host Guest File System (HGFS) shared folders feature in VMware ACE 2.5.1 and earlier allows attackers to enable a disabled shared folder.
Tue, 7 Apr 09
vmware_esx, vmware_esxi, vmware_virtualcenter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0518
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.
Tue, 7 Apr 09
CVE-2008-4916 (vmware_ace, vmware_esx, vmware_esxi, vmware_player, vmware_server, vmware_worksta...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4916
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial...
Tue, 7 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1243
net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect circumstances, which allows local users to cause a denial of service (panic) by reading zero bytes from the /proc/net/udp file and unspecified other files, related to the "udp seq_file infrastructure."
Tue, 7 Apr 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1242
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.
Tue, 7 Apr 09
events_calendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6608
Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) the id parameter to calendar_details.php. NOTE: some of these details are obtained from third party information.
Tue, 7 Apr 09
matpo_link
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6607
Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to inject arbitrary web script or HTML via the thema parameter.
Tue, 7 Apr 09
matpo_link
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6606
SQL injection vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.
Tue, 7 Apr 09
1701hg, 1800hw, 2071hg, 2700hg
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6605
Cross-site request forgery (CSRF) vulnerability in the xslt script in the web-based management interface on the 2wire 1701HG, 1800HW, 2071HG, and 2700HG with firmware 3.17.5, 3.7.1, 4.25.19, or 5.29.51 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that cause a denial of service (network outage) via a page parameter with a % (percent) character followed by a non-alphanumeric character.
Tue, 7 Apr 09
picoflat_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6604
Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagina parameter, a different vulnerability than CVE-2007-5390.
Tue, 7 Apr 09
clamav
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1241
Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.
Tue, 7 Apr 09
CVE-2009-1240 (proventia_network_mail_security_system, proventia_network_mail_security_system_vi...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1240
Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, and other products, allows remote attackers to bypass detection of malware via a modified RAR archive.
Tue, 7 Apr 09
CVE-2009-1239
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1239
IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query.
Tue, 7 Apr 09
office_powerpoint
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0556
Unspecified vulnerability in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint file that triggers access to an "invalid object in memory," as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen.
Tue, 7 Apr 09
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6603
MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.
Tue, 7 Apr 09
download_center_lite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6602
Unspecified vulnerability in Download Center Lite before 2.1 has unknown impact and attack vectors related to "A minor security fix."
Tue, 7 Apr 09
epona
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6601
Unspecified vulnerability in Epona 1.5rc3 allows remote attackers to obtain the real IP address of users via unknown vectors.
Tue, 7 Apr 09
xmlportal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6600
Cross-site scripting (XSS) vulnerability in the search feature in XMLPortal 3.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
Tue, 7 Apr 09
cookiecheck
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6599
cookiecheck.php in CookieCheck 1.0 stores tmp/cc_sessions under the web root with insufficient access control, which allows remote attackers to obtain session data via a direct request related to the "default session save path."
Tue, 7 Apr 09
wanpipe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6598
Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic."
Tue, 7 Apr 09
phcdownload
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6597
Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 7 Apr 09
phcdownload
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6596
SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 7 Apr 09
pmk_rssnewsexport_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6595
SQL injection vulnerability in the pmk_rssnewsexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Tue, 7 Apr 09
typo3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6594
SQL injection vulnerability in the cm_rdfexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Tue, 7 Apr 09
lightneasy, sqlite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6593
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
Tue, 7 Apr 09
lightneasy, sqlite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6592
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
Tue, 7 Apr 09
lightneasy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6591
LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allows remote attackers to create arbitrary files via the page parameter to (1) index.php and (2) LightNEasy.php.
Tue, 7 Apr 09
lightneasy, sqlite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6590
Multiple directory traversal vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to (1) index.php and (2) LightNEasy.php.
Tue, 7 Apr 09
lightneasy, sqlite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6589
Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) index.php and (2) LightNEasy.php.
Tue, 7 Apr 09
CVE-2008-6588 (adsl2/2+4-port_router)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6588
Aztech ADSL2/2+ 4-port router has a default "isp" account with a default "isp" password, which allows remote attackers to obtain access if this default is not changed.
Tue, 7 Apr 09
vuze
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6587
Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.
