[CLOSE] OSVDB ID : 45219 - Disclosed: 2008-05-14

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 0, References: 5

Vulnerability Classification

[CLOSE] OSVDB ID : 45217 - Disclosed: 2008-04-25

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 2

Vulnerability Classification

[CLOSE] OSVDB ID : 45215 - Disclosed: 2008-04-25

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 2

Vulnerability Classification

[CLOSE] OSVDB ID : 45213 - Disclosed: 2008-05-14

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 2

Vulnerability Classification

[CLOSE] OSVDB ID : 45211 - Disclosed: 2008-05-12

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 2

Vulnerability Classification

[CLOSE] OSVDB ID : 40621 - Disclosed: 2007-10-17

Description:

Simple PHP Blog contains a flaw that allows a remote Cross-Site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps and/or confirmation for sensitive transactions to delete posts. By using a crafted URL (e.g. a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

Comments: 0, Blogs: 0, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 28946 - Disclosed: 2006-09-19

Description:

A remote stack-based buffer overflow exists in Microsoft Internet Explorer. The browser's vml rendering engine fails to check the length of a fill parameter on the rect tag resulting in a stack-based buffer overflow. With a specially crafted request that contains a vml graphics, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Comments: 0, Blogs: 0, References: 28

Vulnerability Classification

[CLOSE] OSVDB ID : 592 - Disclosed: 2002-09-12

Description:

By default, Zyxel routers install with a default password. The administrative account has a password of 1234 which is publicly known and documented. This allows attackers to trivially access the program or system.

Comments: 0, Blogs: 0, References: 9

Vulnerability Classification

[CLOSE] OSVDB ID : 44880 - Disclosed: 2007-11-16

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file. NOTE: this might be the same issue as CVE-2005-0944.

Comments: 0, Blogs: 13, References: 12

Vulnerability Classification

[CLOSE] OSVDB ID : 877 - Disclosed: 2003-01-20

Description:

RFC compliant web servers support the TRACE HTTP method, which contains a flaw that may lead to an unauthorized information disclosure. The TRACE method is used to debug web server connections and allows the client to see what is being received at the other end of the request chain. Enabled by default in all major web servers, a remote attacker may abuse the HTTP TRACE functionality, i.e. cross-site scripting (XSS), which will disclose sensitive configuration information resulting in a loss of confidentiality.

Comments: 0, Blogs: 0, References: 27

Vulnerability Classification

[CLOSE] OSVDB ID : 43980 - Disclosed: 2008-04-16

Description:

A buffer overflow exists in Safari. The WebKit component fails to validate JavaScript regular expressions resulting in a heap overflow. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Comments: 0, Blogs: 14, References: 15

Vulnerability Classification

[CLOSE] OSVDB ID : 45031 - Disclosed: 2008-05-13

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 13, References: 7

Vulnerability Classification

[CLOSE] OSVDB ID : 43870 - Disclosed: 2008-03-25

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.

Comments: 0, Blogs: 13, References: 50

Vulnerability Classification

[CLOSE] OSVDB ID : 44213 - Disclosed: 2008-04-08

Description:

A heap overflow overflow exists in Windows. gdi32.dll fails to validate EMF files resulting in a heap overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

Comments: 0, Blogs: 36, References: 15

Vulnerability Classification

[CLOSE] OSVDB ID : 44364 - Disclosed: 2008-04-12

Description:

(Description Provided by CVE) : libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.

Comments: 0, Blogs: 8, References: 24

Vulnerability Classification