[CLOSE] OSVDB ID : 72615 - Disclosed: 2011-04-27

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064.

[CLOSE] OSVDB ID : 72700 - Disclosed: 2011-04-26

Description:

(Description Provided by CVE) : IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command.

[CLOSE] OSVDB ID : 72124 - Disclosed: 2011-04-26

Description:

CA Arcot WebFort Versatile Authentication Server contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72125 - Disclosed: 2011-04-26

Description:

CA Arcot WebFort Versatile Authentication contains a flaw that allows a remote cross site redirection attack. This flaw exists because the application does not validate certain unspecified input. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Such attacks are useful as the crafted URL initially appear to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client side software such as a web browser or document rendering programs.

[CLOSE] OSVDB ID : 72697 - Disclosed: 2011-04-22

Description:

(Description Provided by CVE) : IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 72698 - Disclosed: 2011-04-22

Description:

(Description Provided by CVE) : IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 73433 - Disclosed: 2011-04-22

Description:

(Description Provided by CVE) : Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections.

[CLOSE] OSVDB ID : 73434 - Disclosed: 2011-04-22

Description:

(Description Provided by CVE) : manager.c in the Manager Interface in Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 does not properly check for the system privilege, which allows remote authenticated users to execute arbitrary commands via an Originate action that has an Async header in conjunction with an Application header.

[CLOSE] OSVDB ID : 72061 - Disclosed: 2011-04-21

Description:

HP SiteScope contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 72130 - Disclosed: 2011-04-20

Description:

(Description Provided by CVE) : The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request.

[CLOSE] OSVDB ID : 71946 - Disclosed: 2011-04-20

Description:

Oracle Sun Java System Messaging Server contains a flaw related to the TLS implementation within the SMTP, IMAP and POP servers failing to properly clear transport layer buffers when changing from plaintext to ciphertext upon receipt of the 'STARTTLS' command. This may allow a remote attacker to inject arbitrary plaintext data which will be executed upon transition to ciphertext.

[CLOSE] OSVDB ID : 74357 - Disclosed: 2011-04-20

Description:

CA SiteMinder contains a flaw in the Web Agents component that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when parsing multi-line headers, allowing a remote authenticated attacker to gain the privileges of the current user.

[CLOSE] OSVDB ID : 74343 - Disclosed: 2011-04-20

Description:

CA Output Management Web Viewer is prone to an overflow condition. The UOMWV_Helper ActiveX control fails to properly sanitize user supplied input, resulting in a stack-based buffer overflow. With a specially crafted overly long string passed via the 'title' property, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 74344 - Disclosed: 2011-04-20

Description:

CA Output Management Web Viewer is prone to an overflow condition. The ActiveX control fails to properly sanitize user supplied input, resulting in a stack-based buffer overflow. With a specially crafted overly long string passed via the 'SRC' object parameter, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 74943 - Disclosed: 2011-04-19

Description:

KGet in KDE contains a flaw that allows an attacker to traverse outside of a restricted path. The issue is due to the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the name attribute of a file element in a metalink file. This directory traversal attack would allow a remote attacker to create arbitrary files.

[CLOSE] OSVDB ID : 71967 - Disclosed: 2011-04-18

Description:

(Description Provided by CVE) : Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors.

[CLOSE] OSVDB ID : 71871 - Disclosed: 2011-04-18

Description:

EMC NetWorker contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered due to an unspecified file having weak permissions, allowing a local attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 74177 - Disclosed: 2011-04-18

Description:

(Description Provided by CVE) : dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729.

[CLOSE] OSVDB ID : 74178 - Disclosed: 2011-04-18

Description:

(Description Provided by CVE) : dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.

[CLOSE] OSVDB ID : 71848 - Disclosed: 2011-04-15

Description:

Wireshark is prone to an overflow condition. The DECT dissector in epan/dissectors/packet-dect.c fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted packet, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71847 - Disclosed: 2011-04-15

Description:

Wireshark on Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a data type mismatch error occurs within the NFS dissector in epan/dissectors/packet-nfs.c, allowing an attacker to cause a denial of service via specially crafted packets.

[CLOSE] OSVDB ID : 73801 - Disclosed: 2011-04-14

Description:

ANGLE WebGLES graphics library contains an overflow condition in the 'AddString' function [compiler/preprocessor/atom.c] that is triggered when loading a shader from file. With a specially crafted web page, a context-dependent attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially executing arbitrary code.

[CLOSE] OSVDB ID : 71846 - Disclosed: 2011-04-14

Description:

Wireshark contains a flaw that may allow a remote denial of service. The issue is triggered when a use-after-free error occurs within the X.509if dissector, allowing an attacker to cause a denial of service via specially crafted packets.

[CLOSE] OSVDB ID : 73800 - Disclosed: 2011-04-14

Description:

(Description Provided by CVE) : Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.

[CLOSE] OSVDB ID : 71857 - Disclosed: 2011-04-14

Description:

RSA Adaptive Authentication contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input related to a Flash Shockwave file before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74793 - Disclosed: 2011-04-14

Description:

(Description Provided by CVE) : Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4.0.0rc7, when the CustomFieldValuesSources (aka external custom field) option is enabled, allows remote authenticated users to execute arbitrary code via unspecified vectors, as demonstrated by a cross-site request forgery (CSRF) attack.

[CLOSE] OSVDB ID : 74794 - Disclosed: 2011-04-14

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data.

[CLOSE] OSVDB ID : 74795 - Disclosed: 2011-04-14

Description:

(Description Provided by CVE) : Best Practical Solutions RT 3.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote authenticated users to obtain sensitive information by using the search interface, as demonstrated by retrieving encrypted passwords.

[CLOSE] OSVDB ID : 74796 - Disclosed: 2011-04-14

Description:

(Description Provided by CVE) : Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote attackers to read arbitrary files via a crafted HTTP request.

[CLOSE] OSVDB ID : 74797 - Disclosed: 2011-04-14

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

[CLOSE] OSVDB ID : 74798 - Disclosed: 2011-04-14

Description:

(Description Provided by CVE) : Best Practical Solutions RT 3.6.0 through 3.6.10 and 3.8.0 through 3.8.8 allows remote attackers to trick users into sending credentials to an arbitrary server via unspecified vectors.

[CLOSE] OSVDB ID : 74968 - Disclosed: 2011-04-13

Description:

(Description Provided by CVE) : Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilter, (4) NonAssignedUserList, (5) DeleteReportLayout, (6) DeleteReports, and (7) RegenerateReport stored procedures.

[CLOSE] OSVDB ID : 71790 - Disclosed: 2011-04-13

Description:

OTRS (Open Ticket Request System) contains multiple flaws that allow remote cross-site scripting (XSS) attacks. These flaws exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71740 - Disclosed: 2011-04-13

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application which leverages incorrect driver object management, allowing them to gain elevated privileges.

[CLOSE] OSVDB ID : 71727 - Disclosed: 2011-04-13

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges.

[CLOSE] OSVDB ID : 71728 - Disclosed: 2011-04-13

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges.

[CLOSE] OSVDB ID : 71729 - Disclosed: 2011-04-13

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges.

[CLOSE] OSVDB ID : 71730 - Disclosed: 2011-04-13

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges.

[CLOSE] OSVDB ID : 71731 - Disclosed: 2011-04-13

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges.

[CLOSE] OSVDB ID : 71732 - Disclosed: 2011-04-13

Description:

Microsoft Windows contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a local, context-dependent attacker uses a crafted application to trigger a null pointer dereference, allowing them to gain elevated privileges.