Tue, 7 Apr 09
utorrent_webui
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6586
Cross-site request forgery (CSRF) vulnerability in gui/index.php in µTorrent (uTorrent) WebUI 0.315 allows remote attackers to (1) hijack the authentication of users for requests that force the download of arbitrary torrent files via the add-url action and (2) hijack the authentication of administrators for requests that modify the administrator account via the setsetting action.
Tue, 7 Apr 09
torrentflux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6585
Cross-site request forgery (CSRF) vulnerability in html/admin.php in TorrentFlux 2.3 allows remote attackers to hijack the authentication of administrators for requests that add new accounts via the addUser action.
Tue, 7 Apr 09
torrentflux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6584
html/index.php in TorrentFlux 2.3 allows remote authenticated users to execute arbitrary code via a URL with a file containing an executable extension in the url_upload parameter, which is downloaded by TorrentFlux and can be accessed via a direct request in a html/downloads/ user directory.
Tue, 7 Apr 09
CVE-2008-6583 (bs.player)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6583
Buffer overflow in BS.player 2.27 build 959 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .SRT file.
Fri, 3 Apr 09
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1238
Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable.
Fri, 3 Apr 09
mac_os_x
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1237
Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.
Fri, 3 Apr 09
mac_os_x
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1236
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.
Fri, 3 Apr 09
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1235
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.
Fri, 3 Apr 09
opera
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1234
Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags.
Fri, 3 Apr 09
safari, windows
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1233
Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (application crash) via an XML document containing many nested A elements.
Fri, 3 Apr 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1232
The XUL parser in Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attackers to cause a denial of service (memory corruption) via an XML document composed of a long series of start-tags with no corresponding end-tags.
Fri, 3 Apr 09
db2_content_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1231
Unspecified vulnerability in the eClient in IBM DB2 Content Manager 8.4.1 before 8.4.1.1 has unknown impact and attack vectors.
Fri, 3 Apr 09
podcast_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1230
Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.
Fri, 3 Apr 09
arcadwy_arcade_script_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1229
SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQL commands via the user cookie parameter.
Fri, 3 Apr 09
arcadwy_arcade_script_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1228
Cross-site scripting (XSS) vulnerability in register.php in Arcadwy Arcade Script CMS allows remote attackers to inject arbitrary web script or HTML via the username field (user_name parameter).
Fri, 3 Apr 09
firewall-1_pki_web_service
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1227
Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) Authorization or (2) Referer HTTP header to TCP port 18624.
Fri, 3 Apr 09
podcast_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1226
core/admin/delete.php in Podcast Generator 1.1 and earlier does not properly restrict access to administrative functions, which allows remote attackers to delete arbitrary files via the file parameter.
Fri, 3 Apr 09
turnkey_ebook_store
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1225
Cross-site scripting (XSS) vulnerability in index.php in Turnkey Ebook Store 1.1 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action.
Fri, 3 Apr 09
vsp_stats_processor
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1224
SQL injection vulnerability in vsp-core/pub/themes/bismarck/gamestat.php in vsp stats processor 0.45 allows remote attackers to execute arbitrary SQL commands via the gameID parameter.
Fri, 3 Apr 09
aspwebcalendar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1223
aspWebCalendar Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for calendar/calendar.mdb.
Fri, 3 Apr 09
webedition
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1222
Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter.
Fri, 3 Apr 09
miniweb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6582
SQL injection vulnerability in index.php in Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
Fri, 3 Apr 09
phpaddedit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6581
login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the addedit cookie parameter.
Fri, 3 Apr 09
red_reservations
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6580
The Red_Reservations script for ColdFusion stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct request to (1) makered.mdb and (2) makered97.mdb.
Fri, 3 Apr 09
web_wiz_guestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1571
Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported that 8.21 is also affected.
Fri, 3 Apr 09
cs1000
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6579
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators."
Fri, 3 Apr 09
cs1000
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6578
Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.
Fri, 3 Apr 09
cs1000
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6577
Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.
Fri, 3 Apr 09
cs1000
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6576
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions.
Fri, 3 Apr 09
communication_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6575
Unspecified vulnerability in the SIP server in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote authenticated users to cause a denial of service (resource consumption) via unknown vectors.
Fri, 3 Apr 09
communication_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6574
Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x and 4.x allows remote attackers to gain privileges and cause a denial of service via unknown vectors related to reuse of valid credentials.
