| OSVDB ID | Disclosure Date | Title |
|---|
|
14365
Description:
xli contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is triggered due to the handling of compressed images. With a specially crafted filename containing shell meta characters, a remote attacker could execute arbitrary commands resulting in a loss of integrity.
|
2005-03-02
|
xli Compressed Image Filename Shell Metacharacter Arbitrary Command Execution
|
|
14366
Description:
xli contains a flaw related to the validation of image properties that may allow a remote attacker to execute arbitrary code. No further details have been provided.
|
2005-03-02
|
xli Unspecified Image Properties Overflow
|
|
14349
Description:
(Description Provided by CVE) : auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
|
2005-03-02
|
auraCMS Multiple Variable Path Disclosure
|
|
14350
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php.
|
2005-03-02
|
auraCMS hits.php hits Parameter XSS
|
|
14351
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php.
|
2005-03-02
|
auraCMS index.php query Parameter XSS
|
|
14352
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php.
|
2005-03-02
|
auraCMS counter.php theCount Parameter XSS
|
|
14353
Description:
(Description Provided by CVE) : Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.
|
2005-03-02
|
OpenVMS Unspecified Arbitrary Privileged File Access
|
|
14303
Description:
(Description Provided by CVE) : RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . (dot) or (2) space.
|
2005-03-02
|
RaidenHTTPD Malformed URL PHP Script Source Disclosure
|
|
14304
Description:
A remote overflow exists in RaidenHTTPD. The RaidenHTTPD fails to check URI length resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary commands resulting in a loss of confidentiality.
|
2005-03-02
|
RaidenHTTPD Long URI Remote Overflow
|
|
14320
Description:
A remote overflow exists in License Manager. The program fails to validate GCR Checksum packets resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-03-02
|
CA License Server/Client GCR Checksum Multiple Overflow
|
|
14321
Description:
A remote overflow exists in License Manager. The program fails to validate GCR Request packets resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-03-02
|
CA License Server/Client GCR Request Packet Multiple Overflows
|
|
14323
Description:
CA License Manager contains a flaw that allows a remote attacker to create arbitrary files on the file system. The issue is due to the License Client not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the PUTOLF command.
|
2005-03-02
|
CA License Client PUTOLF Traversal Arbitrary File Creation
|
|
74789
Description:
Unknown / Incomplete
|
2005-03-02
|
Newscoop Admin Interface Campsite edit_template.php Path Parameter Arbitrary File Disclosure
|
|
15451
Description:
paNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'auth.php' script not properly sanitizing user-supplied input to the 'mysql_prefix' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2005-03-01
|
paNews auth.php mysql_prefix Parameter SQL Injection
|
|
45438
Description:
(Description Provided by CVE) : The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
|
2005-03-01
|
Microsoft IE IObjectSafety Outlook Progress Ctl ActiveX Control COM Object Creation DoS
|
|
45439
Description:
(Description Provided by CVE) : The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
|
2005-03-01
|
Microsoft IE IObjectSafety System Monitor Source Properties ActiveX Control COM Object Creation DoS
|
|
45440
Description:
(Description Provided by CVE) : The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
|
2005-03-01
|
Microsoft IE IObjectSafety SmartConnect Class ActiveX Control COM Object Creation DoS
|
|
45441
Description:
(Description Provided by CVE) : The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
|
2005-03-01
|
Microsoft IE IObjectSafety CLSID_ApprenticeICW ActiveX Control COM Object Creation DoS
|
|
45442
Description:
(Description Provided by CVE) : The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
|
2005-03-01
|
Microsoft IE IObjectSafety Java Plug-in ActiveX COM Object Creation DoS
|
|
15452
Description:
paNews contains a flaw that may allow an attacker to inject arbitrary PHP code. The issue is due to the $$comments or $$autapprove variables in the admin_setup.php script not being properly sanitized and may allow an attacker to inject PHP code. Other variables may also be effected.
