| OSVDB ID | Disclosure Date | Title |
|---|
|
43253
Description:
Unknown / Incomplete
|
2007-02-15
|
Jetty mod_jk AJPParser Packet Handling Overflow
|
|
56501
Description:
Haber Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'HaberDetay.asp' script not properly sanitizing user-supplied input to the 'id' or 'kid' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2007-02-15
|
Aktueldownload Haber Script HaberDetay.asp Multiple Parameter SQL Injection
|
|
58782
Description:
Haber Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the rss.asp script not properly sanitizing user-supplied input to the 'id' and 'kid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2007-02-15
|
Aktueldownload Haber Script rss.asp Multiple Parameter SQL Injection
|
|
32104
Description:
Mozilla Firefox, Mozilla SeaMonkey, and other Mozilla-based browsers contain a flaw that may allow a remote attacker to bypass security restrictions and gain knowledge of sensitive information. The issue is due to Mozilla-based browsers improperly handling writes to the 'location.hostname' DOM property. The flaw is triggered when a malicious web page writes a hostname value containing NULL characters ('\x00') to the 'location.hostname' DOM property, allowing for alteration of the 'document.domain' in order to bypass the same-origin policy for cross-frame/cross-window data access. This may allow an attacker the ability to manipulate authentication cookies for third party web pages and tamper with the way these sites are displayed or how they work, resulting in a loss of confidentiality.
|
2007-02-14
|
Mozilla Multiple Products location.hostname Null Byte URI Security Bypass
|
|
33210
Description:
(Description Provided by CVE) : Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before 1.2-beta2, allows remote attackers to obtain sensitive information (file contents) via a "crafted URL."
|
2007-02-14
|
LifeType rss.php profile Parameter Traversal Arbitrary File Access
|
|
33195
Description:
(Description Provided by CVE) : The NTLM_UnPack_Type3 function in MENTLM.dll in MailEnable Professional 2.35 and earlier allows remote attackers to cause a denial of service (application crash) via certain base64-encoded data following an AUTHENTICATE NTLM command to the imap port (143/tcp), which results in an out-of-bounds read.
|
2007-02-14
|
MailEnable MENTLM.dll NTLM AUTHENTICATE NTLM Command DoS
|
|
33062
Description:
(Description Provided by CVE) : Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-based protocols, allows remote attackers to cause a denial of service (device reboot) via malformed TCP packets.
|
2007-02-14
|
Cisco PIX / ASA Malformed TCP Packet DoS
|
|
33063
Description:
(Description Provided by CVE) : Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to use the LOCAL authentication method, allows remote authenticated users to gain privileges via unspecified vectors.
|
2007-02-14
|
Cisco PIX / ASA LOCAL Authentication Method Remote Privilege Escalation
|
|
34843
Description:
(Description Provided by CVE) : The default configuration of the AirPort utility in Apple AirPort Extreme creates an IPv6 tunnel but does not enable the "Block incoming IPv6 connections" setting, which might allow remote attackers to bypass intended access restrictions by establishing IPv6 sessions that would have been rejected over IPv4.
|
2007-02-14
|
Apple AirPort Extreme IPv6 Tunnel Restriction Weakness
|
|
34180
Description:
Unknown / Incomplete
|
2007-02-14
|
Calendar Express search.php allwords Parameter XSS
|
|
33054
Description:
(Description Provided by CVE) : Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the "inspect sip" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets.
|
2007-02-14
|
Cisco PIX / ASA inspect sip Malformed SIP Packet DoS
|
|
33055
Description:
(Description Provided by CVE) : Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic.
|
2007-02-14
|
Cisco PIX / ASA inspect http Malformed HTTP Traffic DoS
|
|
33056
Description:
Cisco Firewall Services Module (FWSM) contains a flaw that may allow a remote denial of service. The issue is triggered when the FWSM receives an unknown malformed packet for one of it's interfaces IP and generates a syslog message with id 710006. This will result in loss of availability for the system.
|
2007-02-14
|
Cisco Firewall Services Module (FWSM) Crafted Traffic Syslog Message 710006 DoS
|
|
33057
Description:
Cisco Firewall Services Module (FWSM) contains a flaw that may allow a remote denial of service. The issue is triggered when certain malformed HTTPS requests are send through the auth-proxy feature, and will result in loss of availability for the system.
|
2007-02-14
|
Cisco Firewall Services Module (FWSM) aaa Authentication Malformed HTTPS Request DoS
|
|
33058
Description:
Cisco Firewall Services Module (FWSM) contains a flaw that may allow a remote denial of service. The issue is triggered when HTTP requests with a long URL are send through the auth-proxy feature, and will result in loss of availability for the system.
|
2007-02-14
|
Cisco Firewall Services Module (FWSM) aaa Authentication HTTP Request Overflow DoS
|
|
33059
Description:
Cisco Firewall Services Module contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted HTTPS packets are directed to the FWSM it's HTTPS services, and will result in loss of availability for the system.
|
2007-02-14
|
Cisco Firewall Services Module (FWSM) Crafted HTTPS Traffic DoS
|
|
33060
Description:
The Firewall Services Module (FWSM) contains a flaw that may allow a remote denial of service. The issue is triggered when processing received malformed SNMP packets, and will result in loss of availability for the system.
|
2007-02-14
|
Cisco Firewall Services Module (FWSM) Malformed SNMP Request Remote DoS
|
|
33061
Description:
Cisco Firewall Services Module (FWSM) contains a design flaw that may allow corruption of access-lists (ACL). The issue could be triggered by manipulating ACL's which uses object-groups. It is possible that the ACL becomes corrupted and ACE entries to not be elevated at all or out of order, resulting in blocking legitimate traffic and allowing traffic that is normally restricted. This vulnerability results in a loss of integrity and availability.
