[CLOSE] OSVDB ID : 73001 - Disclosed: 2011-02-08

Description:

Adobe Shockwave Player contains a flaw that is triggered by an input validation error in the dirapi.dll module. This may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 73000 - Disclosed: 2011-02-08

Description:

Adobe Shockwave Player contains a flaw that is triggered by an input validation error in the TextXtra module. This may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 72999 - Disclosed: 2011-02-08

Description:

Adobe Shockwave Player contains a flaw that is triggered by an input validation error in the 3d asset module. This may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 72998 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The program fails to sanitize user-supplied input when an unspecified error occurs resulting in memory corruption. This may allow an attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 72997 - Disclosed: 2011-02-08

Description:

Adobe Shockwave Player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 70813 - Disclosed: 2011-02-08

Description:

Microsoft Office PowerPoint contains a flaw related to the parsing of external objects within an OfficeArt container. This may allow a context-dependent attacker to append an uninitialised object to a list and later use a specially crafted file to dereference it, allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 71558 - Disclosed: 2011-02-08

Description:

Apache Tomcat contains a flaw that allows a local attacker to traverse outside of a restricted path. The issue is due to the 'SecurityManager' not properly making the 'ServletContext' attribute read-only, allowing for directory traversal style attacks (e.g., ../../). This directory traversal attack would allow the attacker to manipulate arbitrary files.

[CLOSE] OSVDB ID : 71557 - Disclosed: 2011-02-08

Description:

The HTML Manager Interface in Apache Tomcat contains multiple flaws that allow a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input related to the display-name tag before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72524 - Disclosed: 2011-02-08

Description:

(Description Provided by CVE) : crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.

[CLOSE] OSVDB ID : 72527 - Disclosed: 2011-02-08

Description:

(Description Provided by CVE) : The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.

[CLOSE] OSVDB ID : 70831 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when accessing unitialized or deleted objects, resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 70832 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when accessing unitialized or deleted objects, resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 70833 - Disclosed: 2011-02-08

Description:

Microsoft Internet Explorer contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the program does not properly handle the loading of .dll files, allowing a context-dependent attacker to gain privileges equal to that of the logged-on user through use of a legitimate HTML file and crafted .dll file.

[CLOSE] OSVDB ID : 70828 - Disclosed: 2011-02-08

Description:

Microsoft Visio contains a flaw related to the parsing of VisioDocoument streams. The program raises an exception when handling a malformed stream, and attempts to access the vtable of an unitialized object. This may allow a context-dependent attacker to use a crafted Visio file to execute arbitrary code.

[CLOSE] OSVDB ID : 70829 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Microsoft Visio. The product fails to sanitize user-supplied input when handling crafted Visio files, resulting in memory corruption. With a specially crafted Visio file, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 70804 - Disclosed: 2011-02-08

Description:

Conky's 'eve' Module contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the '/tmp/.cesf' file creating temporary files insecurely. It is possible for a local attacker to use a symlink attack to cause the program to unexpectedly write to, or overwrite an attacker specified file.

[CLOSE] OSVDB ID : 70883 - Disclosed: 2011-02-08

Description:

DESlock+ contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when vdlptokn.sys fails to validate a user-supllied pointer, allowing a local attacker to gain SYSTEM privileges.

[CLOSE] OSVDB ID : 70826 - Disclosed: 2011-02-08

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the Client/Server Run-time Subsystem improperly terminates a process when a user logs off, allowing a local attacker to run a program which monitors user actions, disclosing potentially sensitive information from subsequent users, including logon credentials.

[CLOSE] OSVDB ID : 70834 - Disclosed: 2011-02-08

Description:

Microsoft Windows' implementation of Kerberos contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when Kerberos supports a weak hashing mechanism, allowing a local authenticated attacker to forge certain aspects of a Kerberos service ticket. This may allow the attacker to gain a token with elevated privileges.

[CLOSE] OSVDB ID : 70818 - Disclosed: 2011-02-08

Description:

Microsoft Windows contains a flaw related to improper user input validation that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers validate data supplied from user mode to kernel mode, allowing a local authenticated attacker to gain administrative privileges.

