| OSVDB ID | Disclosure Date | Title |
|---|
|
7525
Description:
Unknown / Incomplete
|
2004-06-09
|
Mambo Open Source configuration.php Path Disclosure
|
|
88472
Description:
International Components for Unicode for Java (ICU4J) contains a flaw related to the sun packages. The issue is due to the JDKTimeZone function trying a cast to a class, leading to a security exception when run under the security manager. This may lead to a restriction bypass based on the limited information available.
|
2004-06-09
|
International Components for Unicode for Java (ICU4J) JDKTimeZone Function Unspecified Issue
|
|
51279
Description:
Invision Power Board contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'ssi.php' script not properly sanitizing user-supplied input to the 'f' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2004-06-08
|
Invision Power Board ssi.php f Parameter SQL Injection
|
|
7960
Description:
Unknown / Incomplete
|
2004-06-08
|
Multiple Anti-Virus Malformed Compressed Archive DoS
|
|
6791
Description:
A remote overflow exists in the Squid Internet Object Cache server. Squid fails to correctly test the length of the user-supplied LanMan Hash value in the ntlm_check_auth() function resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can execute arbitrary code on the system with the privileges the Squid process is running under. This flaw can only be exploited if Squid was compiled with the NTLM authentication helper enabled.
|
2004-06-08
|
Squid ntlm_check_auth Function NTLM Authentication Helper Password Handling Remote Overflow
|
|
6747
Description:
Crystal Reports and Crystal Enterprise contain a flaw that may allow a remote denial of service. The issue is triggered when a remote user repeatedly accesses the crystalimagehandler.aspx script and requests image creation, and will result in loss of availability for the server by exhausting disk space and slowing connections.
|
2004-06-08
|
Business Objects Crystal Reports/Enterprise Disk Space Exhaustion DoS
|
|
6748
Description:
Crystal Reports and Crystal Enterprise contain a flaw that allows a remote attacker to access or delete files outside of the web path. The issue is due to the crystalimagehandler.aspx script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "dynamicimage" variable.
|
2004-06-08
|
Business Objects Crystal Reports/Enterprise crystalimagehandler.aspx Arbitrary File Manipulation
|
|
6749
Description:
Microsoft Crystal Reports Web Viewer contains a flaw that allows a remote attacker to view or delete files outside of the web path. The issue is due to the program not properly sanitizing user input, specifically traversal style attacks (../../). Systems are only vulnerable if they have an IIS server installed.
|
2004-06-08
|
Microsoft Crystal Reports Web Viewer crystalimagehandler.aspxArbitrary File Access
|
|
6742
Description:
Microsoft DirectPlay contains a flaw that may allow a remote denial of service. The issue is due to the implementation of the IDirectPlay4 API of Microsoft DirectPlay improperly validating packets. By sending a specially crafted packet, a remote attacker can crash the networked DirectPlay applications, resulting in a loss of availability.
|
2004-06-08
|
Microsoft DirectPlay Packet Validation DoS
|
|
7125
Description:
A remote overflow exists in Aspell. The issue is due to a boundary error within the word-list-compress utility when processing word lists. By sending a specially crafted word list containing an overly long string (more than 256 bytes), an remote attacker can cause a buffer overflow and execute arbitrary code on the system, resulting in a loss of confidentiality and integrity.
|
2004-06-08
|
Aspell word-list-compress Local Overflow
|
|
6963
Description:
(Description Provided by CVE) : The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object.
|
2004-06-08
|
Microsoft IE Address Bar Spoofing
|
|
82784
Description:
Appweb contains a flaw in the handling of cookies. The issue is due to an error within the MaRequest:getCrackedCookie algorithm when parsing cookies. With a specially crafted request, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.
|
2004-06-08
|
Mbedthis AppWeb MaRequest:getCrackedCookie Algorithm Cookie Parsing Memory Corruption
|
|
6847
Description:
Unknown / Incomplete
|
2004-06-08
|
USRobotics Broadband Router 8003 Admin Password Disclosure
|
|
6756
Description:
FreeBSD contains a flaw that may allow a malicious user to manipulate internal routing tables. FreeBSD fails to prevent jailed processes with superuser privileges to modifying host routing tables. It is possible that the flaw may allow a malicious user to cause packets to be discarded or sent to the wrong network interface resulting in a loss of confidentiality or integrity.
|
2004-06-08
|
FreeBSD Jailed Process Host Routing Table Manipulation
|
|
6951
Description:
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered in isakmpd by using a delete payload piggybacked on a initiation of main mode, and will result in loss of availability for the connection.
|
2004-06-08
|
OpenBSD isakmpd SA Deletion DoS
|
|
7099
Description:
Unknown / Incomplete
|
2004-06-08
|
usb-mount sudo Access Arbitrary Device Unmount
|
|
53371
Description:
Unknown / Incomplete
|
2004-06-08
|
U.S. Robotics Broadband Router 8003 menu.htm Admin Password Disclosure
|
|
6995
Description:
Unknown / Incomplete
|
2004-06-08
|
Symantec Gateway Security 360R VPN Wireless Restriction Bypass
|
|
9170
Description:
Unknown / Incomplete
|
2004-06-08
|
ignitionServer Link Password Verification Failure
|
|
6730
Description:
Webmin contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an unspecified error occurs, which will disclose configuration information about any module resulting in a loss of confidentiality.
