[CLOSE] OSVDB ID : 67748 - Disclosed: 2010-09-01

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 0, References: 3

Vulnerability Classification

[CLOSE] OSVDB ID : 67746 - Disclosed: 2010-08-31

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 0, References: 5

Vulnerability Classification

[CLOSE] OSVDB ID : 67744 - Disclosed: 2010-09-01

Description:

DVDFab is prone to a flaw in the way it loads dynamic-link libraries (e.g. dwmapi.dll). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a dvdfab6 file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

Comments: 0, Blogs: 0, References: 2

Vulnerability Classification

[CLOSE] OSVDB ID : 67742 - Disclosed: 2010-05-12

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 0, References: 4

Vulnerability Classification

[CLOSE] OSVDB ID : 67740 - Disclosed: 2010-08-30

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 2

Vulnerability Classification

[CLOSE] OSVDB ID : 21307 - Disclosed: 2005-11-23

Description:

OvBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the thread.php script not properly sanitizing user-supplied input to the 'threadid' variable. Followup research along with vendor dispute indicates this issue can not be used to manipulate SQL queries. It is believed that non-numeric input may cause an SQL error giving the appearance of injection capability.

Comments: 0, Blogs: 0, References: 5

Vulnerability Classification

[CLOSE] OSVDB ID : 28364 - Disclosed: 2006-08-28

Description:

Cybozu Garoon contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the phonemessage Facility not properly sanitizing user-supplied input to the 'uid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

Comments: 0, Blogs: 0, References: 14

Vulnerability Classification

[CLOSE] OSVDB ID : 382 - Disclosed: 1999-07-17

Description:

By default, PostgresSQL installs without a default password for the postgres user account. This username and password combination is publicly known and documented. This allows attackers to trivially access the program or system with administrative priveleges.

Comments: 0, Blogs: 0, References: 19

Vulnerability Classification

[CLOSE] OSVDB ID : 23246 - Disclosed: 2006-02-16

Description:

By default, some Kyocera printers install with an default password. The 'admin' account has an empty password, which is publicly known and documented. This allows attackers to trivially access the system.

Comments: 0, Blogs: 0, References: 4

Vulnerability Classification

[CLOSE] OSVDB ID : 3092 - Disclosed: 1994-01-01

Description:

A potentially interesting file, directory or CGI was found on the web server. While there is no known vulnerability or exploit associated with this, it may contain sensitive information which can be disclosed to unauthenticated remote users, or aid in more focused attacks.

Comments: 0, Blogs: 0, References: 770

Vulnerability Classification

[CLOSE] OSVDB ID : 66993 - Disclosed: 2010-08-10

Description:

(Description Provided by CVE) : The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability."

Comments: 0, Blogs: 10, References: 14

Vulnerability Classification

[CLOSE] OSVDB ID : 66387 - Disclosed: 2010-07-16

Description:

Windows contains a flaw that may allow an attacker to execute arbitrary code. The issue is triggered by a specially crafted LNK which contains an icon resource that points to a malicious DLL file.

Comments: 0, Blogs: 4, References: 22

Vulnerability Classification

[CLOSE] OSVDB ID : 67002 - Disclosed: 2010-08-10

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.

Comments: 0, Blogs: 3, References: 10

Vulnerability Classification

[CLOSE] OSVDB ID : 66974 - Disclosed: 2010-08-10

Description:

(Description Provided by CVE) : The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute arbitrary code via a crafted SMB packet, aka "SMB Pool Overflow Vulnerability."

Comments: 0, Blogs: 2, References: 9

Vulnerability Classification

[CLOSE] OSVDB ID : 67736 - Disclosed: 2010-08-26

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 1, References: 6

Vulnerability Classification