[CLOSE] OSVDB ID : 54175 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that update pages, as demonstrated by a URL for a save script in the SRC attribute of an IMG element, a related issue to CVE-2009-1434.

[CLOSE] OSVDB ID : 54625 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.

[CLOSE] OSVDB ID : 54168 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors.

[CLOSE] OSVDB ID : 54170 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in Mercury Audio Player 1.21 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .b4s or (2) .pls playlist file.

[CLOSE] OSVDB ID : 54177 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

[CLOSE] OSVDB ID : 54265 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.4 and 3.5.x before 3.5.2, as used in Flash Media Interactive Server and Flash Media Streaming Server, allows remote attackers to execute arbitrary remote procedures within an ActionScript file on the server via RPC requests.

[CLOSE] OSVDB ID : 54169 - Disclosed: 2009-04-30

Description:

Storm is prone to an overflow condition. The MPS.StormPlayer.1 ActiveX control fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted website, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 54243 - Disclosed: 2009-04-30

Description:

Googe Chrome contains a flaw that may allow a remote denial of service. The issue is triggered when NULL-pointer deference occurs, and will result in loss of availability for the service

[CLOSE] OSVDB ID : 54402 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via an admin.system.files (aka Manage Files) request to the default URI, then accessing the file via a direct request.

[CLOSE] OSVDB ID : 54403 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the msg parameter (aka the message in an article comment) or (2) the searchterm parameter (aka the search post form). NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 54404 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the msg parameter (aka the message in an article comment) or (2) the searchterm parameter (aka the search post form). NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 54405 - Disclosed: 2009-04-30

Description:

Leap CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the leap.php script not properly sanitizing user-supplied input to the 'searchterm' and 'email' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 54558 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files via an avatar file with an accepted Content-Type such as image/gif, then requesting the file in admin/banners/.

[CLOSE] OSVDB ID : 54670 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, which allows remote attackers to bypass virus detection via a crafted message, as demonstrated by a message with an X-Testing header and no message body.

[CLOSE] OSVDB ID : 63343 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Mercury Audio Player 1.21 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file.

[CLOSE] OSVDB ID : 56040 - Disclosed: 2009-04-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 56039 - Disclosed: 2009-04-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 55877 - Disclosed: 2009-04-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 55878 - Disclosed: 2009-04-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 55879 - Disclosed: 2009-04-29

Description:

By default, LevelOne AMG-2000 devices install with two default accounts. The 'operator' account has a password of 'operator' and the 'manager' account has a password of 'manager', both of which are publicly known and documented. This allows attackers to trivially access the program or system.

[CLOSE] OSVDB ID : 54166 - Disclosed: 2009-04-29

Description:

Tiger DMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.php script not properly sanitizing user-supplied input to the username and password parameters. This may allow an attacker to bypass authentication.

[CLOSE] OSVDB ID : 54126 - Disclosed: 2009-04-29

Description:

@mail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate ''type' and 'func' parameters upon submission to the 'webadmin/admin.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 54396 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/.

[CLOSE] OSVDB ID : 54137 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method.

[CLOSE] OSVDB ID : 55259 - Disclosed: 2009-04-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 54145 - Disclosed: 2009-04-29

Description:

Coppermine Photo Gallery contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'css' parameter upon submission to the 'docs/showdoc.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 54155 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.

[CLOSE] OSVDB ID : 54149 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : The Node Access User Reference module 5.x before 5.x-2.0-beta4 and 6.x before 6.x-2.0-beta6, a module for Drupal, interprets an empty CCK user reference as a reference to the anonymous user, which might allow remote attackers to bypass intended access restrictions to read or modify a node.

[CLOSE] OSVDB ID : 54148 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in Foswiki before 1.0.5 allows remote attackers to hijack the authentication of arbitrary users for requests that modify pages, change permissions, or change group memberships, as demonstrated by a URL for a (1) save or (2) view script in the SRC attribute of an IMG element, a related issue to CVE-2009-1339.

[CLOSE] OSVDB ID : 54150 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x before 5.x-1.2 and 6.x-1.x-dev before April 13, 2009, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via EXIF tags in an image.

[CLOSE] OSVDB ID : 54151 - Disclosed: 2009-04-29

Description:

News Page Module for Drupal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the News Page nodes not properly sanitizing user-supplied input to the 'Keywords' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 54152 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows remote attackers to inject arbitrary web script or HTML via crafted UTF-8 byte sequences before the Content-Type meta tag, which are treated as UTF-7 by Internet Explorer 6 and 7.

[CLOSE] OSVDB ID : 54154 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in the Fivestar module 5.x-1.x before 5.x-1.14 and 6.x-1.x before 6.x-1.14, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users for requests that cast votes.

[CLOSE] OSVDB ID : 54173 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors.

[CLOSE] OSVDB ID : 54153 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows user-assisted remote attackers to obtain sensitive information by tricking victims into visiting the front page of the site with a crafted URL and causing form data to be sent to an attacker-controlled site, possibly related to multiple / (slash) characters that are not properly handled by includes/bootstrap.inc, as demonstrated using the search box. NOTE: this vulnerability can be leveraged to conduct cross-site request forgery (CSRF) attacks.

[CLOSE] OSVDB ID : 54187 - Disclosed: 2009-04-29

Description:

Jetty contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate content preceding a ";" for directory listing URLs. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 54195 - Disclosed: 2009-04-29

Description:

eLitius contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'banner-details.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 54197 - Disclosed: 2009-04-29

Description:

ProjectCMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'sn' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 63340 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Stack-based buffer overflow in dicas Mpegable Player 2.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .YUV file.

[CLOSE] OSVDB ID : 54157 - Disclosed: 2009-04-28

Description:

(Description Provided by CVE) : The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.