Home PHP Scripts Contact News Articles RSS Readers Donations

Software Vulnerability

 
Main

Software Alerts

Software and Script Bug Exploits
Software Vulnerability
Random Feeds

Archives

| Jan 2012 | Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Aug 2011 | Jul 2011 | Jun 2011 | May 2011 | Apr 2011 | Mar 2011 | Feb 2011 | Jan 2011 | Dec 2010 | Nov 2010 | Oct 2010 | Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |

Fri, 27 Aug 10
utorrent
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3129
Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll that is located in the same folder as a .torrent or .btsearch file.

Fri, 27 Aug 10
teamviewer
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3128
Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.

Fri, 27 Aug 10
photoshop
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3127
Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other file that is processed by PhotoShop. NOTE: some of these details are obtained from third party information.

Fri, 27 Aug 10
avast_antivirus_free
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3126
Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc90loc.dll that is located in the same folder as an avast license (.avastlic) file.

Fri, 27 Aug 10
teammate_audit_management_software_suite
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3125
Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx file.

Fri, 27 Aug 10
vlc_media_player
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3124
Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file.

Thu, 26 Aug 10
free_image_hosting_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4987
admin/header.php in Scripteen Free Image Hosting Script 2.3 allows remote attackers to bypass authentication and gain administrative access by setting the cookgid cookie value to 1, a different vector than CVE-2008-3211.

Thu, 26 Aug 10
in-portal
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4986
Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the env parameter.

Thu, 26 Aug 10
accessories_me_php_affiliate_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4985
SQL injection vulnerability in browse.php in Accessories Me PHP Affiliate Script 1.4 allows remote attackers to execute arbitrary SQL commands via the Go parameter.

Thu, 26 Aug 10
accessories_me_php_affiliate_script
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4984
Multiple cross-site scripting (XSS) vulnerabilities in Accessories Me PHP Affiliate Script 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Keywords parameter to search.php and (2) SearchIndex parameter to browse.php.

Thu, 26 Aug 10
silurus_system
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4983
Multiple cross-site scripting (XSS) vulnerabilities in Silurus Classifieds 1.0 allow remote attackers to inject arbitrary web script or HTML via the ID parameter to (1) category.php and (2) wcategory.php, and the (3) keywords parameter to search.php.

Thu, 26 Aug 10
irokez_cms
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4982
SQL injection vulnerability in the select function in Irokez CMS 0.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to the default URI.

Thu, 26 Aug 10
photokorn_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4981
Multiple cross-site request forgery (CSRF) vulnerabilities in Photokorn Gallery 1.81 allow remote attackers to hijack the authentication of administrators.

Thu, 26 Aug 10
photokorn_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4980
Multiple cross-site scripting (XSS) vulnerabilities in Photokorn Gallery 1.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) where[] parameter to search.php and (2) qc parameter to admin.php.

Thu, 26 Aug 10
photokorn_gallery
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4979
Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) where[], (2) sort, (3) order, and (4) Match parameters.

Thu, 26 Aug 10
mybackup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4978
Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

Thu, 26 Aug 10
mybackup
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4977
PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 allows remote authenticated users to execute arbitrary PHP code via a URL in the main_content parameter.

Sat, 14 Aug 10
web_server_plugin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2989
nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to obtain sensitive information via a request to the /feed method, which reveals the version in a response.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2988
Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333.

Sat, 14 Aug 10
wireless_control_system_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2987
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless Control System (WCS) 7.x before 7.0.164, as used in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtg33854.

Sat, 14 Aug 10
wireless_control_system_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2986
Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288.

Sat, 14 Aug 10
websphere_service_registry_and_repository
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2985
Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the searchTerm parameter to ServiceRegistry/HelpSearch.do or (2) the queryItems[0].value parameter to ServiceRegistry/QueryWizardProcessStep1.do.

Sat, 14 Aug 10
envision
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2634
RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors.

Sat, 14 Aug 10
mantisbt
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2574
Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the name parameter in an Add Category action.

Sat, 14 Aug 10
jboss_enterprise_soa_platform
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2493
The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) the jbpm-console application, (7) the contract application, and (8) the uddi-console application in JBoss Enterprise SOA Platform before 5.0.2 contains GET and POST http-method elements, which allows remote attackers t...

Sat, 14 Aug 10
jboss_enterprise_service_bus, jboss_enterprise_soa_platform
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2474
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by executing a service.

Sat, 14 Aug 10
ubuntu_linux
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0834
The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2984
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2983
The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2982
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2981
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2980
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2979
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2978
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2977
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2976
The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access.

