[CLOSE] OSVDB ID : 79878 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/type1/t1load.c. The issue is triggered as user-supplied input is not properly validated during the handling of a loader font dictionary entry. With a specially crafted data in a Type1 font, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 80231 - Disclosed: 2012-02-23

Description:

Novell ZENworks Configuration Management is prone to an overflow condition. The PreBoot service fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted 0x6c or 0x4c opscode, a local attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79475 - Disclosed: 2012-02-23

Description:

[PRODUCT] contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the wp-content/plugins/magn-html5-drag-drop-media-uploader/dndupload.phpscript does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 79479 - Disclosed: 2012-02-23

Description:

Crop and Square Thumbnails (tkcropthumbs) Extension for TYPO3 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79480 - Disclosed: 2012-02-23

Description:

Crop and Square Thumbnails (tkcropthumbs) Extension for TYPO3 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing certain unspecified user-supplied input before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79481 - Disclosed: 2012-02-23

Description:

The Typo3 eXtplorer (t3extplorer) contains a flaw that may allows an attacker to traverse outside of a restricted path and possibly access arbitrary files. No further details have been provided.

[CLOSE] OSVDB ID : 79482 - Disclosed: 2012-02-23

Description:

TC BE User Admin (tc_beuser) Extension for TYPO3 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79483 - Disclosed: 2012-02-23

Description:

Predigtsammlung (an_predigten) Extension for TYPO3 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing certain unspecified user-supplied input before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79484 - Disclosed: 2012-02-23

Description:

The PDF Controller (pdfcontroller) extension for TYPO3 contains a flaw that may allow an attacker to possibly execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 79485 - Disclosed: 2012-02-23

Description:

The PDF Controller (pdfcontroller) extension for TYPO3 contains a flaw that may allow an attacker to disclose sensitive information. No further details have been provided.

[CLOSE] OSVDB ID : 79486 - Disclosed: 2012-02-23

Description:

Share Your Car (cc20) Extension for TYPO3 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79487 - Disclosed: 2012-02-23

Description:

Share Your Car (cc20) Extension for TYPO3 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing certain unspecified user-supplied input before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79488 - Disclosed: 2012-02-23

Description:

JW Player (jwplayer) Extension for TYPO3 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79489 - Disclosed: 2012-02-23

Description:

JW Player (jwplayer) Extension for TYPO3 contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing certain unspecified user-supplied input before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79509 - Disclosed: 2012-02-23

Description:

The Linux Kernel contains a flaw that may allow a local denial of service. The issue is due to a logical error of the do_traps() function within the software interrupt handler when preemption is enabled, which causes a kernel panic resulting in a loss of availability.

[CLOSE] OSVDB ID : 79505 - Disclosed: 2012-02-23

Description:

The Cisco Small Business SRP520 / SRP540 series contain a flaw related to the web management interface. The issue is due to the application not validating certain HTTP requests which may allow a remote attacker to execute arbitrary commands.

[CLOSE] OSVDB ID : 79492 - Disclosed: 2012-02-23

Description:

Csound is prone to an overflow condition. The getnum() function in util/pv_import.c fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted PVOC file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 79506 - Disclosed: 2012-02-23

Description:

The Cisco Small Business SRP520 / SRP540 series contain a flaw related to authentication management. The issue is due to the application not providing authentication checks when processing certain web requests, which may allow a remote attacker to upload arbitrary configuration files.

[CLOSE] OSVDB ID : 79643 - Disclosed: 2012-02-23

Description:

The Cookpad and Cookpad Noseru application for Android contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an unspecified error within the WebView class, which will disclose information contained in the application to a remote attacker.

[CLOSE] OSVDB ID : 79654 - Disclosed: 2012-02-23

Description:

Kadu contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via SMS or user status messages before returning it for the viewing of a user in the chat history. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79873 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/bdf/bdflib.c. The issue is triggered as user-supplied input is not properly validated. With a specially crafted glyph or bitmap information in a BDF font, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 79874 - Disclosed: 2012-02-23

Description:

FreeType contains a flaw in src/truetype/ttinterp.c that may allow a remote denial of service. The issue is triggered when a NULL pointer dereference occurs in the Zone2 pointer. With a specially crafted TrueType font file, a context-dependent attacker can cause a loss of availability for the program.