Fri, 3 Apr 09
communication_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6573
Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya Communication Manager 3.x, 4.0, and 5.0 (1) allow remote attackers to execute arbitrary SQL commands via unspecified vectors related to profiles in the SIP Personal Information Manager (SPIM) in the web interface; and allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to (2) permissions for SPIM profiles in the web interface and (3) a crafted SIP request...
Fri, 3 Apr 09
adaptive_security_appliance, ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1220
Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(2)22 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header.
Fri, 3 Apr 09
java_system_access_manager, java_system_calendar_server, one_calendar_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1219
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allows remote attackers to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters in the tzid parameter.
Thu, 2 Apr 09
java_system_calendar_server, one_calendar_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1218
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via (1) the fmt-out parameter to login.wcap or (2) the date parameter to command.shtml.
Thu, 2 Apr 09
sapgui
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4475
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
Thu, 2 Apr 09
gdiplus, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1217
Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allows remote attackers to cause a denial of service (stack corruption and application termination) via a crafted EMF file that triggers an integer overflow, as demonstrated by voltage-exploit.emf, aka the "Microsoft GdiPlus EMF GpFont.SetData integer overflow."
Thu, 2 Apr 09
CVE-2009-1216 (subsystem_for_unix-based_applications, windows_server_2008, windows_services_for_...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1216
Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, and unpack 7.x before 7.0.1701.48, 8.x before 8.0.1969.62, and 9.x before 9.0.3790.2076; allow remote attackers to execute arbitrary code via unknown vectors.
Thu, 2 Apr 09
ultraiso
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4825
Multiple buffer overflows in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via a crafted (1) CIF, (2) C2D, or (3) GI file.
Thu, 2 Apr 09
ultraiso
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3871
Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1) DAA or (2) ISZ file.
Thu, 2 Apr 09
gnu_screen
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1215
Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file.
Thu, 2 Apr 09
screen
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1214
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information.
Thu, 2 Apr 09
bugzilla
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1213
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows remote attackers to hijack the authentication of arbitrary users for requests that use attachment editing.
Thu, 2 Apr 09
data_matrix_barcode_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1212
Multiple insecure method vulnerabilities in PRECIS~2.DLL in the PrecisionID Datamatrix ActiveX control (DMATRIXLib.Datamatrix) allow remote attackers to overwrite arbitrary files via the (1) SaveBarCode and (2) SaveEnhWMF methods.
Thu, 2 Apr 09
proxysg
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1211
Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Thu, 2 Apr 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1210
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
Thu, 2 Apr 09
amaya
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1209
Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute.
Thu, 2 Apr 09
auth2db
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1208
SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
Thu, 2 Apr 09
CVE-2009-1207 (opensolaris, solaris_10_sparc, solaris_10_x86, solaris_8_sparc, solaris_8x86, sol...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1207
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.
Thu, 2 Apr 09
cgi_cafe_access_analyzer_cgi
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1206
Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI Professional Version 4.11.5 and earlier allows remote attackers to gain administrative privileges via unknown vectors.
Thu, 2 Apr 09
sapgui
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1205
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
Thu, 2 Apr 09
openswan, strongswan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0790
The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and 2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9, allows remote attackers to cause a denial of service (daemon crash and restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer dereference related to inconsistent ISAKMP state and the lack of a phase2 state association in DPD.
Thu, 2 Apr 09
internet_security
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0686
The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHOD_NEITHER IOCTL request to \\Device\\tmactmon that overwrites memory.
Thu, 2 Apr 09
CVE-2009-1204 (tikiwiki_cms/groupware)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1204
Cross-site scripting (XSS) vulnerability in TikiWiki (Tiki) CMS/Groupware 2.2 allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF portion of a URI to (1) tiki-galleries.php, (2) tiki-list_file_gallery.php, (3) tiki-listpages.php, and (4) tiki-orphan_pages.php.
Thu, 2 Apr 09
abledating
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6572
SQL injection vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
Thu, 2 Apr 09
tivoli_storage_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1178
Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6.x before 6.1 has unknown impact and attack vectors related to the "admin command line."
Thu, 2 Apr 09
mapserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1177
Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors.
Thu, 2 Apr 09
mapserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1176
mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action.
Thu, 2 Apr 09
nss-ldap
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1073
nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which allows local users to obtain a cleartext password for the LDAP server by reading the bindpw field.
Thu, 2 Apr 09
mapserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0843
The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists.
Thu, 2 Apr 09
mapserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0842
mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink.
