[CLOSE] OSVDB ID : 60861 - Disclosed: 2009-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 60543 - Disclosed: 2009-11-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX control in MyActiveX.ocx 1.4.8.0 in Haihaisoft Universal Player allows remote attackers to execute arbitrary code via a long URL property value. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 61116 - Disclosed: 2009-11-30

Description:

(Description Provided by CVE) : Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that leverages a second web server within the same domain.

[CLOSE] OSVDB ID : 60569 - Disclosed: 2009-11-30

Description:

(Description Provided by CVE) : rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length.

[CLOSE] OSVDB ID : 60584 - Disclosed: 2009-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 60611 - Disclosed: 2009-11-30

Description:

(Description Provided by CVE) : Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

[CLOSE] OSVDB ID : 60788 - Disclosed: 2009-11-30

Description:

(Description Provided by CVE) : The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function.

[CLOSE] OSVDB ID : 60841 - Disclosed: 2009-11-30

Description:

MusicGallery Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 60869 - Disclosed: 2009-11-30

Description:

(Description Provided by CVE) : Feature Pack for Communications Enabled Applications (CEA) before 1.0.0.1 for IBM WebSphere Application Server 7.0.0.7 uses predictable session values, which allows man-in-the-middle attackers to spoof a collaboration session by guessing the value.

[CLOSE] OSVDB ID : 61261 - Disclosed: 2009-11-30

Description:

SmartMedia Module for XOOPS contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'categoryid' parameter upon submission to the 'folder.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 61262 - Disclosed: 2009-11-30

Description:

Content Module for XOOPS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'modules/content/index.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 63301 - Disclosed: 2009-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 63298 - Disclosed: 2009-11-30

Description:

Xxasp contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the ShareList.asp script not properly sanitizing user-supplied input to the 'SearchCondition' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 64032 - Disclosed: 2009-11-30

Description:

Quick News Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'newsid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69925 - Disclosed: 2009-11-30

Description:

IBM Lotus Notes Traveler contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker uses unspecified vectors to cause a denial of service via a daemon crash.

[CLOSE] OSVDB ID : 60581 - Disclosed: 2009-11-29

Description:

SweetRice contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'in _plugin/subscriber/inc/post.php' script not properly sanitizing user input supplied to the 'root_dir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 60582 - Disclosed: 2009-11-29

Description:

SweetRice contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'as/lib/news_modify.php' script not properly sanitizing user input supplied to the 'root_dir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 60688 - Disclosed: 2009-11-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 60863 - Disclosed: 2009-11-29

Description:

SweetRice contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'as/lib/plugins.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'plugin' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 60955 - Disclosed: 2009-11-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 60609 - Disclosed: 2009-11-28

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a /Decode array for certain types of shading that are not properly handled by the (1) pdf_loadtype4shade, (2) pdf_loadtype5shade, (3) pdf_loadtype6shade, and (4) pdf_loadtype7shade functions. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 60669 - Disclosed: 2009-11-28

Description:

(Description Provided by CVE) : HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.

[CLOSE] OSVDB ID : 60670 - Disclosed: 2009-11-28

Description:

(Description Provided by CVE) : HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3099 and CVE-2009-3843.

[CLOSE] OSVDB ID : 60844 - Disclosed: 2009-11-28

Description:

phpBazar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'classified.php' script not properly sanitizing user-supplied input to the 'catid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 61123 - Disclosed: 2009-11-28

Description:

(Description Provided by CVE) : The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322.

[CLOSE] OSVDB ID : 61244 - Disclosed: 2009-11-28

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6."

[CLOSE] OSVDB ID : 61339 - Disclosed: 2009-11-28

Description:

(Description Provided by CVE) : The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.

[CLOSE] OSVDB ID : 60515 - Disclosed: 2009-11-27

Description:

(Description Provided by CVE) : Argument injection vulnerability in the traceroute function in Traceroute.php in the Net_Traceroute package before 0.21.2 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 60513 - Disclosed: 2009-11-27

Description:

(Description Provided by CVE) : Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allows remote FTP servers to cause a denial of service and possibly execute arbitrary code via unspecified FTP server responses. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 60518 - Disclosed: 2009-11-27

Description:

LyftenBloggie Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'author' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 60594 - Disclosed: 2009-11-27

Description:

Micronet SP1910 Network Access Controller contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'msg' parameter upon submission to the 'loginpages/error_user.shtml' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 61430 - Disclosed: 2009-11-27

Description:

(Description Provided by CVE) : The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.

[CLOSE] OSVDB ID : 61431 - Disclosed: 2009-11-27

Description:

(Description Provided by CVE) : Unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (instance crash) by compiling a SQL query.

[CLOSE] OSVDB ID : 60514 - Disclosed: 2009-11-26

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache daemon) in Sun Solaris 9 and 10, and OpenSolaris before snv_78, allow local users to cause a denial of service (daemon crash) via vectors involving multiple serviceSearchDescriptor attributes and a call to the getldap_lookup function, and unspecified other vectors.

[CLOSE] OSVDB ID : 60521 - Disclosed: 2009-11-26

Description:

(Description Provided by CVE) : The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

[CLOSE] OSVDB ID : 60519 - Disclosed: 2009-11-26

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page.

[CLOSE] OSVDB ID : 60517 - Disclosed: 2009-11-26

Description:

GCalendar Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'gcid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 60520 - Disclosed: 2009-11-26

Description:

(Description Provided by CVE) : The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent anonymous users from accessing functionality related to determination of the need for an upgrade, which allows remote attackers to access version information and possibly other sensitive information.

[CLOSE] OSVDB ID : 60544 - Disclosed: 2009-11-26

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote attackers to inject arbitrary web script or HTML via vectors involving non-printing ASCII characters, related to HTML::Tokenizer and actionpack/lib/action_controller/vendor/html-scanner/html/node.rb.

[CLOSE] OSVDB ID : 60612 - Disclosed: 2009-11-26

Description:

Eshopbuilde CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'home-f.asp' script not properly sanitizing user-supplied input to the 'sitebid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.