[CLOSE] OSVDB ID : 79876 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/pcf/pcfread.c. The issue is triggered as user-supplied input is not properly validated when loading properties. With a specially crafted PFC font, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 79877 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/smooth/ftsmooth.c. The issue is triggered as user-supplied input is not properly validated. With a specially crafted cell table recording, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 79880 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/bdf/bdflib.c. The issue is triggered as user-supplied input is not properly validated. With a specially crafted glyph or bitmap information in a BDF font, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 79881 - Disclosed: 2012-02-23

Description:

FreeType contains an overflow condition in src/type1/t1parse.c. The issue is triggered as user-supplied input is not properly validated. With a specially crafted private-dictionary data in a Type 1 font, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 79446 - Disclosed: 2012-02-23

Description:

SB Uploader Plugin for WordPress contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the wp-content/plugins/sb-uploader/sb_uploader.php script does not properly verify uploaded files. This may allow a user to create a specially crafted PHP script that would execute arbitrary PHP code when uploaded.

[CLOSE] OSVDB ID : 79458 - Disclosed: 2012-02-23

Description:

SocialCMS Enterprise contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'search.php' script not properly sanitizing user-supplied input to the 'category' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79490 - Disclosed: 2012-02-23

Description:

Elefant CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the apps/admin/handlers/preview.php script does not validate the 'layout', 'title', 'window_title' and 'body' parameters upon submission to the admin/preview script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79470 - Disclosed: 2012-02-23

Description:

Movable Type contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'dbuser' parameter upon submission to the '/cgi-bin/mt/mt-wizard.cgi' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79471 - Disclosed: 2012-02-23

Description:

Movable Type contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate user-supplied input upon submission to various unspecified templates. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79672 - Disclosed: 2012-02-23

Description:

Linux Kernel contains a flaw in the Common Internet File System (CIFS) component that may allow a local denial of service. The issue is due to an error in the cifs_lookup function in fs/cifs/dir.c. With an attempted access to a samba share, a local attacker can crash the systems of users that have access to the same samba share.

[CLOSE] OSVDB ID : 80765 - Disclosed: 2012-02-23

Description:

PTK Forensics contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions of the /lib/logout.php script. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into forcing administrators to logout in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 87732 - Disclosed: 2012-02-23

Description:

Front End User Registration (sr_feuser_register) Extension for TYPO3 contains a flaw that may lead to an unauthorized information disclosure. The issue is due to user password information being stored in cleartext. This may allow a remote attacker to gain access to user password information via the edit prespective.

[CLOSE] OSVDB ID : 87731 - Disclosed: 2012-02-23

Description:

Front End User Registration (sr_feuser_register) Extension for TYPO3 contains a flaw that may lead to an unauthorized information disclosure. The issue is due to user password information being stored in plaintext, and being sent via GET request during a redirect after autologin.

[CLOSE] OSVDB ID : 91172 - Disclosed: 2012-02-23

Description:

Apache Wicket contains a flaw that is triggered when appending a URL with %10, %13, or %20. This may allow a remote attacker to bypass the file extension filters in the PackageResourceGuard functionality.

[CLOSE] OSVDB ID : 79455 - Disclosed: 2012-02-22

Description:

Chyrp contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'body' parameter upon submission to the includes/error.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79457 - Disclosed: 2012-02-22

Description:

SocialCMS Enterprise contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the ' TR_name' parameter upon submission to the 'ajax/commentajax.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79466 - Disclosed: 2012-02-22

Description:

The FAQ module for Drupal contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'title' parameter upon submission to faq.admin.inc. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79468 - Disclosed: 2012-02-22

Description:

OneForum contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the topic.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.