[CLOSE] OSVDB ID : 71107 - Disclosed: 2011-02-25

Description:

OPS Old Post Spinner Plugin for WordPress contains a flaw that allows aremote attacker to traverse outside of a restricted path. The issue is due to the wp-content/plugins/old-post-spinner/logview.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'ops_file' parameter. This directory traversal attack would allow the attacker to access arbitrary files.

[CLOSE] OSVDB ID : 75101 - Disclosed: 2011-02-25

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 71166 - Disclosed: 2011-02-25

Description:

jQuery Mega Menu Widget Plugin for WordPress contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the wp-content/plugins/jquery-mega-menu/skin.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'skin' parameter. This directory traversal attack would allow the attacker to access arbitrary files.

[CLOSE] OSVDB ID : 71234 - Disclosed: 2011-02-25

Description:

iFileExplorer Free contains a flaw that allows a local attacker to traverse outside of a restricted path. The issue is due to the WIFI file transfer functionality not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the URL. This directory traversal attack would allow the attacker to access arbitrary files, such as the iPhone address book.

[CLOSE] OSVDB ID : 71409 - Disclosed: 2011-02-25

Description:

Foxit Phantom is prone to an overflow condition. The program suffers an integer overflow when parsing certain ICC chunks, which may be further exploited to cause a heap-based buffer overflow. With a specially crafted ICC chunks in a PDF file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 72690 - Disclosed: 2011-02-25

Description:

WebKit contains a use-after-free error in the 'RenderLineBoxList::dirtyLinesFromChangedChild' function in WebCore/rendering/RenderLineBoxList.cpp when removing DOM nodes (e.g. a text node adjacent to a word break node). With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 73516 - Disclosed: 2011-02-25

Description:

PHPShop contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'page' parameter upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 73720 - Disclosed: 2011-02-25

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 73702 - Disclosed: 2011-02-25

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 73703 - Disclosed: 2011-02-25

Description:

Pragyan CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'view' function not properly sanitizing user-supplied input to the 'thread_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 70994 - Disclosed: 2011-02-24

Description:

WP Forum Server Plugin for WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the /wp-content/plugins/forum-server/feed.php script not properly sanitizing user-supplied input to the 'topic' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 72987 - Disclosed: 2011-02-24

Description:

Control Microsystems ClearSCADA contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate unspecified input upon submission. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72988 - Disclosed: 2011-02-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 72989 - Disclosed: 2011-02-24

Description:

(Description Provided by CVE) : Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.

[CLOSE] OSVDB ID : 74729 - Disclosed: 2011-02-24

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

[CLOSE] OSVDB ID : 72796 - Disclosed: 2011-02-24

Description:

GNU C Library (glibc) contains an integer overflow condition in the 'fnmatch' function [posix/fnmatch.c] that is triggered as user-supplied UTF-8 strings are not properly validated. With a specially crafted string, a remote attacker can cause an out-of-bounds read access violation, crashing an application linked against the library.

[CLOSE] OSVDB ID : 71017 - Disclosed: 2011-02-24

Description:

Microsoft Malware Protection Engine contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when an error occurs during scanning, allowing a local attacker to gain LocalSystem privileges via a crafted registry key value.

[CLOSE] OSVDB ID : 74924 - Disclosed: 2011-02-24

Description:

MuPDF and SumatraPDF are prone to an overflow condition. The loadsamplefunc() function fails to properly sanitize user-supplied input resulting in a integer overflow. With a specially crafted PDF file, a context-dependent attacker can potentially compromise a user's system.

[CLOSE] OSVDB ID : 71236 - Disclosed: 2011-02-24

Description:

Relevanssi Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 's' parameter upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71117 - Disclosed: 2011-02-24

Description:

The Web Reporting module in F-Secure Policy Manager contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input passed via the URL before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71076 - Disclosed: 2011-02-24

Description:

SOPHIA CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the dsp_page.cfm script not properly sanitizing user-supplied input to the 'pageid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 71163 - Disclosed: 2011-02-24

Description:

GigPress Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not input passed via the 'Notes' field before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71111 - Disclosed: 2011-02-24

Description:

IWantOneButton Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'post_id' parameter upon submission to the wp-content/plugins/wantHave/updateAJAX.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71112 - Disclosed: 2011-02-24

Description:

IWantOneButton Plugin for WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the wp-content/plugins/wantHave/updateAJAX.php script not properly sanitizing user-supplied input to the 'post_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 71118 - Disclosed: 2011-02-24

Description:

The Web Reporting module in F-Secure Policy Manager contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker accesses an invalid report, such as 'via report/infection-table.html' or 'report/productsummary-table.html', which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 71184 - Disclosed: 2011-02-24

Description:

Cumulus Module for Drupal contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'tagcloud' parameter upon submission to the modules/cumulus/cumulus.swf script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 73718 - Disclosed: 2011-02-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 74925 - Disclosed: 2011-02-24

Description:

MuPDF and SumatraPDF are prone to an overflow condition. The fz_newpixmap() function fails to properly sanitize user-supplied input resulting in a integer overflow. With a specially crafted PDF file, a context-dependent attacker can potentially compromise a user's system.

[CLOSE] OSVDB ID : 71359 - Disclosed: 2011-02-23

Description:

Linux Kernel is prone to an overflow condition. The 'ldm_frag_add()' function in 'fs/partitions/ldm.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted LDM partition table, a physically present attacker can potentially gain elevated privileges or obtain sensitive information.

[CLOSE] OSVDB ID : 72584 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707.

[CLOSE] OSVDB ID : 73414 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.

[CLOSE] OSVDB ID : 72585 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.

[CLOSE] OSVDB ID : 72586 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352.

[CLOSE] OSVDB ID : 72587 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640.

[CLOSE] OSVDB ID : 72588 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685.

[CLOSE] OSVDB ID : 72589 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659.

[CLOSE] OSVDB ID : 72590 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671.

[CLOSE] OSVDB ID : 72593 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876.

[CLOSE] OSVDB ID : 72592 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.

[CLOSE] OSVDB ID : 72591 - Disclosed: 2011-02-23

Description:

(Description Provided by CVE) : The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.