[CLOSE] OSVDB ID : 70821 - Disclosed: 2011-02-08

Description:

Microsoft OpenType Compact Font Format (CFF) driver contains a flaw related to the parsing of crafted OpenType fonts. This may allow a context-dependent attacker to use a crafted web page containing these fonts to execute arbitrary code.

[CLOSE] OSVDB ID : 70819 - Disclosed: 2011-02-08

Description:

Microsoft Windows contains a flaw related to insufficient user input validation that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers validate data supplied from user mode to kernel mode, allowing a local authenticated attacker to gain administrative privileges.

[CLOSE] OSVDB ID : 70816 - Disclosed: 2011-02-08

Description:

Microsoft Windows contains a flaw related to class pointer confusion that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers validate data supplied from user mode to kernel mode, allowing a local authenticated attacker to gain administrative privileges.

[CLOSE] OSVDB ID : 70814 - Disclosed: 2011-02-08

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel-mode drivers validate data supplied from user mode to kernel mode, allowing a local authenticated attacker to gain administrative privileges.

[CLOSE] OSVDB ID : 70823 - Disclosed: 2011-02-08

Description:

Microsoft Windows Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the kernel suffers from a bad conversion in its support for Trace Events, allowing a local attacker to cause a buffer overflow and gain elevated privileges which allow for the execution of arbitrary code under the context of the kernel.

[CLOSE] OSVDB ID : 70835 - Disclosed: 2011-02-08

Description:

Microsoft Windows contains a flaw related to the implementation of Kerberos. The issue is triggered when a man-in-the-middle attacker downgrades the Kerberos authentication to use DES. This may allow an attacker to impersonate a legitimate users' credentials.

[CLOSE] OSVDB ID : 70839 - Disclosed: 2011-02-08

Description:

Auto Database System Module for PHP-Fusion contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the infusions/car_list_panel/search.php script not properly sanitizing user-supplied input to the 'SEARCHSTRING' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 72854 - Disclosed: 2011-02-08

Description:

UMI.CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'name' parameter upon submission to the /admin/content/edit/PAGEID/do/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72852 - Disclosed: 2011-02-08

Description:

ViArt Shop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'manufacturer_name' parameter upon submission to the /admin/admin_manufacturer.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72851 - Disclosed: 2011-02-08

Description:

ViArt Shop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'html_below_footer' parameter upon submission to the /admin/admin_global_settings.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72850 - Disclosed: 2011-02-08

Description:

ViArt Shop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'item_id' parameter upon submission to the /admin/admin_product.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72849 - Disclosed: 2011-02-08

Description:

UMI.CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'name' parameter upon submission to the /admin/news/edit/4/do/ script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72507 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The program fails to sanitize user-supplied input when parsing 3D in director movies, resulting in memory corruption. With a specially crafted 3D Assets 0xFFFFFF88 type record in a director movie, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 72508 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The program fails to sanitize user-supplied input when parsing 3D in director movies, resulting in memory corruption. With a specially crafted 3D Assets 0xFFFFFF45 type record containing a large count value in a director movie, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 72509 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The program fails to sanitize user-supplied input when parsing substructures referenced by the CSWV RIFF chunk, resulting in memory corruption. With a specially crafted CSWV RIFF chunk within a Director movie, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 73280 - Disclosed: 2011-02-08

Description:

PHPXref contains a flaw that allows a remote cross site redirection attack. This flaw exists because the application does not validate certain user-supplied input upon submission to the nav.html script. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Such attacks are useful as the crafted URL initially appear to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client side software such as a web browser or document rendering programs.

[CLOSE] OSVDB ID : 72510 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The dirapi.dll module fails to sanitize user-supplied input when parsing director movies, resulting in memory corruption. With a specially crafted director movie containing an IFWV chunk with a size field of 0, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 72511 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The TextXtra.x32 module fails to sanitize user-supplied input parsing DEMX RIFF chunks within Director files, resulting in memory corruption. With a specially crafted Director file with a crafted DEMX RIFF chunk, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 72512 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The Font Xtra.x32 module fails to sanitize user-supplied input when parsing font structures in Director movie files, resulting in memory corruption. With a specially crafted Director movie file containing crafted font structures, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 72513 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The IML32 module fails to sanitize user-supplied input when parsing GIF files within a director movie, resulting in memory corruption. With a specially crafted GIF image with a crafted global color table size value within a director movie, a context-dependent attacker can execute arbitrary code.