[CLOSE] OSVDB ID : 79469 - Disclosed: 2012-02-22

Description:

DT Register Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php not properly sanitizing user-supplied input to the 'list1' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79472 - Disclosed: 2012-02-22

Description:

Movable Type contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of settings or data or insertion of script code. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 79474 - Disclosed: 2012-02-22

Description:

Movable Type contains a flaw related to the commenting and community feature. The issue is due to the application not validating user-supplied input upon submission to the commenting and community scripts that may allow a remote attacker to hijack other user's sessions.

[CLOSE] OSVDB ID : 79473 - Disclosed: 2012-02-22

Description:

Movable Type contains a flaw related to the file management system that may allow an attacker to execute arbitrary system commands. No further details have been provided.

[CLOSE] OSVDB ID : 79816 - Disclosed: 2012-02-22

Description:

Elefant CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the '/admin/pages', '/admin/versions', '/user/admin', '/blocks/admin', and '/blog/admin' scripts not properly sanitizing user-supplied input to the 'offset' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 80180 - Disclosed: 2012-02-22

Description:

Elefant CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to multiple admin scripts not properly sanitizing user-supplied input to the 'offset' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79437 - Disclosed: 2012-02-22

Description:

Libxml2 contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption.

[CLOSE] OSVDB ID : 79616 - Disclosed: 2012-02-22

Description:

Mobile Mp3 contains a flaw that allows an attacker to conduct an HTTP response splitting attack. This flaw exists because the application does not validate user-supplied input upon submission to the dl.php script. This could allow a remote attacker to insert arbitrary HTTP headers, which are included in a response sent to the server. If an application does not properly filter such a request, it could be used to inject additional headers that manipulate cookies, authentication status, or more.

[CLOSE] OSVDB ID : 80181 - Disclosed: 2012-02-22

Description:

Elefant CMS contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the execution of SQL queries. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 80230 - Disclosed: 2012-02-22

Description:

Novell ZENworks Configuration Management contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the PreBoot service not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 0x21 opcode. This directory traversal attack would allow the attacker to read arbitrary files on the system.

[CLOSE] OSVDB ID : 79649 - Disclosed: 2012-02-22

Description:

Sagem F@st 2604 contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of an arbitrary administrator's password. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 80812 - Disclosed: 2012-02-22

Description:

LimeSurvey contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the save.php script not properly sanitizing user-supplied input to the 'srid' and 'fieldnames' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 85776 - Disclosed: 2012-02-22

Description:

FAQ Module for Drupal contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'detailed_question' parameter upon submission to faq.module. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79443 - Disclosed: 2012-02-22

Description:

Samba is prone to an overflow condition. The application fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted Any Batched (AndX) request packet, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 80288 - Disclosed: 2012-02-22

Description:

WebKit contains a flaw in the 'RenderBlock::layoutInlineChildren' function in WebCore/rendering/RenderBlockLineLayout.cpp when handling the :first-letter pseudo element. This may cause a use-after-free in the 'WebCore::InlineBox::root' function. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 80813 - Disclosed: 2012-02-22

Description:

WebcamXP / Webcam7 contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the program not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the URL. This directory traversal attack would allow the attacker to read arbitrary files.

[CLOSE] OSVDB ID : 80810 - Disclosed: 2012-02-22

Description:

Brim contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php not properly sanitizing user-supplied input to the 'field' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 92869 - Disclosed: 2012-02-22

Description:

OpenStack Keystone contains a flaw that may lead to unauthorized disclosure of sensitive information. The issue is due to the program placing user credentials in a command line. This may allow a local attacker to gain access to credential information via listing processes.

[CLOSE] OSVDB ID : 79444 - Disclosed: 2012-02-21

Description:

Fork CMS contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the deletion of users, including admin level users, the deletion of web pages or the elevation of privileges. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 79460 - Disclosed: 2012-02-21

Description:

Unity Web Player is prone to an overflow condition. The application fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted Unity 3D file, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 80335 - Disclosed: 2012-02-21

Description:

Fork CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'report' parameter upon submission to the 'private/en/pages/settings' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79411 - Disclosed: 2012-02-21

Description:

Seo Panel contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing user-supplied input before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79464 - Disclosed: 2012-02-21

Description:

EasyVista contains a flaw related to the SSO (Single Sign-On) feature. The issue is due to an error of the SSO feature when using unencoded values, which may allow a remote attacker to bypass authentication settings by using a specially crafted HTTP request containing a known username.

