Software Vulnerability
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Thu, 30 Jul 09
CVE-2009-0901 (visual_c++, visual_studio, visual_studio_.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0901
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Thu, 30 Jul 09
bind
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0696
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Wed, 29 Jul 09
squid
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2622
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.
Wed, 29 Jul 09
squid
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2621
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc.
Tue, 28 Jul 09
v-spacepal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2619
SQL injection vulnerability in login.asp in DataCheck Solutions V-SpacePal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 28 Jul 09
mdpro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2618
SQL injection vulnerability in the Surveys (aka NS-Polls) module in MDPro (MD-Pro) 1.083.x allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results action to modules.php.
Tue, 28 Jul 09
storm
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2617
Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote attackers to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file.
Tue, 28 Jul 09
sitepal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2616
SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions SitePal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 28 Jul 09
sitepal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2615
Multiple cross-site scripting (XSS) vulnerabilities in DataCheck Solutions SitePal 1.x allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) z_admin_login.asp, (2) z_forgot.asp, and possibly unspecified other components. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 28 Jul 09
linkpal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2614
SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 28 Jul 09
linkpal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2613
Multiple cross-site scripting (XSS) vulnerabilities in DataCheck Solutions LinkPal 1.x allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) z_loginfailed.asp, (2) z_admin_login.asp, (3) z_forgot.asp, and possibly unspecified other components. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 28 Jul 09
prosmdr
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2612
SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tue, 28 Jul 09
myfusion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2611
Directory traversal vulnerability in infusions/last_seen_users_panel/last_seen_users_panel.php in MyFusion (aka MyF) 6 Beta, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter.
Tue, 28 Jul 09
links_package
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2610
Cross-site scripting (XSS) vulnerability in the Links Related module in the Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via the title field.
Tue, 28 Jul 09
com_amocourse
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2609
SQL injection vulnerability in the amoCourse (com_amocourse) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
Tue, 28 Jul 09
php_address_book
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2608
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to delete.php and (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2565.
Tue, 28 Jul 09
com_pinboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2607
SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php.
Tue, 28 Jul 09
asp_football_pool
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2606
ASP Football Pool 2.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for NFL.mdb.
Tue, 28 Jul 09
traidnt_up
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2605
Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote attackers to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php.
Tue, 28 Jul 09
zen_help_desk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2604
Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to admin.asp.
Tue, 28 Jul 09
escon_supportportal_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2603
Multiple SQL injection vulnerabilities in index.php in Escon SupportPortal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) tid parameters.
Tue, 28 Jul 09
r2_newsletter_lite, r2_newsletter_pro, r2_newsletter_stats
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2602
R2 Newsletter Lite, Pro, and Stats stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for admin.mdb.
Tue, 28 Jul 09
juser
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2601
SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php.
Tue, 28 Jul 09
webboard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2600
Multiple directory traversal vulnerabilities in view.php in Webboard 2.90 beta and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter.
Tue, 28 Jul 09
radclassifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2599
SQL injection vulnerability in index.php in RadCLASSIFIEDS Gold 2.0 allows remote attackers to execute arbitrary SQL commands via the seller parameter in a search action.
Tue, 28 Jul 09
online_grades
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2598
Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary SQL commands via the ADD parameter in a mailto action to parents/parents.php.
Tue, 28 Jul 09
java_system_access_manager_policy_agent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2597
The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request.
Tue, 28 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2596
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members.
Tue, 28 Jul 09
zen_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6878
** DISPUTED ** Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and earlier, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] parameter. NOTE: the vendor disputes this issue, stating "at worst, the use of this vulnerability will reveal some local file paths."
Tue, 28 Jul 09
zen_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6877
** DISPUTED ** Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this issue, stating "at worst, the use of this vulnerability will reveal some local file paths."
Sat, 25 Jul 09
espartenaires
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6876
Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the EsContacts 1.0 issue is covered in CVE-2008-2037.
Sat, 25 Jul 09
censura
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2595
Cross-site scripting (XSS) vulnerability in productSearch.html in Censura 2.0.4 and 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a ProductSearch action.
Sat, 25 Jul 09
censura
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2594
Cross-site scripting (XSS) vulnerability in censura.php in Censura 1.16.04 allows remote attackers to inject arbitrary web script or HTML via the itemid parameter in a details action.
