| OSVDB ID | Disclosure Date | Title |
|---|
|
51290
Description:
(Description Provided by CVE) : Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.
|
2008-12-17
|
Mozilla Firefox XUL Persist Attribute User Privacy Restriction Bypass
|
|
51291
Description:
(Description Provided by CVE) : Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka "response disclosure."
|
2008-12-17
|
Mozilla Multiple Products XMLHttpRequest 302 Redirect Same-origin Policy Bypass Information Disclosure
|
|
51292
Description:
(Description Provided by CVE) : Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.
|
2008-12-17
|
Mozilla Multiple Products window.onerror DOM API Same-origin Policy Bypass Information Disclosure
|
|
51293
Description:
(Description Provided by CVE) : Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.
|
2008-12-17
|
Mozilla Multiple Products Whitespace / Control Character URL Handling Phishing Weakness
|
|
51294
Description:
(Description Provided by CVE) : The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
|
2008-12-17
|
Mozilla Multiple Products CSS Parser Escaped Null Character Protection Mechanisms Bypass
|
|
51295
Description:
(Description Provided by CVE) : Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."
|
2008-12-17
|
Mozilla Multiple Products XBL Binding Unloaded Document XSS
|
|
51296
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown vectors in which "page content can pollute XPCNativeWrappers."
|
2008-12-17
|
Mozilla Multiple Products XPCNativeWrappers Pollution JavaScript Privilege Escalation
|
|
51297
Description:
(Description Provided by CVE) : Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data.
|
2008-12-17
|
Mozilla Firefox session-restore Data Restoration Same-origin Policy Bypass
|
|
51285
Description:
(Description Provided by CVE) : The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.
|
2008-12-17
|
Mozilla Multiple Products Layout Engine nsEscapeHTML2 Overflow
|
|
50812
Description:
Rematic CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
Rematic CMS index.php id Parameter SQL Injection
|
|
50813
Description:
Rematic CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the referenzdetail.php script not properly sanitizing user-supplied input to the id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
Rematic CMS referenzdetail.php id Parameter SQL Injection
|
|
50814
Description:
Rematic CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the produkte.php script not properly sanitizing user-supplied input to the id parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
Rematic CMS produkte.php id Parameter SQL Injection
|
|
50796
Description:
(Description Provided by CVE) : Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.
|
2008-12-17
|
Adobe Flash Player on Linux SWF File Handling Arbitrary Code Execution
|
|
50811
Description:
Courier Authentication Library contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to authpgsqllib.c not properly sanitizing user-supplied input to unspecified parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
Courier Authentication Library authpgsqllib.c Unspecified SQL Injection
|
|
50933
Description:
(Description Provided by CVE) : tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference.
|
2008-12-17
|
Solaris IP Tunnel Parameter Processing (tun(7M)) SIOCGTUNPARAM IOCTL Local Privilege Escalation
|
|
54239
Description:
Lizardware CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'administrator/index.php' script not properly sanitizing user-supplied input to the 'user' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
Lizardware CMS administrator/index.php user Parameter SQL Injection
|
|
52656
Description:
Unknown / Incomplete
|
2008-12-17
|
Mozilla Firefox nsHTMLFramesetFrame::Reflow Frameset Handling NULL Pointer Dereference
|
|
53573
Description:
Unknown / Incomplete
|
2008-12-17
|
PHP Python Extension Eval Code safe_mode Bypass
|
|
50743
Description:
(Description Provided by CVE) : Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, uses an insecure hash when signing requests, which allows remote attackers to impersonate other users and gain privileges.
|
2008-12-17
|
Services Module for Drupal Request Signing Hash Weakness
|
|
50779
Description:
EvimGibi Pro Resim Galerisi contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'resim.asp' script not properly sanitizing user-supplied input to the 'kat_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
EvimGibi Pro Resim Galerisi resim.asp kat_id Parameter SQL Injection
|
|
50802
Description:
RSMScript contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the 'verified' cookie value is set. This flaw may lead to a loss of confidentiality, integrity or availability.
