[CLOSE] OSVDB ID : 31986 - Disclosed: 2006-11-21

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 31991 - Disclosed: 2006-11-21

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 31988 - Disclosed: 2006-11-21

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 18731 - Disclosed: 2005-08-12

Description:

(Description Provided by CVE) : Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibly earlier versions, allows remote attackers to cause a denial of service (device hang or reboot) via a large UDP packet to port 5060.

[CLOSE] OSVDB ID : 34347 - Disclosed: 2007-03-21

Description:

(Description Provided by CVE) : The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and bootloader 1.1.1.5, allows remote attackers to cause a denial of service (device crash) via SIP (1) INVITE, (2) CANCEL, or unspecified other messages with a WWW-Authenticate header containing a crafted Digest domain.

[CLOSE] OSVDB ID : 29556 - Disclosed: 2006-10-04

Description:

(Description Provided by CVE) : Grandstream GXP-2000 VoIP Desktop Phone, firmware version 1.1.0.5, allows remote attackers to cause a denial of service (hang or reboot) via a large amount of ASCII data sent to port (1) 5060/UDP, (2) 5062/UDP, (3) 5064/UDP, (4) 5066/UDP, (5) 9876/UDP, or (6) 26789/UDP.

[CLOSE] OSVDB ID : 40186 - Disclosed: 2007-10-24

Description:

(Description Provided by CVE) : The Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a flood of fragmented packets to port 5060.

[CLOSE] OSVDB ID : 40187 - Disclosed: 2007-10-24

Description:

(Description Provided by CVE) : Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP INVITE message.

[CLOSE] OSVDB ID : 40185 - Disclosed: 2007-08-22

Description:

(Description Provided by CVE) : The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message.

[CLOSE] OSVDB ID : 38876 - Disclosed: 2007-11-13

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section.

[CLOSE] OSVDB ID : 38731 - Disclosed: 2007-11-13

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 28553 - Disclosed: 2006-09-05

Description:

GrapAgenda contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'page' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.

[CLOSE] OSVDB ID : 44760 - Disclosed: 2008-04-18

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in includes/functions.php in Quate Grape Web Statistics 0.2a allows remote attackers to execute arbitrary PHP code via a URL in the location parameter.

[CLOSE] OSVDB ID : 46257 - Disclosed: 2008-06-05

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images.

[CLOSE] OSVDB ID : 13279 - Disclosed: 2005-01-23

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 46258 - Disclosed: 2008-06-05

Description:

(Description Provided by CVE) : Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 46632 - Disclosed: 2008-06-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.

[CLOSE] OSVDB ID : 44953 - Disclosed: 2008-04-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 46633 - Disclosed: 2008-06-29

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.

[CLOSE] OSVDB ID : 16319 - Disclosed: 2005-05-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 46256 - Disclosed: 2008-06-05

Description:

(Description Provided by CVE) : Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images.

[CLOSE] OSVDB ID : 16775 - Disclosed: 2005-05-21

Description:

(Description Provided by CVE) : The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

[CLOSE] OSVDB ID : 51920 - Disclosed: 2009-01-21

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 51921 - Disclosed: 2009-01-22

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 46254 - Disclosed: 2008-06-05

Description:

(Description Provided by CVE) : Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 46255 - Disclosed: 2008-06-05

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 8687 - Disclosed: 2004-03-21

Description:

GraphicsMagick contains a flaw related to the XorCompositeOp() function in composite.c that may allow an attacker to cause a buffer overflow. No further details have been provided.

[CLOSE] OSVDB ID : 8688 - Disclosed: 2003-04-14

Description:

GraphicsMagick contains a flaw related to the TransformRGBImage() function in image.c that may allow an attacker to cause a integer overflow. No further details have been provided.

[CLOSE] OSVDB ID : 49864 - Disclosed: 2008-10-28

Description:

(Description Provided by CVE) : Graphiks MyForum 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the (1) myforum_login and (2) myforum_pass cookies to 1.

[CLOSE] OSVDB ID : 49398 - Disclosed: 2008-10-26

Description:

Graphiks MyForum contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'lecture.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.