Sat, 25 Jul 09
censura
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2593
SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action.
Sat, 25 Jul 09
gbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2592
SQL injection vulnerability in guestbook.php in PHPJunkYard GBook 1.6 allows remote attackers to execute arbitrary SQL commands via the mes_id parameter.
Sat, 25 Jul 09
myannonces
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2591
SQL injection vulnerability in the MyAnnonces module for E-Xoopport 3.1 allows remote attackers to execute arbitrary SQL commands via the lid parameter in a viewannonces action to index.php.
Sat, 25 Jul 09
hutscripts_php_website_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2590
SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Sat, 25 Jul 09
hutscripts_php_website_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2589
Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP Website Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.
Sat, 25 Jul 09
hotscripts_type_php_clone_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2588
Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.
Sat, 25 Jul 09
dragdropcart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2587
Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to assets/js/ddcart.php, the (2) prefix parameter to includes/ajax/getstate.php, the search parameter to (3) index.php and (4) search.php, the (5) redirect parameter to login.php, and the (6) product parameter to productdetail.php.
Sat, 25 Jul 09
ezarticles
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2586
Cross-site scripting (XSS) vulnerability in articles.php in EDGEPHP EZArticles allows remote attackers to inject arbitrary web script or HTML via the title parameter.
Sat, 25 Jul 09
mlffat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2585
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
Sat, 25 Jul 09
asp_product_catalog
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6875
SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.
Sat, 25 Jul 09
autodealer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6874
Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.
Fri, 24 Jul 09
acrobat, acrobat_reader, flash_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2580
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2 and Adobe Flash Player 9 and 10 allows remote attackers to execute arbitrary code via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, as exploited in the wild in July 2009.
Thu, 23 Jul 09
blackberry_8800
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2575
The Research In Motion (RIM) BlackBerry 8800 allows remote attackers to cause a denial of service (memory consumption and browser crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
Thu, 23 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2472
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."
Thu, 23 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2471
The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.
Thu, 23 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2469
Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted document, related to a certain pointer misinterpretation.
Thu, 23 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2468
Integer overflow in CoreGraphics in Apple Mac OS X, as used in Mozilla Firefox before 3.0.12, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long text run that triggers a heap-based buffer overflow during font glyph rendering, a related issue to CVE-2009-1194.
Thu, 23 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2467
Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash plugin, which triggers attempted use of a deleted object.
Thu, 23 Jul 09
firefox, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2466
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNativeParent and js_LockGCThingRT.
Thu, 23 Jul 09
firefox, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2465
Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cpp, (2) nsXMLContentSink.cpp, and (3) nsPresShell.cpp, and the nsSubDocumentFrame::Reflow function.
Thu, 23 Jul 09
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2464
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to loading multiple RDF files in a XUL tree element.
Thu, 23 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2463
Integer overflow in a base64 decoding function in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
Thu, 23 Jul 09
firefox, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2462
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFo...
Thu, 23 Jul 09
minitwitter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2574
index.php in MiniTwitter 0.2 beta allows remote authenticated users to modify certain options of arbitrary accounts via an opt action.
Thu, 23 Jul 09
minitwitter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2573
Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php.
Thu, 23 Jul 09
fivestar_module_for_drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2572
Cross-site request forgery (CSRF) vulnerability in the Fivestar module 5.x-1.x before 5.x-1.14 and 6.x-1.x before 6.x-1.14, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users for requests that cast votes.
Thu, 23 Jul 09
verliadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2571
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VerliAdmin 0.3.7 and 0.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the URI, (2) the q parameter, (3) the nick parameter, or (4) the nick parameter in a bantest action.
Thu, 23 Jul 09
winfax_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2570
Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method.
Thu, 23 Jul 09
verlihub_control_panel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2569
Multiple cross-site scripting (XSS) vulnerabilities in Verlihub Control Panel (VHCP) 1.7e allow remote attackers to inject arbitrary web script or HTML via (1) the nick parameter in a login action to index.php or (2) the URI in a news request to index.html.
Thu, 23 Jul 09
streaming_audio_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2568
Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file.
