[CLOSE] OSVDB ID : 27559 - Disclosed: 2006-07-25

Description:

A code execution flaw exists in multiple Mozilla browsers. Firefox and SeaMonkey fail to validate values assigned to window.navigator objects. With a specially crafted website, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 27561 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object.

[CLOSE] OSVDB ID : 27562 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.

[CLOSE] OSVDB ID : 27563 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.

[CLOSE] OSVDB ID : 27564 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.

[CLOSE] OSVDB ID : 27565 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.

[CLOSE] OSVDB ID : 27566 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.

[CLOSE] OSVDB ID : 27567 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.

[CLOSE] OSVDB ID : 27568 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.

[CLOSE] OSVDB ID : 27569 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.

[CLOSE] OSVDB ID : 27570 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

[CLOSE] OSVDB ID : 27571 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

[CLOSE] OSVDB ID : 27572 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

[CLOSE] OSVDB ID : 27573 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

[CLOSE] OSVDB ID : 27574 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

[CLOSE] OSVDB ID : 27575 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

[CLOSE] OSVDB ID : 27576 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

[CLOSE] OSVDB ID : 27577 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

[CLOSE] OSVDB ID : 27373 - Disclosed: 2006-07-25

Description:

Microsoft Internet Explorer (MSIE) contains a flaw that may allow a local denial of service. The issue is triggered when attempting to iterate a native function causing a NULL dereference, and will result in loss of availability for the browser.

[CLOSE] OSVDB ID : 27515 - Disclosed: 2006-07-25

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter.

[CLOSE] OSVDB ID : 27485 - Disclosed: 2006-07-25

Description:

Etomite CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'manager/index.php' script not properly sanitizing user-supplied input to the 'username' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 29031 - Disclosed: 2006-07-25

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 27374 - Disclosed: 2006-07-25

Description:

Opera contains a flaw that may allow a remote denial of service. The issue is triggered when a background property is set to an overly long URL, and will result in loss of availability for the application.

[CLOSE] OSVDB ID : 84075 - Disclosed: 2006-07-25

Description:

PHP contains a flaw that may allow a denial of service. The issue is triggered when an error occurs in the imagecreatefromgd2part() function during the handling of an object with a negative width. This will result in loss of availability for the program.

[CLOSE] OSVDB ID : 27480 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForum II and earlier allows remote attackers to inject arbitrary web script or HTML via the startrow parameter.

[CLOSE] OSVDB ID : 29865 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Format string vulnerability in the flush_output function in ConsoleStreambuf.cpp in Game Network Engine (GNE) 0.70 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console.

[CLOSE] OSVDB ID : 27497 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk.

[CLOSE] OSVDB ID : 29408 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter.

[CLOSE] OSVDB ID : 27459 - Disclosed: 2006-07-24

Description:

Simpleshout has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the sboard.php script not properly sanitizing user input supplied to the 'config' variable. However, subsequent evaluation by CVE staff has determined that the variable keeps a static value and presents no opportunity for an attacker to manipulate the input.

[CLOSE] OSVDB ID : 31036 - Disclosed: 2006-07-24

Description:

MusicBox contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'type' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 58752 - Disclosed: 2006-07-24

Description:

MusicBox contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the cart.php script not properly sanitizing user-supplied input to the 'message1' and 'message' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 27549 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.

[CLOSE] OSVDB ID : 27496 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Siemens SpeedStream 2624 allows remote attackers to cause a denial of service (device hang) by sending a crafted packet to the web administrative interface.

[CLOSE] OSVDB ID : 27523 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : TippingPoint IPS running the TippingPoint Operating System (TOS) before 2.2.4.6519 allows remote attackers to "force the device into layer 2 fallback (L2FB)", causing a denial of service (page fault), via a malformed packet.

[CLOSE] OSVDB ID : 27585 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264.

[CLOSE] OSVDB ID : 27514 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands.

[CLOSE] OSVDB ID : 28083 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Unspecified vulnerability in Prince Clan (Princeclan) Chess component (com_pcchess) 0.8 and earlier for Mambo and Joomla! has unspecified impact and attack vectors.

[CLOSE] OSVDB ID : 44226 - Disclosed: 2006-07-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 29057 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter in a request for the top-level URI. NOTE: the id parameter in index.php, and the type and show parameters in a top action, are already covered by CVE-2006-1349; and the term parameter in a search action is already covered by CVE-2006-1806.

[CLOSE] OSVDB ID : 29058 - Disclosed: 2006-07-24

Description:

(Description Provided by CVE) : Shalwan MusicBox 2.3.4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.