[CLOSE] OSVDB ID : 70416 - Disclosed: 2011-01-11

Description:

Nokia Multimedia Player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted NPL file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70402 - Disclosed: 2011-01-11

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when the ASN.1 BER dissector suffers from an assertation failure, allowing a remote attacker to cause a denial of service via crafted packets.

[CLOSE] OSVDB ID : 70403 - Disclosed: 2011-01-11

Description:

Wireshark is prone to an overflow condition. The MAC-LTE dissector fails to properly sanitize user-supplied input resulting in a buffer overflow. With a saturation of RAR files, a context-dependent attacker can cause a denial of service. It is possible, though not yet confirmed, that this may allow the execution of arbitrary code as well.

[CLOSE] OSVDB ID : 70405 - Disclosed: 2011-01-11

Description:

The supportconfig script in supportutils does not 'disguise passwords' in configuration files, resulting in an unspecified impact. No further details have been provided.

[CLOSE] OSVDB ID : 70427 - Disclosed: 2011-01-11

Description:

Sybase EAServer contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the program not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via unspecified parameters. This directory traversal attack would allow the attacker to read arbitrary files.

[CLOSE] OSVDB ID : 70428 - Disclosed: 2011-01-11

Description:

Sybase EAServer contains an unspecified flaw that may be exploited to install arbitrary web services. No further details have been provided.

[CLOSE] OSVDB ID : 70430 - Disclosed: 2011-01-11

Description:

VaM Shop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'status' upon submission to the 'admin/orders.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70431 - Disclosed: 2011-01-11

Description:

VaM Shop contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of user permissions. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70444 - Disclosed: 2011-01-11

Description:

Microsoft Data Access Components and Windows Data Access Components fail to properly validate memory allocation for internal data structures. This may allow a remote attacker to execute arbitrary code via a large CacheSize property that triggers an integer wrap and buffer overflow.

[CLOSE] OSVDB ID : 70445 - Disclosed: 2011-01-11

Description:

Contents-Mall contains a flaw related to the way it handles passwords that may disclose the administrator password to an attacker. No further details have been provided.

[CLOSE] OSVDB ID : 70474 - Disclosed: 2011-01-11

Description:

HP OpenView Network Node Manager contains a Format string vulnerability in 'nnmRptConfig.exe'. The issue is triggered when the application uses user supplied data as a format specifier during creation of an error message when parsing an invalid template name. This may be exploited by a remote attacker via a crafted invalid template name to execute arbitrary code.

[CLOSE] OSVDB ID : 70603 - Disclosed: 2011-01-11

Description:

VaM Shop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'STORE_NAME' upon submission to the 'admin/configuration.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70673 - Disclosed: 2011-01-11

Description:

PivotX contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'color' parameter upon submission to the 'pivotx/includes/blogroll.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70674 - Disclosed: 2011-01-11

Description:

PivotX contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'src' parameter upon submission to the 'pivotx/includes/timwrapper.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71528 - Disclosed: 2011-01-11

Description:

WebKit contains a use-after-free error in the 'DOMWindow::scrollTo' function in WebCore/page/DOMWindow.cpp when handling a scrollbar being deleted by its own scroll event. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 72071 - Disclosed: 2011-01-11

Description:

Energine contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the ProductList.class.php script not properly sanitizing user-supplied input passed via the search facility to the 'product' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 72066 - Disclosed: 2011-01-11

Description:

Energine contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends a direct request to the core/modules/shop/components/Order.class.php or core/modules/shop/components/ParamValuesEditor.class.php script, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 72072 - Disclosed: 2011-01-11

Description:

Energine contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the UserEditor.class.php script does not require multiple steps or explicit confirmation for sensitive transactions for the arbitrary manipulation of user data. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 72011 - Disclosed: 2011-01-11

Description:

diafan.CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'descr' parameter upon submission to the /admin/news/saveNEWS_ID script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72010 - Disclosed: 2011-01-11

Description:

diafan.CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'text' parameter upon submission to the admin/site/save2 script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72127 - Disclosed: 2011-01-11

Description:

