[CLOSE] OSVDB ID : 70702 - Disclosed: 2011-01-24

Description:

Bugzilla contains a flaw in the duplicate-detection functionality that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'summary' field before returning it to the user, due to the YUI DataTable widget's rendering of strings as text. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70705 - Disclosed: 2011-01-24

Description:

Bugzilla contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the 'buglist.cgi' script does not require multiple steps or explicit confirmation for sensitive transactions for the addition of saved searches to a user's profile. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70706 - Disclosed: 2011-01-24

Description:

Bugzilla contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the 'votes.cgi' script does not require multiple steps or explicit confirmation for certain sensitive transactions, allowing for the hijacking of arbitrary user's authentication. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70707 - Disclosed: 2011-01-24

Description:

Bugzilla contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the 'sanitycheck.cgi' script does not require multiple steps or explicit confirmation for certain sensitive transactions, allowing for the hijacking of arbitrary user's authentication. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70708 - Disclosed: 2011-01-24

Description:

Bugzilla contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the 'chart.cgi' script does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of charts. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70709 - Disclosed: 2011-01-24

Description:

Bugzilla contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the 'colchange.cgi' script does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of columns. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70710 - Disclosed: 2011-01-24

Description:

Bugzilla contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the 'quips.cgi' script does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of quips. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70596 - Disclosed: 2011-01-21

Description:

Pango is prone to an overflow condition. The 'pango_ft2_font_render_box_glyph()' function in 'pango/pangoft2-render.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted font, a context-dependent attacker can cause a denial of service.

[CLOSE] OSVDB ID : 73403 - Disclosed: 2011-01-21

Description:

(Description Provided by CVE) : Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.

[CLOSE] OSVDB ID : 70519 - Disclosed: 2011-01-20

Description:

IBM AIX contains a flaw that may allow a local denial of service. The issue is triggered when an error in the FC SCSI protocol driver when deallocating a timer occurs, allowing a local attacker to cause a denial of service.

[CLOSE] OSVDB ID : 70520 - Disclosed: 2011-01-19

Description:

FUSE contains a flaw that may allow a local denial of service. The issue is triggered when an error within the 'fusermount' utility when performing unmount operations occurs, allowing a local attacker to cause a denial of service by unmounting arbitrary mounts via symlink attacks.

[CLOSE] OSVDB ID : 70661 - Disclosed: 2011-01-19

Description:

Best Practical Solutions RT contains a flaw related to the MD5 algorithm for password hashes. This may allow disclose cleartext passwords to a context-dependent attacker via a brute-force attack.

[CLOSE] OSVDB ID : 70543 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware Outside In Technology contains a flaw that may allow a local denial of service. The issue is triggered when an unspecified error in the 'Outside In Viewer SDK' component occurs, allowing a remote attacker to cause a denial of service.

[CLOSE] OSVDB ID : 70539 - Disclosed: 2011-01-18

Description:

Oracle Industry Applications Health Sciences - Oracle Argus Safety contains a flaw related to LDAP login handling that may allow a remote attacker to partially affect confidentiality, integrity, and availability. No further details have been provided.

[CLOSE] OSVDB ID : 70569 - Disclosed: 2011-01-18

Description:

CDE contains a flaw related to the 'CDE Calendar Manager Service Daemon' sub-component that may allow a remote attacker to execute arbitrary code via specially crafted RPC packets. No further details have been provided.

[CLOSE] OSVDB ID : 70537 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware Document Capture contains a flaw related to the ActiveBar2Library ActiveX (Actbar2.ocx). The ActiveX control allows an attacker to overwrite any 'unhidden' file using the 'SaveLayoutChanges' method.

[CLOSE] OSVDB ID : 70551 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware is prone to an overflow condition. The 'Server' subcomponent in the 'GoldenGate Veridata' component fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted an overly long XML soap request, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70565 - Disclosed: 2011-01-18

Description:

Oracle Sun Java System Portal Server contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when an unspecified error in the 'Proxy' component occurs, which will disclose unspecified information to a local attacker.

[CLOSE] OSVDB ID : 70571 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware contains a flaw related to the 'Servlet Container' sub-component in the 'Oracle WebLogic Server' component that may allow a remote attacker to gain update, insert, or delete access to certain data. No further details have been provided.

[CLOSE] OSVDB ID : 70573 - Disclosed: 2011-01-18

Description:

Sun Java System Message Queue contains a flaw related to the 'Java Message Service (JMS)' sub-component that may allow a local attacker to have a partial affect on integrity and confidentiality and cause a denial of service. No further details have been provided.

[CLOSE] OSVDB ID : 70579 - Disclosed: 2011-01-18

Description:

Sun Java System Access Manager contains an unspecified flaw that may allow a remote attacker to perform unauthorised insertion, deletion, or updating of certain. No further details have been provided.

[CLOSE] OSVDB ID : 70583 - Disclosed: 2011-01-18

Description:

Oracle Audit Vault contains a flaw related to the 'av' component's failure to properly validate code when handling 'action.execute' requests, allowing the creation of arbitrary objects. This may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 70639 - Disclosed: 2011-01-18

Description:

OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified that this vulnerability allows privilege escalation within the OpenVAS Manager but more complex injection may allow arbitrary code to be executed with the privileges of the OpenVAS Manager on vulnerable systems.