|
2005-03-01
|
paNews admin_setup.php Multiple Parameter Arbitrary PHP Code Injection
|
|
14395
Description:
Post-nuke PNphpBB Module contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'privmsg.php' script not properly sanitizing user-supplied input to the 'pm_sql_user' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2005-03-01
|
Post-nuke PNphpBB Module privmsg.php pm_sql_user Parameter SQL Injection
|
|
14367
Description:
(Description Provided by CVE) : sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter.
|
2005-03-01
|
PBLang sendpm.php Arbitrary Local File Disclosure
|
|
14373
Description:
(Description Provided by CVE) : scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
|
2005-03-01
|
libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow
|
|
14360
Description:
PBLang contains a flaw that may allow a malicious user to delete arbitrary personal messages. The issue is triggered when an attacker sends a specially crafted URL to the server running PBLang with the personal message id and user name of an arbitrary message to delete passed in as parameters to the delpm.php script. It is possible that the flaw may allow a malicious user to delete arbitrary messages resulting in a loss of integrity.
|
2005-03-01
|
PBLang delpm.php Arbitrary Private Message Deletion
|
|
14279
Description:
phpCOIN contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'faq_id' variable in the Faq module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-03-01
|
phpCOIN Faq Module faq_id Parameter SQL Injection
|
|
14280
Description:
phpCOIN contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'mode' and 'w' variables upon submission to the 'mod.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-03-01
|
phpCOIN mod.php Multiple Parameter XSS
|
|
14281
Description:
phpCOIN contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'e' and 'o' variable upon submission to the 'login.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-03-01
|
phpCOIN login.php Multiple Parameter XSS
|
|
15043
Description:
phpCOIN contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the id variable in the Pages module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-03-01
|
phpCOIN Pages Module id Parameter SQL Injection
|
|
15044
Description:
phpCOIN contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'id' variable in the Siteinfo module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-03-01
|
phpCOIN Siteinfo Module id Parameter SQL Injection
|
|
15045
Description:
phpCOIN contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'topic_id' variable in the Articles module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-03-01
|
phpCOIN Articles Module topic_id Parameter SQL Injection
|
|
15046
Description:
phpCOIN contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'ord_id' variable in the Orders module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-03-01
|
phpCOIN Orders Module ord_id Parameter SQL Injection
|
|
15047
Description:
phpCOIN contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'dom_id' variable in the Domains module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-03-01
|
phpCOIN Domains Module dom_id Parameter SQL Injection
|
|
15048
Description:
phpCOIN contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'invd_id' variable in the Invoices module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2005-03-01
|
phpCOIN Invoices Module invd_id Parameter SQL Injection
|
|
14314
Description:
Forumwa contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "keyword" parameter upon submission to the search.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-03-01
|
Forumwa search.php keyword Parameter XSS
|
|
14315
Description:
Forumwa contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "subject" and "body" fields upon submission of a message. This could allow a user to create a specially crafted message that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2005-03-01
|
Forumwa Message Post Multiple Field XSS
|
|
14309
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in show.inc.php in cuteNews 1.3.6 allows remote attackers to inject arbitrary HTML, web script, and PHP code via the (1) CLIENT-IP or (2) X-FORWARDED-FOR header in an HTTP POST request to show_news.php.
|
2005-03-01
|
CuteNews Multiple show_news.php Multiple HTTP Header XSS
|
|
14302
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters.
|
2005-03-01
|
427BB profile.php Avatar Parameter XSS
|
|
14313
Description:
PHPNews contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due 'auth.php' not properly sanitizing user input supplied to the 'path' parameter. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
2005-03-01
|
PHPNews auth.php path Parameter Remote File Inclusion
|
|
14305
Description:
A buffer overflow exists in RealPlayer. The application fails to validate the contents of .smil files resulting in a stack overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2005-03-01
|
RealPlayer .smil File Processing Overflow
|
|
14306
Description:
(Description Provided by CVE) : Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files.
|
2005-03-01
|
RealPlayer .wav File Processing Overflow
|