Sat, 14 Aug 10
unified_wireless_network_solution_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2975
Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.

Sat, 14 Aug 10
firewall_services_module, firewall_services_module_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2821
Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) with software 3.2 before 3.2(17.2), 4.0 before 4.0(11.1), and 4.1 before 4.1(1.2) for Catalyst 6500 series switches and 7600 series routers, when multi-mode is enabled, allows remote attackers to cause a denial of service (device reload) via crafted (1) Telnet, (2) SSH, or (3) ASDM traffic over TCP, aka Bug ID CSCtg68694.

Sat, 14 Aug 10
firewall_services_module, firewall_services_module_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2820
Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61662.

Sat, 14 Aug 10
firewall_services_module, firewall_services_module_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2819
Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61622.

Sat, 14 Aug 10
firewall_services_module, firewall_services_module_software
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2818
Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61710.

Sat, 14 Aug 10
CVE-2010-2817 (adaptive_security_appliance, asa_5500, asa_5505, asa_5510, asa_5520, asa_5540, as...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2817
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507.

Sat, 14 Aug 10
CVE-2010-2816 (adaptive_security_appliance, asa_5500, asa_5505, asa_5510, asa_5520, asa_5540, as...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2816
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.

Sat, 14 Aug 10
CVE-2010-2815 (adaptive_security_appliance, asa_5500, asa_5505, asa_5510, asa_5520, asa_5540, as...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2815
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.

Sat, 14 Aug 10
CVE-2010-2814 (adaptive_security_appliance, asa_5500, asa_5505, asa_5510, asa_5520, asa_5540, as...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2814
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.

Sat, 14 Aug 10
cabextract
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2801
Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library.

Sat, 14 Aug 10
cabextract
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2800
The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library.

Sat, 14 Aug 10
CVE-2010-2708 (procurve_switch_2610, procurve_switch_2610-24, procurve_switch_2610-24-pwr, procu...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2708
Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors.

Sat, 14 Aug 10
CVE-2010-2707 (procurve_switch_2626, procurve_switch_2626-pwr, procurve_switch_2650, procurve_sw...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2707
Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.

Sat, 14 Aug 10
CVE-2010-2706 (procurve_switch_2610, procurve_switch_2610-24, procurve_switch_2610-24-pwr, procu...)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2706
Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors.

Sat, 14 Aug 10
procurve_switch_1800-24g, procurve_switch_software, procurve_switch_1800-8g
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2705
Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors.

Sat, 14 Aug 10
adaptive_security_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1581
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.

Sat, 14 Aug 10
adaptive_security_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1580
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753.

Sat, 14 Aug 10
adaptive_security_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1579
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922.

Sat, 14 Aug 10
adaptive_security_appliance
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1578
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567.

Fri, 6 Aug 10
av_arcade
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2933
SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task.

Fri, 6 Aug 10
barcode_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2932
Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method.

Fri, 6 Aug 10
sigplus_pro_activex_control
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2931
Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method.

Fri, 6 Aug 10
zabbix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2790
Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary web script or HTML via the (1) filter_set, (2) show_details, (3) filter_rst, or (4) txt_select parameters to the triggers page (tr_status.php). NOTE: some of these details are obtained from third party information.

Fri, 6 Aug 10
barnowl
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2725
BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

Fri, 6 Aug 10
jboss_enterprise_application_platform
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1871
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.

Fri, 6 Aug 10
libmikmod
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2971
loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of name##env relative to name##tick and name##node, which allows remote attackers to trigger a buffer over-read and possibly have unspecified other impact via a crafted Impulse Tracker file, a related issue to CVE-2010-2546. NOTE: this issue exists because of an incomplete fix for CVE-2009-3995.

Fri, 6 Aug 10
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2970
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar issue to CVE-2010-2487.

Fri, 6 Aug 10
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2969
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487.

Fri, 6 Aug 10
vxworks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2968
The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

Fri, 6 Aug 10
vxworks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2967
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.

Fri, 6 Aug 10
vxworks
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2966
The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.

Fri, 6 Aug 10
1756-enbt_series_a, vxworks, 1756-enbt_series_a_firmware
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2965
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.

Fri, 6 Aug 10
celerra_network_attached_storage
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2860
The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.

Fri, 6 Aug 10
libmikmod
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2546
Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995.

Fri, 6 Aug 10
lvm2
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2526
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.

Fri, 6 Aug 10
moinmoin
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2487
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.

 

© amigura.co.uk All Rights Reserved.