Cambio contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the modules/user/user.admin.php script does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of user data. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 72126 - Disclosed: 2011-01-11

Description:

whCMS contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the modules/user/user.admin.php script does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of user data. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 72121 - Disclosed: 2011-01-11

Description:

PHP-Nuke Search contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'search' field upon submission to the modules.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 73348 - Disclosed: 2011-01-11

Description:

(Description Provided by CVE) : The Security component in IBM WebSphere Application Server (WAS) before 7.0.0.15, when a J2EE 1.4 application is used, determines the security role mapping on the basis of the ibm-application-bnd.xml file instead of the intended ibm-application-bnd.xmi file, which might allow remote authenticated users to gain privileges in opportunistic circumstances by requesting a service.

[CLOSE] OSVDB ID : 70600 - Disclosed: 2011-01-10

Description:

HP Business Availability Center contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70723 - Disclosed: 2011-01-10

Description:

Newv SmartClient NewvCommon ActiveX contains a flaw related to the NewvCommon.ocx control. The 'DelFile()' method does not properly handle user-supplied input, which may allow a remote attacker to delete arbitrary files.

[CLOSE] OSVDB ID : 70475 - Disclosed: 2011-01-10

Description:

HP OpenView Network Node Manager contains a flaw related to the CGI scripts failure to properly validate an unspecified parameter. This may be exploited by a remote attacker via a command string for this parameter's value to execute arbitrary code.

[CLOSE] OSVDB ID : 70725 - Disclosed: 2011-01-10

Description:

Newv SmartClient NewvCommon ActiveX is prone to an overflow condition. The 'WriteTextFile()' method fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted overly long string passed as the 'FilePath' parameter, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 72058 - Disclosed: 2011-01-10

Description:

WikLink contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the editCategory.php not properly sanitizing user-supplied input to the 'fold' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 72059 - Disclosed: 2011-01-10

Description:

WikLink contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the editSite.php not properly sanitizing user-supplied input to the 'site' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 70448 - Disclosed: 2011-01-10

Description:

Sahana Disaster Management System contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'stream.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'mod' and 'stream_type' parameters. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 70406 - Disclosed: 2011-01-10

Description:

Webform Module for Drupal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to certain unspecified input not being sanitised before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 70397 - Disclosed: 2011-01-10

Description:

XMovie Component for Joomla! contains an unspecified flaw when uploading movies that may allow an attacker to include files from local resources. No further details have been provided.

[CLOSE] OSVDB ID : 70394 - Disclosed: 2011-01-10

Description:

tinyBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 70439 - Disclosed: 2011-01-10

Description:

A memory corruption flaw exists in Solar FTP Server. The program fails to sanitize user-supplied input when processing the 'PASV' command, resulting in memory corruption. With a specially crafted 'PASV' command with an overly long parameter, a remote attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 70449 - Disclosed: 2011-01-10

Description:

Sahana Disaster Management System contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the application fails to correctly restrict access to the 'admin' module, which will disclose configuration information to a remote attacker. This may also lead to the execution of arbitrary code through the uploading of crafted PHP scripts.

[CLOSE] OSVDB ID : 70469 - Disclosed: 2011-01-10

Description:

HP OpenView Network Node Manager contains a flaw related to the jovgraph.exe grapher's processing of malformed displayWidth options passed from the arg parameter. The issue is triggered when a remote attacker uses a crafted HTTP request to exploit this. This may allow an attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 70470 - Disclosed: 2011-01-10

Description:

HP OpenView Network Node Manager is prone to an overflow condition. The 'stringToSeconds' function in 'ovutil.dll 'in 'ovwebsnmpsrv.exe' fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted HTTP request, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70471 - Disclosed: 2011-01-10

Description:

HP OpenView Network Node Manager is prone to an overflow condition. ovas.exe in the OVAS service fails to properly sanitize user-supplied input resulting in multiple stack-based buffer overflows. With a specially crafted Source Node or Destination Node name POST variable, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70472 - Disclosed: 2011-01-10

Description:

HP OpenView Network Node Manager is prone to an overflow condition. The ovutil.dll component fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted COOKIE variable, a remote attacker can potentially execute arbitrary code.