[CLOSE] OSVDB ID : 79392 - Disclosed: 2012-02-18

Description:

phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate database names upon submission to the js/replication.js script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 81262 - Disclosed: 2012-02-18

Description:

Bugzilla contains a flaw related to authentication management. The issue is due to the application not validating X-FORWARDED-FOR headers of authentication requests. This may allow a remote attacker to bypass the lockout policy and potentially conduct a brute-force discovery of valid user passwords.

[CLOSE] OSVDB ID : 79406 - Disclosed: 2012-02-18

Description:

X3 CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the cms/controllers/public/search_controller.php script does not validate the 'search' parameter upon submission to the en/search script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79421 - Disclosed: 2012-02-18

Description:

Psycle is prone to an overflow condition. The application fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted PSY file, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79422 - Disclosed: 2012-02-18

Description:

Psycle is prone to an overflow condition. The issue is due to an error when allocating memory while handling song files resulting in a heap-based buffer overflow. With a specially crafted PSY file, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 80801 - Disclosed: 2012-02-18

Description:

Almnzm contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the /admincpanel/index.php script does not require multiple steps or explicit confirmation for sensitive transactions for the addition of an administrator. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 85700 - Disclosed: 2012-02-18

Description:

Endian Firewall contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via the PATH_INFO upon submission to the openvpn_users.cgi script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79430 - Disclosed: 2012-02-18

Description:

SAP NetWeaver contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'ipc/admin/log_view.jsp' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'logfilename' parameter. This directory traversal attack would allow the attacker to read arbitrary files.

[CLOSE] OSVDB ID : 79433 - Disclosed: 2012-02-18

Description:

SAP NetWeaver contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an error within the MessagingSystem servlet, which will disclose performance data information to a remote attacker.

[CLOSE] OSVDB ID : 79438 - Disclosed: 2012-02-18

Description:

ASUS Net4Switch is prone to an overflow condition related to the ActiveX component ipswcom.dll. The CxDbgPrint()function (cxcmrt.dll) fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted message string passed to the Alert() method, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 85699 - Disclosed: 2012-02-18

Description:

Endian Firewall contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'createrule' parameter upon submission to the dnat.cgi script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 85698 - Disclosed: 2012-02-18

Description:

Endian Firewall contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'addrule' parameter upon submission to the dansguardian.cgi script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79407 - Disclosed: 2012-02-17

Description:

7-Technologies TERMIS is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening an unspecified file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 79408 - Disclosed: 2012-02-17

Description:

7-Technologies AQUIS is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening an unspecified file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 79343 - Disclosed: 2012-02-17

Description:

SQL Buddy contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'DATABASE', 'HOST' and 'USER' parameters upon submission to the 'login.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79344 - Disclosed: 2012-02-17

Description:

SQL Buddy contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'db' parameter upon submission to the 'dboverview.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79419 - Disclosed: 2012-02-17

Description:

SAP NetWeaver is prone to an overflow condition. The SAPHostControl service fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With an overly long command wrapped in SOAP messages, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79409 - Disclosed: 2012-02-17

Description:

Tiki Wiki CMS Groupware contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'url' parameter upon submission to the 'tiki-featured_link.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79705 - Disclosed: 2012-02-17

Description:

The GNU C Library (glibc) is prone to an overflow condition. The printf() functions fails to properly sanitize user-supplied input when parsing nargs resulting in an integer overflow. With a specially crafted request, an attacker can bypass format string protections and potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79372 - Disclosed: 2012-02-17

Description:

TORCS is prone to an overflow condition. The sprintf() function in graphic/ssgraph/grsound.cpp fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted XML configuration file containing an overly long file name in an engine sample attribute, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79405 - Disclosed: 2012-02-17

Description:

MoniWiki contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'login_id' parameter upon submission to the 'wiki.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79762 - Disclosed: 2012-02-17

Description:

Pandora FMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'sec2' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 79427 - Disclosed: 2012-02-17

Description:

SAP NetWeaver contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the b2b/admin/log_view.jsp script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'logfilename' parameter. This directory traversal attack would allow the attacker to read arbitrary files.