Thu, 23 Jul 09
almond_classifieds
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2567
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
Wed, 22 Jul 09
acrobat_reader, getplus_download_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2564
NOS Microsystems getPlus Download Manager for Adobe 1.6.2.36, and possibly other versions, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program.
Wed, 22 Jul 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2563
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
Wed, 22 Jul 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2562
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
Wed, 22 Jul 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2561
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.
Wed, 22 Jul 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2560
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (crash) via unspecified vectors in the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissectors.
Wed, 22 Jul 09
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2559
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information.
Wed, 22 Jul 09
admin_news_tools
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2558
system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote attackers to post news messages via a direct request.
Wed, 22 Jul 09
admin_news_tools
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2557
Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter.
Wed, 22 Jul 09
chrome
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2556
Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation.
Wed, 22 Jul 09
chrome, v8
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2555
Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression.
Tue, 21 Jul 09
helix_server, helix_server_mobile
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2533
rmserver in RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allows remote attackers to cause a denial of service (daemon exit) via multiple RTSP SET_PARAMETER requests with empty DataConvertBuffer headers.
Tue, 21 Jul 09
kernel, linux_kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1897
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894.
Sat, 18 Jul 09
movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2492
Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type before 4.261 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-2480.
Sat, 18 Jul 09
android
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2348
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone.
Sat, 18 Jul 09
pulseaudio
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1894
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.
Sat, 18 Jul 09
dhcp, enterprise_linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1893
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
Sat, 18 Jul 09
dhcp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1892
dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
Fri, 17 Jul 09
ray_server_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2491
The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "resource leaks."
Fri, 17 Jul 09
ray_server_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2490
Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or possibly gain privileges via unknown vectors related to "resource leaks."
Fri, 17 Jul 09
ray_server_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2489
Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors.
Fri, 17 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2488
Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations."
Fri, 17 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2487
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors.
Fri, 17 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2486
Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets.
Fri, 17 Jul 09
ht-mp3player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2485
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
Fri, 17 Jul 09
vlc_media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2484
Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long smb URI in a playlist file.
Fri, 17 Jul 09
netbsd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2483
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element.
Fri, 17 Jul 09
netbsd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2482
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.
Fri, 17 Jul 09
movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2481
mt-wizard.cgi in Six Apart Movable Type before 4.261 when global templates are not initialized allows remote attackers to bypass access restrictions and (1) send e-mail to arbitrary addresses or (2) obtain sensitive information via unspecified vectors.
Fri, 17 Jul 09
six_apart_movable_type
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2480
Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type 4.24, and 4.25 when global templates are not initialized, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Fri, 17 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2479
Stack-based buffer overflow in Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long Unicode string argument to the write method.
Fri, 17 Jul 09
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2478
Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."
Fri, 17 Jul 09
CVE-2009-2048 (crs, customer_response_applications, ip_qm, unified_ccx, unified_ip_contact_cente...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2048
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.
Fri, 17 Jul 09
CVE-2009-2047 (crs, customer_response_applications, ip_qm, unified_ccx, unified_ip_contact_cente...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2047
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors.
Fri, 17 Jul 09
kernel, linux_kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1895
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR).
Thu, 16 Jul 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0232
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table, aka "Embedded OpenType Font Integer Overflow Vulnerability."
Thu, 16 Jul 09
windows_2000, windows_server_2003, windows_server_2008, windows_vista, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0231
Heap-based buffer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record, aka "Embedded OpenType Font Heap Overflow Vulnerability."
Wed, 15 Jul 09
CVE-2009-2455 (@tmail)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2455
Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Wed, 15 Jul 09
web_interface
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2454
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, 5.0, and 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 15 Jul 09
presentation_server, xenapp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2453
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors.
Wed, 15 Jul 09
licensing
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2452
Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console."
Wed, 15 Jul 09
infinix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2451
Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form.
Wed, 15 Jul 09
ez_career
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6867
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter.
Wed, 15 Jul 09
current_issue_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6866
SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action.
Wed, 15 Jul 09
php-nuke
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6865
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action.
