[CLOSE] OSVDB ID : 46646 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

[CLOSE] OSVDB ID : 46647 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.

[CLOSE] OSVDB ID : 46648 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.

[CLOSE] OSVDB ID : 46649 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

[CLOSE] OSVDB ID : 46650 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.

[CLOSE] OSVDB ID : 46651 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."

[CLOSE] OSVDB ID : 46663 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in Alias Manager in Apple Mac OS X 10.5.1 and earlier on Intel platforms allows local users to gain privileges or cause a denial of service (memory corruption and application crash) by resolving an alias that contains crafted AFP volume mount information.

[CLOSE] OSVDB ID : 46664 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.5.4 allows user-assisted remote attackers to execute arbitrary code via a (1) .xht or (2) .xhtm file, which does not trigger a "potentially unsafe" warning message in (a) the Download Validation feature in Mac OS X 10.4 or (b) the Quarantine feature in Mac OS X 10.5.

[CLOSE] OSVDB ID : 46665 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code.

[CLOSE] OSVDB ID : 46666 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file.

[CLOSE] OSVDB ID : 46667 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Apple Mac OS X before 10.5 uses weak permissions for the User Template directory, which allows local users to gain privileges by inserting a Trojan horse file into this directory.

[CLOSE] OSVDB ID : 46668 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Dock in Apple Mac OS X 10.5 before 10.5.4, when Exposé hot corners is enabled, allows physically proximate attackers to gain access to a locked session in (1) sleep mode or (2) screen saver mode via unspecified vectors.

[CLOSE] OSVDB ID : 46669 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.

[CLOSE] OSVDB ID : 46930 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.

[CLOSE] OSVDB ID : 46634 - Disclosed: 2008-06-30

Description:

myBloggie contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'user_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 46635 - Disclosed: 2008-06-30

Description:

myBloggie contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin.php' script not properly sanitizing user-supplied input to the 'post_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 46691 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.

[CLOSE] OSVDB ID : 46652 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.

[CLOSE] OSVDB ID : 47006 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote attackers to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flux.php and (2) a TpsRafraich request to modifier_tps_rafraich.php.

[CLOSE] OSVDB ID : 53494 - Disclosed: 2008-06-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 46574 - Disclosed: 2008-06-30

Description:

eSHOP100 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'SUB' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 46580 - Disclosed: 2008-06-30

Description:

BareNuked CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/index.php' script not properly sanitizing user-supplied input to the 'password' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 46692 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Soldner Secret Wars 33724 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a large numeric value in a 0x80 data block.

[CLOSE] OSVDB ID : 46637 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter.

[CLOSE] OSVDB ID : 46636 - Disclosed: 2008-06-30

Description:

HIOX Banner Rotator (HBR) contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'hioxBannerRotate.php' script not properly sanitizing user input supplied to the 'hm' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 46690 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

[CLOSE] OSVDB ID : 46881 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.

[CLOSE] OSVDB ID : 46884 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script (aka FaScript) FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) key or (2) desc parameter to index.php, or (3) the name parameter to page.php.

[CLOSE] OSVDB ID : 46885 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script (aka FaScript) FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) key or (2) desc parameter to index.php, or (3) the name parameter to page.php.

[CLOSE] OSVDB ID : 46886 - Disclosed: 2008-06-30

Description:

FaName contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'class/page.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 46887 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a '; (quote semicolon) sequence in the id parameter, which reveals the installation path in an error message.

[CLOSE] OSVDB ID : 46888 - Disclosed: 2008-06-30

Description:

RSS-aggregator contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/fonctions/supprimer_flux.php' script not properly sanitizing user-supplied input to the 'IdFlux' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 46889 - Disclosed: 2008-06-30

Description:

RSS-aggregator contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/fonctions/supprimer_tag.php' script not properly sanitizing user-supplied input to the 'IdTag' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 46986 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.

[CLOSE] OSVDB ID : 47052 - Disclosed: 2008-06-30

Description:

pSys contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'chatbox.php' script not properly sanitizing user-supplied input to the 'showid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 47467 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle.

[CLOSE] OSVDB ID : 47849 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value paramter in the news page and (2) webpage parameter in the webpage_multi_edit form.

[CLOSE] OSVDB ID : 48850 - Disclosed: 2008-06-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 50129 - Disclosed: 2008-06-30

Description:

Acmlmboard contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'memberlist.php' script not properly sanitizing user-supplied input to the 'pow' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 46632 - Disclosed: 2008-06-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.