[CLOSE] OSVDB ID : 79822 - Disclosed: 2012-02-21

Description:

XAVi X7968 contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of an administrator's password or the insertion of script code. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 79824 - Disclosed: 2012-02-21

Description:

XAVi X7968 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'host_name_txtbox' parameter upon submission to the webconfig/lan/lan_config.html/local_lan_config script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79870 - Disclosed: 2012-02-21

Description:

The firmware in Mercury MR804 contains a flaw that may allow a remote denial of service. The issue is triggered when sending malformed HTTP headers which causes the HTTP service to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 79420 - Disclosed: 2012-02-21

Description:

F*EX (Frams' Fast File EXchange) contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'id' and 'from' parameters upon submission to the '/fup' script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79424 - Disclosed: 2012-02-21

Description:

Multiple Hitachi Command Suite products contain a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the applications do not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79436 - Disclosed: 2012-02-21

Description:

ibutils contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is due to the ibmssh executable having an insecure RPATH set in the ELF header, allowing a local attacker to trick a victim to run the executable within the refix/lib directory and execute arbitrary code with the privileges of the victim.

[CLOSE] OSVDB ID : 79823 - Disclosed: 2012-02-21

Description:

XAVi X7968 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'pvcName' parameter upon submission to the webconfig/wan/confirm.html/confirm script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79825 - Disclosed: 2012-02-21

Description:

The XAVi X7968 ADSL Router contains a flaw that may allow a remote denial of service. The issue is triggered when directly requesting the Conexant.icf page, which causes the device to stop responding for two minutes resulting in a loss of availability.

[CLOSE] OSVDB ID : 79995 - Disclosed: 2012-02-21

Description:

OllyDBG contains a flaw that may allow a remote denial of service. The issue is due to an error within the EnumProcesses function when handling fake image names, which casues the application to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 80809 - Disclosed: 2012-02-21

Description:

Linksys WAG54GS contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of the administrator password. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 82816 - Disclosed: 2012-02-21

Description:

MIT Kerberos 5 contains a flaw that is triggered when the protocol implementation within server/server_stubs.c does not properly restrict access to SET_STRINGS and GET_STRINGS operations. This may all a remote attacker with the global list privilege to manipulate the attributes of certain strings.

[CLOSE] OSVDB ID : 88468 - Disclosed: 2012-02-21

Description:

OpenPegasus (tog-pegasus) contains a flaw that may allow a remote denial of service. The issue is triggered during the parsing of an XML request sent via the 'form' parameter, which will result in hash collision. This will cause a loss of availability for the program.

[CLOSE] OSVDB ID : 79504 - Disclosed: 2012-02-21

Description:

ELBA contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'Account Group Creation' function not properly sanitizing user-supplied input to the 'Account Group Name' field. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79634 - Disclosed: 2012-02-21

Description:

The Video Embed & Thumbnail Generator plugin for WordPress contains a flaw related to the creation of thumbnails. The issue is due to multiple functions in the wp-content/plugins/video-embed-thumbnail-generator/kg_callffmpeg.php script not validating user-supplied input before being used in an 'exec()' call, which may allow a remote attacker to execute arbitrary shell commands.

[CLOSE] OSVDB ID : 80811 - Disclosed: 2012-02-21

Description:

DAMN Hash Calculator is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. This may allow a local attacker to potentially execute arbitrary code.

[CLOSE] OSVDB ID : 87898 - Disclosed: 2012-02-21

Description:

Puppet Standard Library (stdlib) contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the facter_dot_d.rb script creating temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/facts_cache.yml file to cause the program to unexpectedly write to, or overwrite an attacker specified file.

[CLOSE] OSVDB ID : 79435 - Disclosed: 2012-02-20

Description:

IBM WebSphere Lombardi Edition contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate user-supplied input upon submission to certain input controls within coaches. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.