Home PHP Scripts Contact News Articles RSS Readers Donations

Software Vulnerability

 
Main

Software Alerts

Software and Script Bug Exploits
Software Vulnerability
Random Feeds

Archives

| Jan 2012 | Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Aug 2011 | Jul 2011 | Jun 2011 | May 2011 | Apr 2011 | Mar 2011 | Feb 2011 | Jan 2011 | Dec 2010 | Nov 2010 | Oct 2010 | Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |

Tue, 29 Jun 10
imanager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1929
Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.

Tue, 29 Jun 10
bugzilla
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1204
Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart search."

Tue, 29 Jun 10
bugzilla
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0180
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field.

Fri, 25 Jun 10
php
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2225
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.

Fri, 25 Jun 10
libtiff
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2067
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.

Fri, 25 Jun 10
libtiff
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2065
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.

Fri, 25 Jun 10
lxr_cross_referencer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1625
Cross-site scripting (XSS) vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448.

Fri, 25 Jun 10
lxr_cross_referencer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1448
Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625.

Fri, 25 Jun 10
firefox
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1203
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Fri, 25 Jun 10
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1202
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Fri, 25 Jun 10
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1201
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Fri, 25 Jun 10
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1200
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Fri, 25 Jun 10
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1199
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.

Fri, 25 Jun 10
firefox, seamonkey
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1198
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

Fri, 25 Jun 10
firefox, seamonkey
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1197
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.

Fri, 25 Jun 10
firefox, seamonkey, thunderbird
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1196
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.

Fri, 25 Jun 10
firefox, seamonkey
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0183
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus.

Fri, 25 Jun 10
websphere_ilog_jrules
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2433
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/.

Fri, 25 Jun 10
splunk
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2429
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not Found" response.

Fri, 25 Jun 10
wing_ftp_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2428
Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request.

Fri, 25 Jun 10
titan_ftp_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2426
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command.

Fri, 25 Jun 10
titan_ftp_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2425
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.

Fri, 25 Jun 10
plone
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2422
Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 allows remote attackers to inject arbitrary web script or HTML via the safe_html transform.

Tue, 22 Jun 10
cups
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.

Tue, 22 Jun 10
odcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2345
Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests.

Tue, 22 Jun 10
odcms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2344
Multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to (1) _main/index.php, (2) _members/index.php, (3) _forum/index.php, (4) _docs/index.php, and (5) _announcements/index.php.

Tue, 22 Jun 10
audio_converter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2343
Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbitrary code via a crafted pls playlist file.

Tue, 22 Jun 10
online_notebook_manager
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2342
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.

Sat, 19 Jun 10
itunes
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1387
Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.

Fri, 18 Jun 10
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1374
Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation.

Fri, 18 Jun 10
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1373
Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."

Fri, 18 Jun 10
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0546
Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder.

Fri, 18 Jun 10
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0545
The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the expected file ownerships during an "Apply to enclosed items" action, which allows local users to bypass intended access restrictions via normal filesystem operations.

Fri, 18 Jun 10
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0543
ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with MPEG2 encoding.

Fri, 18 Jun 10
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0541
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.

Fri, 18 Jun 10
mac_os_x, mac_os_x_server
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to hijack the authentication of administrators for requests that change settings.

Fri, 18 Jun 10
workspace_streaming, appstream
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4389
Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.

Wed, 16 Jun 10
CVE-2010-2267
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2267
Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web Server (aka Rock Web Server) 1.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the getenv sample program, (2) the desc parameter to loadstatic.cgi, (3) the name parameter to httpdcfg.cgi, or (4) the dns parameter to servercfg.cgi.

Wed, 16 Jun 10
sblim-sfcb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2054
Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header, aka bug #3001915. NOTE: some of these details are obtained from third party information.

Wed, 16 Jun 10
sblim-sfcb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1937
Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB before 1.3.8 might allow remote attackers to execute arbitrary code via a Content-Length HTTP header that specifies a value too small for the amount of POST data, aka bug #3001896.

Wed, 16 Jun 10
tomatocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1515
Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) article-id parameter in conjunction with a /admin/news/article/list PATH_INFO; the (3) keyword parameter in conjunction with a /admin/multimedia/set/list PATH_INFO; the (4) keyword or (5) fileId parameter in conjunction with a /admin/multimedia/file/list PATH_INFO; or the (6) name, (7) email, or (8) address par...

Wed, 16 Jun 10
tomatocms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1514
Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory.

Wed, 16 Jun 10
plume-cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2294
Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and possibly earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors.

Wed, 16 Jun 10
di-604
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2293
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size.

Wed, 16 Jun 10
di-604
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2292
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field.