Wed, 15 Jul 09
CVE-2008-6864 (absolute_live_support_.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6864
Xigla Software Absolute Live Support .NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
CVE-2008-6863 (absolute_form_processor.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6863
Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
absolute_content_rotator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6862
Absolute Content Rotator 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
absolute_newsletter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6861
Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
absolute_poll_manager_xe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6860
Xigla Software Absolute Poll Manager XE 4.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
absolute_control_panel_xe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6859
Xigla Software Absolute Control Panel XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
CVE-2008-6858 (absolute_banner_manager.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6858
Absolute Banner Manager .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
CVE-2008-6857 (absolute_podcast.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6857
Absolute Podcast .NET 1.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
CVE-2008-6856 (absolute_news_manager.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6856
Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Wed, 15 Jul 09
absolute_news_feed
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6855
Xigla Software Absolute News Feed 1.0 and possibly 1.5 allows remote attackers to bypass authentication and gain administrative access by setting a certain cookie.
Wed, 15 Jul 09
CVE-2008-6854 (absolute_faq_manager_.net)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6854
Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value.
Tue, 14 Jul 09
siteframe_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2443
Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Tue, 14 Jul 09
linea21
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2442
Cross-site scripting (XSS) vulnerability in public/index.php in Linea21 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a resultats-recherche action.
Tue, 14 Jul 09
online_guestbook_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2441
Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Guestbook Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter.
Tue, 14 Jul 09
guestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2440
Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook 3.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Tue, 14 Jul 09
alibaba_clone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2439
Multiple SQL injection vulnerabilities in Web Development House Alibaba (aka Alibaba.com) Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php.
Tue, 14 Jul 09
clansphere
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2438
Cross-site scripting (XSS) vulnerability in index.php in the search module in ClanSphere 2009.0 and 2009.0.2 allows remote attackers to inject arbitrary web script or HTML via the text parameter in a list action. NOTE: this might overlap CVE-2008-1399.
Tue, 14 Jul 09
rentventory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2437
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Rentventory 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) username (aka Login) and (2) password parameters in a login action.
Tue, 14 Jul 09
myphpdating
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2436
SQL injection vulnerability in page.php in Online Dating Software MyPHPDating 1.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
Tue, 14 Jul 09
lotus_instant_messaging_and_web_conferencing
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2435
The Sametime server in IBM Lotus Instant Messaging and Web Conferencing 6.5.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Tue, 14 Jul 09
aix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2434
Buffer overflow in the syscall implementation in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
Sat, 11 Jul 09
http_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1891
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
Fri, 10 Jul 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1725
WebKit in Apple Safari before 4.0.2 does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Fri, 10 Jul 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1724
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.
Fri, 10 Jul 09
ocs_inventory_ng, ocsinventory-agent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0667
Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.
Fri, 10 Jul 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2421
The CFCharacterSetInitInlineBuffer method in CoreFoundation.dll in Apple Safari 3.2.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a "high-bit character" in a URL fragment for an unspecified protocol.
Fri, 10 Jul 09
safari
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2420
Apple Safari 3.2.3 does not properly implement the file: protocol handler, which allows remote attackers to read arbitrary files or cause a denial of service (launch of multiple Windows Explorer instances) via vectors involving an unspecified HTML tag, possibly a related issue to CVE-2009-1703.
Fri, 10 Jul 09
safari, webkit
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2419
Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the JavaScript reload function. NOTE: some of these details are obtained from third party information.
Fri, 10 Jul 09
scmpx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2403
Heap-based buffer overflow in SCMPX 1.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a .m3u playlist file.
Fri, 10 Jul 09
phpecho_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2402
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355.
Fri, 10 Jul 09
phpecho_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2401
Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote attackers to inject arbitrary web script or HTML via a forum post.
Fri, 10 Jul 09
com_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2400
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
Fri, 10 Jul 09
dm_filemanager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2399
PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.
Fri, 10 Jul 09
php-sugar
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2398
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
Fri, 10 Jul 09
audio_article_directory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2397
Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.
Fri, 10 Jul 09
dm_album
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2396
PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.
Fri, 10 Jul 09
com_k2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2395
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.
Fri, 10 Jul 09
smspages
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2394
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
Fri, 10 Jul 09
virtue_online_test_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2393
admin/index.php in Virtuenetz Virtue Online Test Generator does not require administrative privileges, which allows remote authenticated users to have an unknown impact via unspecified vectors.
Fri, 10 Jul 09
virtue_online_test_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2392
SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.
