[CLOSE] OSVDB ID : 21458 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.

[CLOSE] OSVDB ID : 21270 - Disclosed: 2005-11-30

Description:

Centericq contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a zero length packet to the Centericq client, and will result in loss of availability for Centericq.

[CLOSE] OSVDB ID : 21334 - Disclosed: 2005-11-30

Description:

Instant Photo Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the portfolio.php script not properly sanitizing user-supplied input to the 'cat_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21335 - Disclosed: 2005-11-30

Description:

Instant Photo Gallery contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the content.php script not properly sanitizing user-supplied input to the 'cid' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21344 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote attackers to cause a denial of service (memory consumption) via crafted VoIP packets.

[CLOSE] OSVDB ID : 21351 - Disclosed: 2005-11-30

Description:

Drupal contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the HTML/SGML input such as the 'legend' tag and the 'value' parameter used in 'input' and 'label tags. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 24207 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-assisted attackers to execute arbitrary code via a .il file that calls a function with a long name.

[CLOSE] OSVDB ID : 24208 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method.

[CLOSE] OSVDB ID : 21532 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability."

[CLOSE] OSVDB ID : 21333 - Disclosed: 2005-11-30

Description:

DotClear contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the session.php script not properly sanitizing user-supplied input to the 'dc_xd' cookie variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21620 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in Positive Software Corporation CP+ (cpplus) before 2.5.5 allows attackers to has unknown impact and attack vectors, related to "a possible security flaw caused by a bug in Perl." NOTE: unless CP+ includes its own copy of Perl with CVE-2005-3962, this is a different vulnerability than CVE-2005-3962; however, there is insufficient information to be sure.

[CLOSE] OSVDB ID : 22178 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED.

[CLOSE] OSVDB ID : 21350 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission.

[CLOSE] OSVDB ID : 21384 - Disclosed: 2005-11-30

Description:

PHPX contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin login script calling auth.inc.php which does not properly sanitize user-supplied input to the 'username' field. This may allow an attacker to bypass the admin login check and inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 60038 - Disclosed: 2005-11-30

Description:

(Description Provided by CVE) : Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian GNU/Linux allows local users to gain privileges via a malicious Mesa library in the /home/anand directory.

[CLOSE] OSVDB ID : 21494 - Disclosed: 2005-11-29

Description:

(Description Provided by CVE) : Opera 8.50 allows remote attackers to cause a denial of service (crash) via a Java applet with a large string argument to the removeMember JNI method for the com.opera.JSObject class.

[CLOSE] OSVDB ID : 21286 - Disclosed: 2005-11-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 21287 - Disclosed: 2005-11-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 21288 - Disclosed: 2005-11-29

Description:

WASD WebServer PerlRTE_example1.pl contains a format string flaw. The issue is triggered when a user sends malcious input via format string errors in the $name variable. It is possible that the flaw may allow arbitrary code execution and/or a denial of service.

[CLOSE] OSVDB ID : 21402 - Disclosed: 2005-11-29

Description:

Calendar Express contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the day.php script not properly sanitizing user-supplied input to the 'cid' and 'catid' variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21403 - Disclosed: 2005-11-29

Description:

Calendar Express contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the week.php script not properly sanitizing user-supplied input to the 'cid' and 'catid' variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21405 - Disclosed: 2005-11-29

Description:

Calendar Express contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the year.php script not properly sanitizing user-supplied input to the 'cid' and 'catid' variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21401 - Disclosed: 2005-11-29

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 21222 - Disclosed: 2005-11-29

Description:

(Description Provided by CVE) : Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format string specifiers in the username parameter to the login form, which is ultimately used in a syslog call. NOTE: the code execution might be associated with an issue in Perl.

[CLOSE] OSVDB ID : 21201 - Disclosed: 2005-11-29

Description:

FAQ System contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the viewFAQ.php script not properly sanitizing user-supplied input to the 'FAQ_ID' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21202 - Disclosed: 2005-11-29

Description:

FAQ System contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the CATEGORY_ID variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21360 - Disclosed: 2005-11-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers.

[CLOSE] OSVDB ID : 21199 - Disclosed: 2005-11-29

Description:

Orca Blog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the blog.php script not properly sanitizing user-supplied input to the 'msg' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21198 - Disclosed: 2005-11-29

Description:

Orca Knowledgebase contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the knowledgebase.php script not properly sanitizing user-supplied input to the qid variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21200 - Disclosed: 2005-11-29

Description:

Survey System contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the survey.php script not properly sanitizing user-supplied input to the SURVEY_ID variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21194 - Disclosed: 2005-11-29

Description:

Ringmaker contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the ringmaker.php script not properly sanitizing user-supplied input to the start variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21195 - Disclosed: 2005-11-29

Description:

ItwCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the calendar.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21269 - Disclosed: 2005-11-29

Description:

88Scripts contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'm' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21268 - Disclosed: 2005-11-29

Description:

O-Kiraku Nikki contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the okiraku.php script not properly sanitizing user-supplied input to the 'day_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21221 - Disclosed: 2005-11-29

Description:

Gallery contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the remote image url upon submission to the "Add Image From Web" feature. This could allow a user to create a specially crafted page that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 21311 - Disclosed: 2005-11-29

Description:

(Description Provided by CVE) : The installer for Gallery 2.0 before 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.

[CLOSE] OSVDB ID : 21312 - Disclosed: 2005-11-29

Description:

(Description Provided by CVE) : Unspecified vulnerability in the zipcart module in Gallery 2.0 before 2.0.2 allows remote attackers to read arbitrary files via unknown vectors.

[CLOSE] OSVDB ID : 21342 - Disclosed: 2005-11-29

Description:

(Description Provided by CVE) : ** DISPUTED ** Turnkey Web Tools SunShop Shopping Cart allows remote attackers to obtain sensitive information via a phpinfo action to (1) index.php, (2) admin/index.php, and (3) admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has disputed this issue, saying that "Having this in the code makes it easier for us to troubleshoot when issues arise on individual carts. For someone to have a script to do this type of search would require that they know where your shop is actually located. I dont think it really can be construde [sic] as a security issue."

[CLOSE] OSVDB ID : 21406 - Disclosed: 2005-11-29

Description:

Jax Calendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the jax_calendar.php script not properly sanitizing user-supplied input to the cal_id variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 21343 - Disclosed: 2005-11-29

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field.