Wed, 16 Jun 10
voip_phone_firmware
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2291
Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. NOTE: some of these details are obtained from third party information.

Wed, 16 Jun 10
unified_threat_management_firewall_firmware
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2290
Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in McAfee Unified Threat Management (UTM) Firewall (formerly SnapGear) firmware 3.0.0 through 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

Wed, 16 Jun 10
secure_access
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2289
Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Location parameter.

Wed, 16 Jun 10
secure_access
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2288
Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to inject arbitrary web script or HTML via the DSSignInURL cookie.

Wed, 16 Jun 10
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2287
Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

Wed, 16 Jun 10
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2286
The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

Wed, 16 Jun 10
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2285
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

Wed, 16 Jun 10
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2284
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

Wed, 16 Jun 10
wireshark
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2283
The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

Wed, 16 Jun 10
unrealircd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2075
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands.

Wed, 16 Jun 10
punbb
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4894
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail.

Wed, 16 Jun 10
unrealircd
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4893
Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when allow::options::noident is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Wed, 16 Jun 10
nginx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2266
nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.

Wed, 16 Jun 10
windows_2003_server, windows_server_2003, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2265
Cross-site scripting (XSS) vulnerability in the GetServerName function in sysinfo/commonFunc.js in Microsoft Windows Help and Support Center for Windows XP and Windows Server 2003 allows remote attackers to inject arbitrary web script or HTML via the svr parameter to sysinfo/sysinfomain.htm. NOTE: this can be leveraged with CVE-2010-1885 to execute arbitrary commands without user interaction.

Wed, 16 Jun 10
nginx
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2263
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.

Wed, 16 Jun 10
windows_2003_server, windows_server_2003, windows_xp
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1885
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL.

Wed, 16 Jun 10
autoupdate, autoupdate_engine_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0990
Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method.

Sat, 12 Jun 10
CVE-2009-4892 (webjump!)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4892
SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php.

Sat, 12 Jun 10
cs-cart
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4891
SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a products.view action.

Sat, 12 Jun 10
vbook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4890
Multiple cross-site scripting (XSS) vulnerabilities in the login application in vBook 4.2.17 allow remote attackers to inject arbitrary web script or HTML via the (1) title and (2) message parameters.

Sat, 12 Jun 10
book_panel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4889
SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter.

Sat, 12 Jun 10
phortail
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4888
Cross-site scripting (XSS) vulnerability in poster.php in PHortail 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) pseudo, (2) email, (3) ti, and (4) txt parameters.

Sat, 12 Jun 10
CVE-2009-4887 (cms_s.builder)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4887
PHP remote file inclusion vulnerability in index.php in CMS S.Builder 3.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in a binn_include_path cookie. NOTE: this can also be leveraged to include and execute arbitrary local files.

Sat, 12 Jun 10
phpcom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4886
Multiple directory traversal vulnerabilities in phpCommunity 2 2.1.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to module/admin/files/show_file.php and the (2) path parameter to module/admin/files/show_source.php.

Sat, 12 Jun 10
phpcom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4885
Cross-site scripting (XSS) vulnerability in templates/1/login.php in phpCommunity 2 2.1.8 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Sat, 12 Jun 10
phpcom
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4884
Multiple SQL injection vulnerabilities in phpCommunity 2 2.1.8, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the forum_id parameter in a forum action to index.php, (2) the topic_id parameter in a forum action to index.php, (3) the wert parameter in an id search action to index.php, (4) the wert parameter in a nick search action to index.php, or (5) the wert parameter in a forum search action to index.php, related to class_forum.php and cl...

Sat, 12 Jun 10
phprecipebook
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4883
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.

Tue, 8 Jun 10
exim
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2023
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.

Tue, 8 Jun 10
servicecenter
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1963
Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Tue, 8 Jun 10
storageworks_storage_mirroring
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1962
Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.2.1.870.0 allows remote attackers to execute arbitrary code via unknown vectors.

Tue, 8 Jun 10
rsa_key_manager_client
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1904
SQL injection vulnerability in EMC RSA Key Manager Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data.

Tue, 8 Jun 10
sudo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1646
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.

Tue, 8 Jun 10
yum-rhn-plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1439
yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security updates, by leveraging authentication data from this file.

Fri, 4 Jun 10
zonecheck
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2155
Multiple cross-site scripting (XSS) vulnerabilities in zc/publisher/html.rb in ZoneCheck 2.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) xmlnode.value, (2) zc-error text, (3) $zc_version, (4) domainname in a zc-title row, different vulnerabilities than CVE-2009-4882.

Fri, 4 Jun 10
kernel
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7256
mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643.

 

© amigura.co.uk All Rights Reserved.