Fri, 10 Jul 09
virtue_online_test_generator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2391
Cross-site scripting (XSS) vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to inject arbitrary web script or HTML via the tid parameter.
Fri, 10 Jul 09
com_bookflip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2390
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
Fri, 10 Jul 09
newsolved
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2389
Multiple SQL injection vulnerabilities in newsscript.php in USOLVED NEWSolved 1.1.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) jahr or (2) idneu parameter in an archive action, or (3) the newsid parameter.
Fri, 10 Jul 09
opial
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2388
SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtPassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 10 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2387
Unspecified vulnerability in the proc filesystem in Sun OpenSolaris snv_49 through snv_109 allows local users to cause a denial of service (deadlock and panic) via unknown vectors, related to the ldt_rewrite_syscall function.
Thu, 9 Jul 09
4images
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2380
Cross-site scripting (XSS) vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable.
Thu, 9 Jul 09
bigace_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2379
Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter.
Thu, 9 Jul 09
jax_formmailer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2378
PHP remote file inclusion vulnerability in formmailer.admin.inc.php in Jax FormMailer 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the BASE_DIR[jax_formmailer] parameter.
Thu, 9 Jul 09
avax_vector_activex
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2377
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service (application crash) via a long PrinterName property.
Thu, 9 Jul 09
tangocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2376
Cross-site scripting (XSS) vulnerability in the Html::textarea function in application/libraries/Html.php in TangoCMS 2.x before 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the value parameter, related to the Contact module.
Thu, 9 Jul 09
photo_dvd_maker
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2375
Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information.
Thu, 9 Jul 09
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2374
Drupal 5.x before 5.19 and 6.x before 6.13 does not properly sanitize failed login attempts for pages that contain a sortable table, which includes the username and password in links that can be read from (1) the HTTP referer header of external web sites that are visited from those links or (2) when page caching is enabled, the Drupal page cache.
Thu, 9 Jul 09
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2373
Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x before 6.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 9 Jul 09
drupal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2372
Drupal 6.x before 6.13 does not prevent users from modifying user signatures after the associated comment format has been changed to an administrator-controlled input format, which allows remote authenticated users to inject arbitrary web script, HTML, and possibly PHP code via a crafted user signature.
Thu, 9 Jul 09
advanced_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2371
Advanced Forum 6.x before 6.x-1.1, a module for Drupal, does not prevent users from modifying user signatures after the associated comment format has been changed to an administrator-controlled input format, which allows remote authenticated users to inject arbitrary web script, HTML, and possibly PHP code via a crafted user signature.
Thu, 9 Jul 09
advanced_forum
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2370
Cross-site scripting (XSS) vulnerability in Advanced Forum 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 9 Jul 09
wxwidgets
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2369
Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 9 Jul 09
ss5
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2368
Unspecified vulnerability in Socks Server 5 before 3.7.8-8 has unknown impact and attack vectors.
Thu, 9 Jul 09
storcenter_pro
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2367
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session_id parameter.
Thu, 9 Jul 09
forumpal, forumpal_fe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2366
SQL injection vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 allows remote attackers to execute arbitrary SQL commands via the (1) password parameter in 1.1 and (2) p_password parameter in 1.5. NOTE: some of these details are obtained from third party information.
Thu, 9 Jul 09
gallerypal_fe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2365
SQL injection vulnerability in login.asp in DataCheck Solutions GalleryPal FE 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Thu, 9 Jul 09
mp3-nator
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2364
Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers to execute arbitrary code via a long string in a .plf file, possibly related to a track entry.
Thu, 9 Jul 09
audioplus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2363
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.
Thu, 9 Jul 09
audioplus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2362
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows remote attackers to execute arbitrary code via a long string in a (1) .lst or (2) .m3u playlist file.
Thu, 9 Jul 09
CVE-2009-2361 (osticket1.6rc4)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2361
SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.
Thu, 9 Jul 09
passwd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2360
Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module before 3.1.1 for Horde allows remote attackers to inject arbitrary web script or HTML via the backend parameter.
Wed, 8 Jul 09
gaestebuch_guestbook_module
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2337
SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spam_id parameter.
Wed, 8 Jul 09
netcat
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6853
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter.