[CLOSE] OSVDB ID : 70530 - Disclosed: 2011-01-18

Description:

Oracle Supply Chain Products Suite Agile Core Folders, Files & Attachments contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an unspecified error occurs, which will disclose unspecified information to a remote authenticated attacker.

[CLOSE] OSVDB ID : 70531 - Disclosed: 2011-01-18

Description:

The Oracle WebLogic Server component in Oracle Fusion Middleware contains an unspecified flaw related to the 'Node Manager' subcomponent that may allow an attacker to severely affect confidentiality, integrity, and availability. No further details have been provided.

[CLOSE] OSVDB ID : 70533 - Disclosed: 2011-01-18

Description:

Oracle Applications Common Applications contains a flaw related to the 'User Management' component that may allow a remote attacker to perform an unauthorized update. No further details have been provided.

[CLOSE] OSVDB ID : 70534 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware Discoverer contains a flaw related to the 'EUL Code & Schema' component that may allow a remote authenticated attacker to gain read, update, insert, or delete access to certain data. No further details have been provided.

[CLOSE] OSVDB ID : 70535 - Disclosed: 2011-01-18

Description:

Oracle Applications Application Object Library contains a flaw related to the 'Logout' subcomponent that may allow an attacker to to gain read, insert and delete access and perform an unauthorized update. No further details have been provided.

[CLOSE] OSVDB ID : 70536 - Disclosed: 2011-01-18

Description:

Oracle Database Server Spatial contains a flaw related to the 'MDSYS' component that may allow an attacker to gain read, insert, and delete access and perform an unauthorized update. No further details have been provided.

[CLOSE] OSVDB ID : 70538 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware Document Capture contains a flaw related to the 'Internal Operations' component that may allow an attacker to gain write access to arbitrary files and cause a denial of service. No further details have been provided.

[CLOSE] OSVDB ID : 70541 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware Document Capture contains a flaw that may lead to arbitrary file disclosure. The issue is due to the EasyMail ActiveX (emsmtp.dll) not properly restricting access to the ImportBodyText method. By requesting a file (e.g., c:\\boot.ini), the ActiveX will display the contents of the file.

[CLOSE] OSVDB ID : 70542 - Disclosed: 2011-01-18

Description:

Oracle Secure Backup contains a flaw related to the 'mod_ssl' component that may allow a remote attacker to insert, delete, or update certain data . No further details have been provided.

[CLOSE] OSVDB ID : 70544 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware Document Capture contains a flaw related to the 'Import Export Utility' component that may allow a remote attacker to gain write access to arbitrary files. No further details have been provided.

[CLOSE] OSVDB ID : 70545 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware Document Capture Import Server contains a flaw that may allow an attacker to overwrite arbitrary files. The issue is due to the NCSECWLib ActiveX not properly sanitizing input to the WriteJPG function. Additionally, this function has been reported to be vulnerable to an overflow, although the initial disclosure does not indicate if it is exploitable.

[CLOSE] OSVDB ID : 70546 - Disclosed: 2011-01-18

Description:

Oracle Database Server Client System Analyzer contains a flaw related to a JSP script exposed via an HTTPS server running by default on TCP port 1158. The issue is triggered when a remote attacker supplies a NULL byte within a POST parameter during a request to this JSP script. This may allow an attacker to upload arbitrary code, which can later be executed remotely.

[CLOSE] OSVDB ID : 70547 - Disclosed: 2011-01-18

Description:

Oracle Enterprise Manager Grid Control Client System Analyzer contains a flaw related to a JSP script exposed via an HTTPS server running by default on TCP port 1158. The issue is triggered when a remote attacker supplies a NULL byte within a POST parameter during a request to this JSP script. This may allow an attacker to upload arbitrary code, which can later be executed remotely.

[CLOSE] OSVDB ID : 70548 - Disclosed: 2011-01-18

Description:

Oracle Database Server Scheduler Agent contains an unspecified flaw that may allow a remote attacker to gain read, insert, and delete access and perform an unauthorized update. No further details have been provided.

[CLOSE] OSVDB ID : 70549 - Disclosed: 2011-01-18

Description:

Oracle VM VirtualBox contains a flaw related to the 'Extensions' component that may allow a local attacker to severely affect confidentiality, integrity, and availability. No further details have been provided.

[CLOSE] OSVDB ID : 70552 - Disclosed: 2011-01-18

Description:

Oracle Fusion Middleware contains a flaw related to the 'Services for Beehive' component. The issue is triggered when a remote attacker passes input via an evaluation parameter to voice-servlet/prompt-qa/Index.jspf. The program does not properly sanitise this input before using it to create a file. This may allow a remote attacker to execute arbitrary JSP code by creating a file with a NULL byte within the filename.

[CLOSE] OSVDB ID : 70555 - Disclosed: 2011-01-18

Description:

Oracle Database Server contains a flaw related to the Database Vault component that may lead to an unauthorized information disclosure.  The issue is triggered when the Monitor web page is accessed by an administrator and generates universally readable .gif files in ORACLE_HOME/dv/jlib/dva_webapp/dva_webapp/images/dvcache which contain valid session IDs in their names, which will disclose session IDs to a local attacker, allowing them to impersonate arbitrary users.