Thu, 2 Apr 09
mapserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0841
Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.
Thu, 2 Apr 09
mapserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0840
Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.
Wed, 1 Apr 09
mapserver
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0839
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action.
Wed, 1 Apr 09
tivoli_storage_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2762
The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.
Wed, 1 Apr 09
tivoli_storage_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-1570
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure."
Wed, 1 Apr 09
linpha
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6571
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via (1) new_images.php, (2) login.php, and unspecified vectors.
Wed, 1 Apr 09
garoon
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6570
Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.
Wed, 1 Apr 09
garoon
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6569
Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page.
Wed, 1 Apr 09
yehe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6568
Unrestricted file upload vulnerability in Yehe 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the envoyer feature. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 1 Apr 09
gallarific
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6567
Multiple cross-site scripting (XSS) vulnerabilities in Gallarific Free Edition allow remote attackers to inject arbitrary web script or HTML via (1) the e-mail address, (2) a comment, which is not properly handled during moderation, and (3) the tag parameter to gallery/tags.php.
Wed, 1 Apr 09
octopussy
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6566
Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impact and attack vectors related to a "major security" vulnerability.
Wed, 1 Apr 09
invision_power_board
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6565
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.
Wed, 1 Apr 09
communication_server_1000, unistim_protocol
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6564
Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.
Wed, 1 Apr 09
trillian
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6563
Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file.
Wed, 1 Apr 09
jax_linklists
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6562
Cross-site scripting (XSS) vulnerability in jax_linklists.php in Jack (tR) Jax LinkLists 1.00 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 1 Apr 09
presentation_server_client
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6561
Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges.
Wed, 1 Apr 09
mac_os_x, vidalia_bundle, windows
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6724
Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration.
Wed, 1 Apr 09
tork
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6723
TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration.
Wed, 1 Apr 09
mac_os_x, vidalia_bundle, windows
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6722
Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration.
Wed, 1 Apr 09
ixprim
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7237
PHP remote file inclusion vulnerability in mod/nc_phpmyadmin/core/libraries/Theme_Manager.class.php in Ixprim 2.0 allows remote attackers to execute arbitrary PHP code via a URL in an unspecified parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 1 Apr 09
jax_guestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4880
Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain IP addresses of users via a direct request to (1) guestbook, (2) guestbook_ips2block, (3) ips2block, and (4) formmailer/logfile.csv.
Wed, 1 Apr 09
jax_guestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4879
Multiple cross-site scripting (XSS) vulnerabilities in jax_guestbook.php in Jax Guestbook 3.1 and 3.31 allow remote attackers to inject arbitrary web script or HTML via the (1) gmt_ofs and (2) language parameters. NOTE: the page parameter is already covered by CVE-2006-1913. NOTE: it was later reported that 3.50 is also affected.
Wed, 1 Apr 09
banshee
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1175
Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message.
Wed, 1 Apr 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1174
The Web Services Security component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 has an unspecified "security problem" in the XML digital-signature specification, which has unknown impact and attack vectors.
Wed, 1 Apr 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1173
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.
Wed, 1 Apr 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1172
The JAX-RPC WS-Security runtime in the Web Services Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 before 7.0.0.3, when APAR PK41002 is installed, does not properly validate UsernameToken objects, which has unknown impact and attack vectors.
Wed, 1 Apr 09
websphere_application_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0892
The administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 before 7.0.0.3 allows attackers to hijack user sessions in "specific scenarios" related to a forced logout.
Wed, 1 Apr 09
cman
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6560
Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product.
Wed, 1 Apr 09
moodle
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1171
The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
Wed, 1 Apr 09
reliantha
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6559
Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.
Wed, 1 Apr 09
reliantha, unixware
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6558
Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.
Wed, 1 Apr 09
webutil
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6557
cgi-bin/webutil.pl in The Puppet Master WebUtil 2.7 allows remote attackers to execute arbitrary commands via shell metacharacters in the details command.
Wed, 1 Apr 09
webutil
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6556
cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the whois command.
Wed, 1 Apr 09
webutil
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6555
cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote attackers to execute arbitrary commands via shell metacharacters in the dig command.
Wed, 1 Apr 09
CVE-2008-6554 (adsl2/2+4-port)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6554
cgi-bin/script in Aztech ADSL2/2+ 4-port router 3.7.0 build 070426 allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.