| OSVDB ID | Disclosure Date | Title |
|---|
|
61981
Description:
(Description Provided by CVE) : Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files.
|
2010-01-20
|
Tor Client IP Address Logging Client Identity Local Disclosure
|
|
62058
Description:
(Description Provided by CVE) : A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files.
|
2010-01-20
|
Linux Kernel on Red Hat qla2xxx Driver SCSI Host Local Modification
|
|
64134
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname (aka the REMOTE_HOST variable), related to the CookielessGenerateFilename and CookielessReadFile functions.
|
2010-01-20
|
VP-ASP Shopping Cart shopsessionsubs.asp DNS Hostname XSS
|
|
64450
Description:
Unknown / Incomplete
|
2010-01-20
|
vBulletin validator.php Arbitrary File / Directory Disclosure
|
|
64533
Description:
Unknown / Incomplete
|
2010-01-20
|
Microsoft IE document.createElement NULL Dereference DoS
|
|
61853
Description:
(Description Provided by CVE) : ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
|
2010-01-19
|
ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
|
|
61854
Description:
(Description Provided by CVE) : The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."
|
2010-01-19
|
Microsoft Windows Virtual DOS Machine (VDM) Subsystem #GP Trap Handler (nt!KiTrap0D) Local Privilege Escalation
|
|
61848
Description:
(Description Provided by CVE) : Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
|
2010-01-19
|
HP Power Manager /goform/formExportDataLogs fileName Parameter Overflow
|
|
61843
Description:
Unknown / Incomplete
|
2010-01-19
|
SAP Web Application Server (WebAS) Integrated ITS Unspecified Remote Overflow
|
|
61865
Description:
(Description Provided by CVE) : Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query.
|
2010-01-19
|
Tor Bridge Directory Authority dbg-stability.txt Directory Query Bridge Identity Disclosure
|
|
64910
Description:
Unknown / Incomplete
|
2010-01-19
|
XOOPS unlink Function Arbitrary File Deletion
|
|
64911
Description:
Unknown / Incomplete
|
2010-01-19
|
XOOPS Location: Header HTTP Response Splitting
|
|
61817
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'attach.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB attach.php/ URI SQL Injection
|
|
61826
Description:
(Description Provided by CVE) : Multiple unrestricted file upload vulnerabilities in (1) register.php and (2) addvideo.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allow remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
|
2010-01-19
|
Bits Video Script addvideo.php File Upload Arbitrary PHP Code Execution
|
|
61831
Description:
(Description Provided by CVE) : MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.
|
2010-01-19
|
MoinMoin sys.argv Traversal Arbitrary File Disclosure
|
|
61818
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'contactus.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB contactus.php/ URI SQL Injection
|
|
61819
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'memberlist.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB memberlist.php/ URI SQL Injection
|
|
61820
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'misc.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB misc.php/ URI SQL Injection
|
|
61821
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'newreply.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB newreply.php/ URI SQL Injection
|
|
61822
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'newtopic.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB newtopic.php URI SQL Injection
|
|
61823
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'pm.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB pm.php URI SQL Injection
|
|
61824
Description:
Unknown / Incomplete
|
2010-01-19
|
MySmartBB register.php/ URI SQL Injection
|
|
61825
Description:
MySmartBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'search.php' script not properly sanitizing user-supplied input passed via the URL. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-01-19
|
MySmartBB search.php/ URI SQL Injection
|
|
61827
Description:
Bits Video Script contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'order' parameter upon submission to the 'search.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-01-19
|
Bits Video Script search.php order Parameter XSS
|
|
61845
Description:
(Description Provided by CVE) : LookMer Music Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for dbmdb/LookMerSarkiMDB.mdb.
|
2010-01-19
|
LookMer Music Portal dbmdb/LookMerSarkiMDB.mdb Direct Request Database Disclosure
|
|
61849
Description:
(Description Provided by CVE) : Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
|
2010-01-19
|
HP Power Manager /goform/formExportDataLogs fileName Parameter Traversal Arbitrary File Overwrite
|
|
61852
Description:
(Description Provided by CVE) : Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap CVE-2010-0272 and CVE-2010-0273.
|
2010-01-19
|
Sun Java System Web Server TRACE Request Handling Overflow
|
|
61885
Description:
(Description Provided by CVE) : Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.
|
2010-01-19
|
Apple Mac OS X CoreAudio MP4 File Handling Overflow
|
|
61886
Description:
(Description Provided by CVE) : Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.
|
2010-01-19
|
Apple Mac OS X Image RAW DNG File Handling Overflow
|
|
61893
Description:
(Description Provided by CVE) : Multiple unrestricted file upload vulnerabilities in (1) register.php and (2) addvideo.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allow remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
|
2010-01-19
|
Bits Video Script register.php File Upload Arbitrary PHP Code Execution
|
|
61901
Description:
(Description Provided by CVE) : Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file.
|
2010-01-19
|
Adobe Shockwave Player Crafted 3D Model Handling Overflow
|
|
61902
Description:
(Description Provided by CVE) : Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption.
|
2010-01-19
|
Adobe Shockwave Player Unspecified Block Type Overflow
|
|
61903
Description:
(Description Provided by CVE) : Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption.
|
2010-01-19
|
Adobe Shockwave Player Unspecified 3D Block Overflow
|
|
61904
Description:
(Description Provided by CVE) : Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption.
|
2010-01-19
|
Adobe Shockwave Player Crafted 3D Model Memory Corruption Overflow
|
|
61965
Description:
(Description Provided by CVE) : Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption.
|
2010-01-19
|
RealNetworks Multiple Products Invalid ASMRuleBook Structure Overflow
|
|
61966
Description:
(Description Provided by CVE) : Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.
|
2010-01-19
|
RealNetworks Multiple Products Crafted GIF File Chunk Size Overflow
|
|
61968
Description:
(Description Provided by CVE) : Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation.
|
2010-01-19
|
RealNetworks Multiple Products SIPR Codec Field Handling Overflow
|
|
61969
Description:
(Description Provided by CVE) : Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.
|
2010-01-19
|
RealNetworks Multiple Products Compressed GIF File Handling Overflow
|
|
61970
Description:
(Description Provided by CVE) : Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values.
|
2010-01-19
|
RealNetworks Multiple Products RJS Skin File Handling Overflow
|
|
61972
Description:
(Description Provided by CVE) : Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request.
|
2010-01-19
|
RealNetworks Multiple Products CMediumBlockAllocator::Alloc Method Crafted RTSP SET_PARAMETER Handling Overflow
|