Wed, 8 Jul 09
CVE-2008-6852 (ice_gallery_component_for_joomla, joomla!)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6852
SQL injection vulnerability in the Ice Gallery (com_ice) component 0.5 beta 2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
Wed, 8 Jul 09
php_link_directory
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6851
SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the name parameter.
Wed, 8 Jul 09
php-fusion
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6850
Cross-site scripting (XSS) vulnerability in messages.php in PHP-Fusion 6.01.17 and 7.00.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Wed, 8 Jul 09
phpgreetcards
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6849
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
Wed, 8 Jul 09
phpgreetcards
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6848
Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to inject arbitrary web script or HTML via the category parameter in a select action.
Fri, 3 Jul 09
jinzora
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2313
Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter.
Fri, 3 Jul 09
smartfilter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2312
SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.
Fri, 3 Jul 09
rgallery_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2311
SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.
Fri, 3 Jul 09
x-blc
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2310
SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter.
Fri, 3 Jul 09
codice_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2309
SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter.
Fri, 3 Jul 09
affiliates_mod
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2308
Multiple SQL injection vulnerabilities in affiliates.php in the Affiliation (aka Affiliates) module 1.1.0 and earlier for PunBB allow remote attackers to execute arbitrary SQL commands via the (1) in or (2) out parameter.
Fri, 3 Jul 09
cwguestbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2307
SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers to execute arbitrary SQL commands via the rid parameter in a viewrecords action to modules.php.
Fri, 3 Jul 09
ard-9808, ard-9808_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2306
The ARD-9808 DVR card security camera stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing usernames and passwords via a direct request for dvr.ini.
Fri, 3 Jul 09
ard-9808, ard-9808_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2305
The ARD-9808 DVR card security camera allows remote attackers to cause a denial of service via a long URI composed of //.\ (slash slash dot backslash) sequences.
Fri, 3 Jul 09
aardvark_topsites_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2304
index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message.
Fri, 3 Jul 09
aardvark_topsites_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2303
index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote attackers to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message.
Fri, 3 Jul 09
aardvark_topsites_php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2302
Cross-site scripting (XSS) vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
Fri, 3 Jul 09
appwall, gateway
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2301
The radware AppWall Web Application Firewall (WAF) 1.0.2.6, with Gateway 4.6.0.2, allows remote attackers to read source code via a direct request to (1) funcs.inc, (2) defines.inc, or (3) msg.inc in Management/.
Fri, 3 Jul 09
airlock_web_application_firewall
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2300
The management interface in the phion airlock Web Application Firewall (WAF) 4.1-10.41 does not properly handle CGI requests that specify large width and height parameters for an image, which allows remote attackers to execute arbitrary commands or cause a denial of service (resource consumption) via a crafted request.
Fri, 3 Jul 09
hyperguard
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2299
The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data.
Fri, 3 Jul 09
openview_network_node_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2298
Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420.
Fri, 3 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2297
Unspecified vulnerability in the udp subsystem in the kernel in Sun Solaris 10, and OpenSolaris snv_90 through snv_108, when Solaris Trusted Extensions is enabled, allows remote attackers to cause a denial of service (panic) via unspecified vectors involving the crgetlabel function, related to a "TX panic." NOTE: this issue exists because of a regression in earlier kernel patches.
Fri, 3 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2296
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.
Fri, 3 Jul 09
oncplus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1421
Unspecified vulnerability in NFS / ONCplus on HP HP-UX B.11.31 allows local users to cause a denial of service via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Fri, 3 Jul 09
pre_asp_job_board
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6847
Cross-site scripting (XSS) vulnerability in Employee/emp_login.asp in Pre ASP Job Board allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Fri, 3 Jul 09
avast_antivirus
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6846
Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file.
Fri, 3 Jul 09
clamav
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6845
The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file.
Fri, 3 Jul 09
ez_publish
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6844
The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and other parameters.
Fri, 3 Jul 09
cpanel, fantastico_de_luxe
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6843
Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter.
Fri, 3 Jul 09
pluck
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6842
Directory traversal vulnerability in data/modules/blog/module_pages_site.php in Pluck 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the post parameter.
Thu, 2 Jul 09
tutorial_share
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2293
Optimum Web Design Tutorial Share 3.5.0 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the usernamed cookie parameter.
