| OSVDB ID | Disclosure Date | Title |
|---|
|
58860
Description:
(Description Provided by CVE) : The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer dereference during chain traversal, aka "Windows Kernel NULL Pointer Dereference Vulnerability."
|
2009-10-13
|
Microsoft Windows Kernel User Mode PE File Handling NULL Dereference Local Privilege Escalation
|
|
58861
Description:
(Description Provided by CVE) : The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."
|
2009-10-13
|
Microsoft Windows Kernel Exception Handler Unspecified Local DoS
|
|
58854
Description:
(Description Provided by CVE) : A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability."
|
2009-10-13
|
Microsoft Windows Indexing Service ActiveX Memory Corruption Arbitrary Code Execution
|
|
58849
Description:
(Description Provided by CVE) : Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability."
|
2009-10-13
|
Microsoft .NET Framework Crafted Application Managed Pointer Access Arbitrary Code Execution
|
|
58850
Description:
(Description Provided by CVE) : Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability."
|
2009-10-13
|
Microsoft .NET Framework Object Casting Manipulation Arbitrary Code Execution
|
|
58851
Description:
(Description Provided by CVE) : The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability."
|
2009-10-13
|
Microsoft .NET Framework / Silverlight Crafted Application Memory Manipulation Arbitrary Code Execution
|
|
58844
Description:
(Description Provided by CVE) : Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability."
|
2009-10-13
|
Microsoft Windows Media Player ASF Runtime Voice Sample Rate Handling Arbitrary Code Execution
|
|
58845
Description:
(Description Provided by CVE) : Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability."
|
2009-10-13
|
Microsoft Windows Media Runtime Compressed Audio File Handling Heap Corruption Arbitrary Code Execution
|
|
58875
Description:
Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user submits a specially crafted SMBv2 packet causing an infinite loop, and will result in loss of availability for the platform.
|
2009-10-13
|
Microsoft Windows SMBv2 Packet Handling Infinitie Loop Remote DoS
|
|
58876
Description:
Windows contains a flaw that may allow a malicious user to execute remote code. The issue is triggered when a malicious user sends a specially crafted SMB Multi-Protocol Negotiate Request packet with a command value which Windows cannot process. It is possible that the flaw may allow execute remote code resulting in a loss of integrity.
|
2009-10-13
|
Microsoft Windows SMB Packet Command Value Handling Remote Code Execution
|
|
59045
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
|
2009-10-13
|
phpMyAdmin Crafted MYSQL Table Name XSS
|
|
59046
Description:
(Description Provided by CVE) : SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.
|
2009-10-13
|
phpMyAdmin PDF Schema Generator Functionality Unspecified SQL Injection
|
|
59271
Description:
(Description Provided by CVE) : iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name.
|
2009-10-13
|
open-iscsi iscsi_discovery in SUSE Unspecified Temporary File Symlink Arbitrary File Overwrite
|
|
59449
Description:
Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when unprivileged users being able to send netlink packets to certain subsystems using connector, which can be exploited to change certain configurations and perform other operations that should not be available to unprivileged users.
|
2009-10-13
|
Linux Kernel Connector Netlink Packet Local Privilege Escalation
|
|
60542
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in Ortro before 1.3.4 have unknown impact and attack vectors.
|
2009-10-13
|
Ortro Multiple Unspecified Issues
|
|
60547
Description:
Unknown / Incomplete
|
2009-10-13
|
Solar Imperium Multiple Unspecified Issues
|
|
61569
Description:
(Description Provided by CVE) : Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security 2009 10.00 SP1 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs, as demonstrated by replacing quhlpsvc.exe.
|
2009-10-13
|
Quick Heal AntiVirus Product Files Path Subversion Local Privilege Escalation
|
|
61201
Description:
Unknown / Incomplete
|
2009-10-12
|
Deliantra Server Runes Inscription/Marking Unspecified Arbitrary Code Execution
|
|
60373
Description:
(Description Provided by CVE) : myPhile 1.2.1 allows remote attackers to bypass authentication via an empty password. NOTE: some of these details are obtained from third party information.
|
2009-10-12
|
myPhile myuser Variable Null Password Authentication Bypass
|
|
62374
Description:
(Description Provided by CVE) : The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long string following a refresh tag, which triggers a floating point exception.
|
2009-10-12
|
Palm Pre WebOS Crafted Web Page LunaSysMgr Process DoS
|
|
58877
Description:
Unknown / Incomplete
|
2009-10-12
|
XTelnet GnuTLS DLL File Unspecified Issue
|
|
58878
Description:
(Description Provided by CVE) : Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors.
