[CLOSE] OSVDB ID : 15171 - Disclosed: 2005-03-31

Description:

Microsoft Windows XP contains a flaw that may allow a remote attacker to inject arbitrary XML code into the Search function. The issue occurs when a remote attacker is able to manipulate traffic sent from the machine during a search query (DNS poisoning, firewall/router modification, etc). If the XML files that support the search funtion are missing, Windows will fetch a series of XML pages from sa.windows.com and display them. These XML pages can be served up from an alternate host, injecting XML links into the search interface which are likely to be trusted links.

[CLOSE] OSVDB ID : 15185 - Disclosed: 2005-03-31

Description:

PHP contains a flaw related to the unserialize() function. No further details have been provided.

[CLOSE] OSVDB ID : 15186 - Disclosed: 2005-03-31

Description:

PHP contains a flaw related to the swf_definepoly() function. No further details have been provided.

[CLOSE] OSVDB ID : 15694 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path.

[CLOSE] OSVDB ID : 15294 - Disclosed: 2005-03-30

Description:

PaFileDB contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'start' variable in the pafiledb.php script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 15158 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter.

[CLOSE] OSVDB ID : 15159 - Disclosed: 2005-03-30

Description:

Multiple Applications from Iatek contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when inserting a specially crafted value to the variable 'ConnectId' of the content.asp script, which will disclose the applicaton's physical path resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 15237 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.

[CLOSE] OSVDB ID : 15190 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag.

[CLOSE] OSVDB ID : 15191 - Disclosed: 2005-03-30

Description:

OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when TCP segments with invalid SACK options are received, and will result in loss of availability for the platform.

[CLOSE] OSVDB ID : 15192 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.

[CLOSE] OSVDB ID : 15193 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

[CLOSE] OSVDB ID : 15155 - Disclosed: 2005-03-30

Description:

Cisco 3000 series VPN conentrators contains a flaw that may allow a remote denial of service. The issue is triggered when a user sends specially crafted SSL requests to the concentrator, and will result in loss of availability for the concentrator.

[CLOSE] OSVDB ID : 15157 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows remote attackers to inject arbitrary web script or HTML via MIME text/enriched or text/richtext messages.

[CLOSE] OSVDB ID : 15124 - Disclosed: 2005-03-30

Description:

Squirrelcart PHP Shopping Cart contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'crn' and 'rn' variables in the index.php script are not verified properly and will allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 15123 - Disclosed: 2005-03-30

Description:

Kerio Personal Firewall contains a flaw that may allow a malicious user with access to the victim local system the ability to launch malicious programs to bypass the firewalls rules resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 15119 - Disclosed: 2005-03-30

Description:

PortalApp contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'banner_id' variable in the ad_click.asp script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 15120 - Disclosed: 2005-03-30

Description:

Multiple Iatek applications contain a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'contenttype' or 'keywords' variables upon submission to the content.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15491 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.

[CLOSE] OSVDB ID : 15374 - Disclosed: 2005-03-30

Description:

Reference: "The Frame Pointer Overwrite" (by klog), Phrack 55 "Writing IA32 alphanumeric shellcodes" (by rix), Phrack 57 "Smashing the stack for fun and profit" (by Aleph1), Phrack 49 Here it is, its been done before... GET /ADSAdClient31.dll?GetAd%3FPG=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.0 Host: rad.msn.com Accept: */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

[CLOSE] OSVDB ID : 15809 - Disclosed: 2005-03-30

Description:

(Description Provided by CVE) : Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

[CLOSE] OSVDB ID : 15156 - Disclosed: 2005-03-29

Description:

Adventia Chat Server Pro contains a flaw that allows remote and static cross site scripting attack. This flaw exists because the application does not validate user-supplied input upon submission to the main_frame.asp script. This could allow a user to insert a script that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15734 - Disclosed: 2005-03-29

Description:

Toshiba ACPI BIOS contains a flaw that may allow a local denial of service. The issue is due to an error, which causes the BIOS to only check the first slot in the MBR table for a bootable partition. It is possible for a malicious user to arbitrary specify a different slot in the MBR table, which prevents the system from booting resulting in a loss of availability.

[CLOSE] OSVDB ID : 44176 - Disclosed: 2005-03-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 15089 - Disclosed: 2005-03-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter.

[CLOSE] OSVDB ID : 15170 - Disclosed: 2005-03-29

Description:

(Description Provided by CVE) : Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.

[CLOSE] OSVDB ID : 23406 - Disclosed: 2005-03-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter.

[CLOSE] OSVDB ID : 23407 - Disclosed: 2005-03-29

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter.

[CLOSE] OSVDB ID : 15095 - Disclosed: 2005-03-29

Description:

Horde contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input upon submission to the the parent frame's page title. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15261 - Disclosed: 2005-03-29

Description:

SonicWALL SOHO/10 Firewall Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate query string upon submission to the webroot. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15262 - Disclosed: 2005-03-29

Description:

Some SonicWALL Firewall devices contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'uName' variables upon submission to the auth.cgi script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15091 - Disclosed: 2005-03-29

Description:

E-Data contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the input fields upon submission to the creation of a new user. This could allow a user to create a specially crafted HTML and script code that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server when the malicious personal information is viewed, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15180 - Disclosed: 2005-03-29

Description:

IRC Services contains a flaw that may allow a user to view the list of links for a nickname without identifying for the nickname. No further details have been provided.

[CLOSE] OSVDB ID : 15118 - Disclosed: 2005-03-29

Description:

FastStone 4in1 Browser contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the built-in web server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via URI.

[CLOSE] OSVDB ID : 15121 - Disclosed: 2005-03-29

Description:

Ublog Reload contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'msg' variable upon submission to the login.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 15122 - Disclosed: 2005-03-29

Description:

Ublog Reload contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when an attacker directly requests the ublogreload.mdb file, which will disclose the administrator login and hashed password resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 15076 - Disclosed: 2005-03-29

Description:

A buffer overflow exists in AntiGen for Domino. By submitting a very small file to the scanning engine, an attacker can cause a denial of service by exploiting the vulnerability, resulting in a loss of availability.

[CLOSE] OSVDB ID : 15077 - Disclosed: 2005-03-29

Description:

Antigen for Domino contains a flaw that may allow a local denial of service. The issue is due to an unspecific error within the scanning functionality when scanning a specially crafted RAR file, and will result in loss of availability for the system.

[CLOSE] OSVDB ID : 15164 - Disclosed: 2005-03-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 15160 - Disclosed: 2005-03-29

Description:

phpCOIN contains a flaw that will allow a remote attacker to inject arbitrary SQL code. The problem is that user-supplied input in the 'Search For' field is not verified properly and will allow a remote attacker to inject or manipulate SQL queries.