|
2007-02-14
|
Cisco Firewall Services Module (FWSM) ACE Evaluation ACL Bypass
|
|
33187
Description:
(Description Provided by CVE) : Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.03, and possibly earlier, allows remote attackers to execute arbitrary code via a M3U playlist file that contains a long file name. NOTE: it was later reported that 1.20 and 1.30 are also affected.
|
2007-02-14
|
Total Video Player M3U Playlist Filename Overflow
|
|
35763
Description:
(Description Provided by CVE) : Unspecified vulnerability in Microsoft Powerpoint allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as exploited by Trojan.PPDropper.G. NOTE: as of 20070213, it is not clear whether this is the same issue as CVE-2006-5296, CVE-2006-4694, CVE-2006-3876, CVE-2006-3877, or older issues.
|
2007-02-14
|
Microsoft PowerPoint Unspecified Arbitrary Code Execution
|
|
33202
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in WebTester 5.0.20060927 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to POST parameters to multiple files.
|
2007-02-14
|
WebTester Multiple Unspecified XSS
|
|
33203
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in WebTester 5.0.20060927 and earlier allow remote attackers to execute arbitrary SQL commands via the testID parameter to directions.php, and unspecified parameters to other files that accept GET or POST input.
|
2007-02-14
|
WebTester directions.php typeID Parameter SQL Injection
|
|
33188
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
|
2007-02-14
|
MailEnable Web Mail Client right.asp Multiple Parameter XSS
|
|
33189
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
|
2007-02-14
|
MailEnable Web Mail Client Forms/MAI/list.asp Multiple Parameter XSS
|
|
33190
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.
|
2007-02-14
|
MailEnable Web Mail Client Forms/VCF/list.asp Multiple Parameter XSS
|
|
33191
Description:
(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.
|
2007-02-14
|
MailEnable Web Mail Client link / IMG Tag CSRF
|
|
31888
Description:
A local overflow exists in Malware Protection Engine. mpengine.dll fails to validate PDF files resulting in an integer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2007-02-14
|
Microsoft Malware Protection Engine PDF File Parsing Remote Code Execution
|
|
33840
Description:
(Description Provided by CVE) : Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources.
|
2007-02-14
|
Symantec Mail Security for SMTP Message Handling Overflow
|
|
33725
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in faq.php in DeskPRO 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the article parameter.
|
2007-02-14
|
DeskPRO faq.php article Parameter XSS
|
|
33732
Description:
(Description Provided by CVE) : Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.
|
2007-02-14
|
DVD-Tools dvdtools.ocx ActiveX DVD_TOOLS.OpenDVD Property Overflow
|
|
33727
Description:
Jupiter CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the Client-IP, X-Forwarded-For, X-Forwarded, Forwarded-For and Forwarded HTTP headers. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2007-02-14
|
Jupiter CMS Multiple HTTP Header SQL Injection
|
|
33728
Description:
Jupiter CMS contains a flaw that may allow an attacker to upload files. The issue is triggered when a malicious attacker makes a direct request to the 'modules/emoticions.php' script with 'a' parameter set to '1'.
|
2007-02-14
|
Jupiter CMS modules/emoticons.php Unrestricted File Upload
|
|
33729
Description:
Jupiter CMS contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the Client-IP, X-Forwarded-For, X-Forwarded, Forwarded-For and Forwarded HTTP headers upon submission to the 'index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2007-02-14
|
Jupiter CMS index.php Multiple HTTP Header XSS
|
|
33730
Description:
Jupiter CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php' script not properly sanitizing user input supplied to the 'n' parameter when the input is an FTP URL. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2007-02-14
|
Jupiter CMS index.php n Parameter FTP URL Remote File Inclusion
|
|
33731
Description:
Jupiter CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'n' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2007-02-14
|
Jupiter CMS index.php n Parameter Traversal Local File Inclusion
|
|
31939
Description:
Ekiga softphone contains a flaw that may allow a malicious user to execute arbitrary code resulting in a loss of integrity. This issue is caused due to a format string error within the 'gm_main_window_flash_message()' function in src/endpoints/urlhandler.cpp, src/endpoints/manager.cpp and src/endpoints/sip.cpp.
|
2007-02-13
|
Ekiga Softphone gm_main_window_flash_message() Format String
|
|
31889
Description:
Windows XP contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by an unspecified unchecked buffer in the Windows Image Acquisition service. This flaw may lead to a loss of integrity.
|
2007-02-13
|
Microsoft Windows XP SP2 Image Aquisition Service Local Privilege Escalation
|
|
31890
Description:
Windows contains an unspecified flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered by an unspecified flaw in the way Windows detects and installs new hardware. This flaw may lead to a loss of integrity.
|
2007-02-13
|
Microsoft Windows Shell New Hardware Local Privilege Escalation
|
|
31891
Description:
A remote memory corruption flaw exists in Internet Explorer. The flaw is triggered when Imjpcksid.dll is instantiated as an ActiveX control within Internet Explorer. With a specially crafted web page, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2007-02-13
|
Microsoft IE Imjpcksid.dll COM Object Instantiation Memory Corruption
|
|
31894
Description:
A remote memory corruption flaw exists in Internet Explorer. The flaw is triggered when Htmlmm.ocx is instantiated as an ActiveX control within Internet Explorer. With a specially crafted web page, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2007-02-13
|
Microsoft IE Htmlmm.ocx COM Object Instantiation Memory Corruption
|