|
2008-12-17
|
RSMScript verified Cookie Manipulation Admin Authentication Bypass
|
|
50797
Description:
(Description Provided by CVE) : SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) opt_in_out.php.inc, (2) confirmation.php.inc, and (3) renewal.php.inc in mailinglist/.
|
2008-12-17
|
ADbNewsSender mailinglist/opt_in_out.php.inc Unspecified Parameter SQL Injection
|
|
50794
Description:
Unknown / Incomplete
|
2008-12-17
|
betaparticle blog Blog.mdb Direct Request Database Disclosure
|
|
50795
Description:
(Description Provided by CVE) : SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields."
|
2008-12-17
|
Views Module For Drupal CCK Text Fields Unspecified SQL Injection
|
|
50798
Description:
ADbNewsSender contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'mailinglist/confirmation.php.inc' script not properly sanitizing user-supplied input to an Unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
ADbNewsSender mailinglist/confirmation.php.inc Unspecified Parameter SQL Injection
|
|
50799
Description:
ADbNewsSender contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'mailinglist/renewal.php.inc' script not properly sanitizing user-supplied input to an Unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
ADbNewsSender mailinglist/renewal.php.inc Unspecified Parameter SQL Injection
|
|
50800
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing.
|
2008-12-17
|
ADbNewsSender Application Subscription XSS
|
|
50803
Description:
RSMScript contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'quote' variables upon submission to the submit.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-17
|
RSMScript submit.php quote XSS
|
|
50804
Description:
RSMScript contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate quote variables upon submission to the 'edit-submit.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-17
|
RSMScript edit-submit.php quote XSS
|
|
51210
Description:
(Description Provided by CVE) : Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/upload/.
|
2008-12-17
|
K&S Shopsoftware admin/editor/images.php File Upload Arbitrary PHP Code Execution
|
|
50911
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method.
|
2008-12-17
|
Phoenician Casino FlashAX ActiveX SetID Method Argument Handling Overflow
|
|
50952
Description:
(Description Provided by CVE) : Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.
|
2008-12-17
|
Opera Crafted Text Area Handling Remote Overflow
|
|
50953
Description:
A remote buffer overflow exists in Opera web browser. Opera incorrectly parses file:// URLs, resulting in a possible buffer overflow. With a specially crafted request, an attacker can cause remote code execution resulting in a loss of confidentiality and/or availability.
|
2008-12-17
|
Opera file:// URL Host Name Handling Overflow
|
|
51206
Description:
(Description Provided by CVE) : SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
|
2008-12-17
|
GForge GroupJoinRequest.class create Function SQL Injection
|
|
51781
Description:
Tech Articles Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'item' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
Tech Articles Component for Joomla! index.php item Parameter SQL Injection
|
|
51782
Description:
TinyMCE contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'menuID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2008-12-17
|
TinyMCE index.php menuID Parameter SQL Injection
|
|
53403
Description:
(Description Provided by CVE) : Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter.
|
2008-12-17
|
phpcksec phpcksec.php file Parameter Traversal Arbitrary File / Directory Access
|
|
53404
Description:
phpcksec contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'path' parameters upon submission to the 'phpcksec.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2008-12-17
|
phpcksec phpcksec.php path Parameter XSS
|
|
56851
Description:
(Description Provided by CVE) : Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not use timeouts for signed requests, which allows remote attackers to impersonate other users and gain privileges via a replay attack that sends the same request.
|
2008-12-17
|
Services Module for Drupal Signed Request Timeout Weakness Replay Attack Remote Privilege Escalation
|
|
58941
Description:
BIRT contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the '__report' parameter upon submission to the birt-viewer/run script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2008-12-17
|
BIRT birt-viewer/run __report Parameter XSS
|