|
2009-10-12
|
Skype Extras Manager on Windows Unspecified Issue
|
|
59406
Description:
DedeCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'feedback_js.php' script not properly sanitizing user-supplied input to the 'arcurl' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2009-10-12
|
DedeCMS feedback_js.php arcurl Parameter SQL Injection
|
|
60541
Description:
Unknown / Incomplete
|
2009-10-12
|
Collabtive Unspecified Issue
|
|
58852
Description:
Docebo contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'doceboLms/index.php' script not properly sanitizing user-supplied input to the 'word' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-10-10
|
Docebo doceboLms/index.php word Parameter SQL Injection
|
|
58853
Description:
Docebo contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'doceboCore/index.php' script not properly sanitizing user-supplied input to the 'id_certificate' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2009-10-10
|
Docebo doceboCore/index.php id_certificate Parameter SQL Injection
|
|
63708
Description:
Unknown / Incomplete
|
2009-10-10
|
CMS SiteLogic index.php mid Parameter XSS
|
|
58708
Description:
A remote overflow exists in aria2. aria2 fails to check a boundary error in the deserialize() function in DHTRoutingTableDeserializer.cc resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2009-10-09
|
aria2 DHTRoutingTableDeserializer.cc deserialize() Function DHT Routing Table Overflow
|
|
58709
Description:
ezRecipe-Zee contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'config/config.php' script not properly sanitizing user input supplied to the 'cfg[prePath]' parameter. This may allow an attacker to include a file from an arbitrary remote host that contains commands which will be executed by the vulnerable script with the same privileges as the web server.
|
2009-10-09
|
ezRecipe-Zee config/config.php cfg[prePath] Parameter Remote File Inclusion
|
|
58713
Description:
An overflow exists in Free WMA MP3 Converter. The utility fails to properly bound check wav files resulting in a stack-based overflow. With a specially crafted WAV, an attacker can cause arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability.
|
2009-10-09
|
Free WMA MP3 Converter WAV File Handling Overflow
|
|
58857
Description:
(Description Provided by CVE) : httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.
|
2009-10-09
|
httpdx URL Trailing Dot Request Source Disclosure
|
|
61988
Description:
(Description Provided by CVE) : mystring.c in hybserv in IRCD-Hybrid (aka Hybrid2 IRC Services) 1.9.2 through 1.9.4 allows remote attackers to cause a denial of service (daemon crash) via a ":help \t" private message to the MemoServ service.
|
2009-10-09
|
Hybrid2 IRC Services MemoServ Service Private Message Remote DoS
|
|
62765
Description:
Drupal contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'Site Information Field' upon submission to the 'Site Configuration' page. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2009-10-09
|
Drupal Site Configuration Site Information Field XSS
|
|
62766
Description:
Drupal Admin Content Manager contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'content type name' field upon submission to the 'Add Content Type' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2009-10-09
|
Drupal Admin Content Manager Add content type Field XSS
|
|
89381
Description:
Jenkins contains a flaw that may lead to unauthorized disclosure of potentially sensitive information. The issue is due to the program storing unspecified SMTP authentication passwords in plaintext. This may allow a local attacker to gain access to SMTP password information.
|
2009-10-09
|
Jenkins Unspecified SMTP Authentication Password Plaintext Local Disclosure
|
|
58729
Description:
A buffer overflow exists in Acrobat & Reader. The applications fail to validate PDF files resulting in an unspecified heap overflow overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2009-10-08
|
Adobe Reader / Acrobat ParamX Parameter PDF File Handling Overflow
|
|
58880
Description:
(Description Provided by CVE) : The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
|
2009-10-08
|
Linux Kernel eCryptfs fs/ecryptfs/inode.c d_delete Function NULL Dereference Local DoS
|
|
58691
Description:
(Description Provided by CVE) : Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.
|
2009-10-08
|
CA Multiple Products Anti-Virus Engine arclib Component RAR File Handling Memory Corruption DoS
|
|
58714
Description:
HTTPDX HTTP server 1.4 is vulnerable to a stack-based buffer overflow vulnerability. The vulnerability is caused due to a boundary error within the "h_handlepeer()" function in http.cpp. By sending an overly long HTTP request, an attacker can overrun a buffer and execute arbitrary code.
|
2009-10-08
|
httpdx http.cpp h_handlepeer() Function Overflow
|
|
58831
Description:
Unknown / Incomplete
|
2009-10-08
|
Quick.Cart Admin Setting Manipulation CSRF
|