[CLOSE] OSVDB ID : 79428 - Disclosed: 2012-02-17

Description:

SAP NetWeaver contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the b2b/admin/log.jsp script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'logfilename' parameter. This directory traversal attack would allow the attacker to read arbitrary files.

[CLOSE] OSVDB ID : 79429 - Disclosed: 2012-02-17

Description:

SAP NetWeaver contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'ipc/admin/log.jsp' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'logfilename' parameter. This directory traversal attack would allow the attacker to read arbitrary files.

[CLOSE] OSVDB ID : 79431 - Disclosed: 2012-02-17

Description:

SAP NetWeaver's internet sales module contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the '_loadPage' parameter upon submission to the 'b2b/auction/container.jsp' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79432 - Disclosed: 2012-02-17

Description:

SAP NetWeaver Adapter Monitor contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an error within the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet, which will disclose adapter monitor information to a remote attacker.

[CLOSE] OSVDB ID : 84896 - Disclosed: 2012-02-17

Description:

A memory corruption flaw exists in Skype on Windows. The program fails to sanitize user-supplied input when transferring files resulting in memory corruption. This may allow a remote attacker to cause a denial of service.

[CLOSE] OSVDB ID : 87962 - Disclosed: 2012-02-17

Description:

Puppet contains a flaw that is due to the default protocol in the firewall module (puppetlabs-firewall) is set to TCP. When using the drop all command, only TCP requests are dropped and everything else persists. This may allow an attacker to bypass restrictions that an administrator was thought in place.

[CLOSE] OSVDB ID : 92082 - Disclosed: 2012-02-17

Description:

WebKit contains a typecasting flaw that is triggered when handling children during table splitting. With a specially crafted web page, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.

[CLOSE] OSVDB ID : 93599 - Disclosed: 2012-02-17

Description:

Apache Derby contains a flaw that is triggered when the program accepts the incorrect bootPassword when attempting to change it via SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY. This may cause a hash collision during re-encryption, resulting in the re-encryption process failing, potentially corrupting the bootPassword.

[CLOSE] OSVDB ID : 79563 - Disclosed: 2012-02-16

Description:

Advantech/Broadwin WebAccess contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to certain unspecified input not being properly sanitized before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79570 - Disclosed: 2012-02-16

Description:

Advantech/Broadwin WebAccess contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for certain unspecified sensitive transactions. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 79305 - Disclosed: 2012-02-16

Description:

ACDSee is prone to an overflow condition. The IDE_ACDStd.apl module fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted BMP file containing arbitrary image dimension values, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79426 - Disclosed: 2012-02-16

Description:

The Novell Messenger Client is prone to an overflow condition. The application fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted contact list file containing an arbitrary 'name' value of a 'folder' tag, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 79412 - Disclosed: 2012-02-16

Description:

Symantec pcAnywhere contains a flaw that may allow a remote denial of service. The issue is due to an error within the awhost32 service, which may allow a remote attacker to crash the service with malformed packets resulting in a loss of availability.

[CLOSE] OSVDB ID : 79562 - Disclosed: 2012-02-16

Description:

Advantech/Broadwin WebAccess contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to certain unspecified input not being properly sanitized before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79566 - Disclosed: 2012-02-16

Description:

Advantech/Broadwin WebAccess contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79569 - Disclosed: 2012-02-16

Description:

Advantech/Broadwin WebAccess contains an unspecified flaw that may lead to an unauthorized information disclosure to a remote attacker.

[CLOSE] OSVDB ID : 79574 - Disclosed: 2012-02-16

Description:

Advantech/Broadwin WebAccess contains an unspecified flaw that may allow an attacker to manipulate time/date synching. No further details have been provided.