|
2004-06-07
|
Webmin Arbitrary Module Configuration Information Disclosure
|
|
44175
Description:
Unknown / Incomplete
|
2004-06-07
|
Sun Java System Directory Server Malformed SSL Certificate Remote DoS
|
|
6952
Description:
Kerio MailServer contains a flaw related to the Caller ID parsing that may allow a denial of service. No further details have been provided.
|
2004-06-07
|
Kerio MailServer Caller ID Parsing Infinite Recursion DoS
|
|
6953
Description:
Kerio MailServer contains a flaw related to the DNS parser that may allow an attacker to perform a denial of service. No further details have been provided.
|
2004-06-07
|
Kerio MailServer DNS Parser Malformed Packet DoS
|
|
6954
Description:
Kerio Mailserver contains a flaw related to the SMTP message size check that may allow an attacker to execute arbitrary code. No further details have been provided.
|
2004-06-07
|
Kerio MailServer SMTP Message Size Check Integer Overflow
|
|
6955
Description:
Kerio MailServer contains a flaw related to the processing of empty messages that may allow an attacker to perform a DoS, as the software attempts a divide-by-zero operation. No further details have been provided.
|
2004-06-07
|
Kerio MailServer Empty Message DoS
|
|
6956
Description:
Kerio MailServer contains a flaw related to the Linux AVG plugin that may allow an attacker to perform a DoS. No further details have been provided.
|
2004-06-07
|
Kerio MailServer Linux AVG plugin Message DoS
|
|
6731
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.
|
2004-06-07
|
Oracle E-Business Suite SQL Injection
|
|
6712
Description:
CPanel contains a flaw that may allow a malicious user to delete arbitrary customer DNS records. The issue is triggered when a remote authenticated attacker invokes the script "/scripts/killacct" to delete the DNS information of other accounts, which belong to other administrators. By setting a crafted cookie, a remote attacker can delete any DNS records, resulting in a loss of availability.
|
2004-06-07
|
cPanel killacct Script Arbitrary DNS Deletion
|
|
6726
Description:
A remote overflow exists in l2tpd. The l2tpd program fails to check the boundary in the write_packet() function in control.c, resulting in a buffer overflow. By establishing an L2TP tunnel and then sending a specially crafted packet, a remote attacker can overflow a buffer, resulting in a loss of integrity.
|
2004-06-07
|
l2tpd control.c write_packet Function Remote Overflow
|
|
6710
Description:
PHP contains a flaw that may allow a malicious user to bypass security restriction. The issue is due to an input validation error in the escapeshellcmd() routine. The escapeshellcmd() routine fails to filter the characters "%|>", allowing a remote attacker to access environment variables, redirect output and execute arbitrary commands. The flaw will result in a loss of confidentiality and integrity.
|
2004-06-07
|
PHP escapeshellcmd() Security Bypass
|
|
6737
Description:
PHP contains a flaw that may allow a malicious user to bypass security restriction. The issue is due to input validation error in the escapeshellarg() routine. The escapeshellarg() routine fails to filter the characters "%", allowing a remote attacker to access environment variables. The flaw will result in a loss of confidentiality and integrity.
|
2004-06-07
|
PHP escapeshellarg() Security Bypass
|
|
6961
Description:
Unknown / Incomplete
|
2004-06-07
|
IBM Global Security Toolkit (GSKit) SSL Handshake DoS
|
|
6711
Description:
log2mail contains a flaw that may allow a malicious user to execute arbitrary code on the system. This issue is due to a format string error in the "printlog()" function. By logging a crafted message via the syslog function, a local attacker can execute arbitrary code with the privilege of the log2mail process, which is typically a member of group 'adm', resulting in a loss of integrity.
|
2004-06-07
|
log2mail printlog() Message Logging Format String
|
|
17381
Description:
Unknown / Incomplete
|
2004-06-07
|
Yaws Web Server upload.yaws Unspecified Issue
|
|
22649
Description:
Unknown / Incomplete
|
2004-06-07
|
ELOG on Windows Entry Resubmission Overflow
|
|
17411
Description:
Unknown / Incomplete
|
2004-06-07
|
EFF Tor Untrusted dirserver Privilege Escalation
|
|
6848
Description:
WinAgents TFTP Server contains a flaw that may allow a remote denial of service. The issue is triggered when a request for a file name is greater than 1000 characters and will result in loss of availability for the service.
|
2004-06-07
|
WinAgents TFTP Server Long Filename Request DoS
|
|
8432
Description:
Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the "Show in Finder" option is selected in Safari, which may allow specific files which have been downloaded to execute. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
|
2004-06-07
|
Apple Safari Show In Finder Program Execution
|
|
8433
Description:
Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when LaunchServices automatically registers applications to use when opening unregistered file types, without prompting the user. With a specially crafted file and application, an attacker could trick a user into opening and executing a malicious program. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
|
2004-06-07
|
Apple Mac OS X LaunchServices Code Execution
|
|
15229
Description:
Unknown / Incomplete
|
2004-06-06
|
Hit Jammer admin.php Direct Access Authentication Bypass
|