Thu, 2 Jul 09
a-news
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2292
Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 2 Jul 09
logintoboggan
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2291
Unspecified vulnerability in LoginToboggan 6.x-1.x before 6.x-1.5, a module for Drupal, when "Allow users to login using their e-mail address" is enabled, allows remote blocked users to bypass intended access restrictions via unspecified vectors.
Thu, 2 Jul 09
com_bsadv
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2290
SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php.
Thu, 2 Jul 09
arcade_trade_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2289
Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action.
Thu, 2 Jul 09
nagios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2288
statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters.
Thu, 2 Jul 09
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2287
The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function.
Thu, 2 Jul 09
compface
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2286
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file.
Thu, 2 Jul 09
libtiff
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2285
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
Thu, 2 Jul 09
phpmyadmin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2284
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark.
Thu, 2 Jul 09
java_web_console, solaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2283
Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 2 Jul 09
opensolaris
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2282
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors.
Thu, 2 Jul 09
vote_for_us_extension
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2276
SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter.
Thu, 2 Jul 09
cpanel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2275
Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter.
Thu, 2 Jul 09
d100
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2274
The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents.
Thu, 2 Jul 09
d100
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2273
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
Thu, 2 Jul 09
d100
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2272
The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other vectors.
Thu, 2 Jul 09
d100
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2271
The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and has (2) a default password of admin for the admin account in the telnet interface; which makes it easier for remote attackers to obtain access.
Thu, 2 Jul 09
dedecms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2270
Unrestricted file upload vulnerability in member/uploads_edit.php in dedecms 5.3 allows remote attackers to execute arbitrary code by uploading a file with a double extension in the filename, then accessing this file via unspecified vectors, as demonstrated by a .jpg.php filename.
Thu, 2 Jul 09
phome_empire_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2269
SQL injection vulnerability in Empire CMS 5.1 allows remote attackers to execute arbitrary SQL commands via the bid parameter to the default URI under e/tool/gbook/.
Thu, 2 Jul 09
java_system_access_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2268
Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Thu, 2 Jul 09
pidgin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1889
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that triggers allocation of a large amount of memory.
Thu, 2 Jul 09
freebsd, netbsd, openbsd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0689
The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large precision value in the format argument to a printf function, related to an "array overrun."
Thu, 2 Jul 09
com_dbquery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6841
PHP remote file inclusion vulnerability in the Green Mountain Information Technology and Consulting Database Query (com_dbquery) component 1.4.1.1 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to classes/DBQ/admin/common.class.php.
Thu, 2 Jul 09
v-webmail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6840
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[pear_dir] parameter to (a) Mail/RFC822.php, (b) Net/Socket.php, (c) XML/Parser.php, (d) XML/Tree.php, (e) Mail/mimeDecode.php, (f) Console/Getopt.php, (g) System.php, (h) Log.php, and (i) File.php in includes/pear/; the CONFIG[pear_dir] parameter to (j) includes/prepend.php, and (k) includes/cachedConfig.php; and the (2) CONFIG[includes] parame...
Wed, 1 Jul 09
mega_file_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2263
Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
Wed, 1 Jul 09
ajaxportal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2262
PHP remote file inclusion vulnerability in install/di.php in AjaxPortal 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the pathtoserverdata parameter. NOTE: the installation instructions specify deleting the install/ folder.
Wed, 1 Jul 09
peazip
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2261
PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remote attackers to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a command.
Wed, 1 Jul 09
stardict
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2260
stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network.
Wed, 1 Jul 09
php-address_book
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2259
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via (1) the alphabet parameter to index.php or (2) the id parameter to delete.php. NOTE: the view.php and edit.php vectors are already covered by CVE-2008-2565.
Wed, 1 Jul 09
dg632
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2258
Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter.
Wed, 1 Jul 09
dg632
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2257
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to bypass authentication via a direct request to (1) gateway/commands/saveconfig.html, and (2) stattbl.htm, (3) modemmenu.htm, (4) onload.htm, (5) form.css, (6) utility.js, and possibly (7) indextop.htm in html/.
Wed, 1 Jul 09
dg632
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2256
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg.
Wed, 1 Jul 09
zen_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2255
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/.
Wed, 1 Jul 09
zen_cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2254
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a "SQL Execution" issue.