[CLOSE] OSVDB ID : 34397 - Disclosed: 2007-05-08

Description:

A remote memory corruption flaw exists in CAPICOM. It fails to validate unspecified input resulting in memory corruption. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 36225 - Disclosed: 2007-05-08

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 36251 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.

[CLOSE] OSVDB ID : 35926 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.

[CLOSE] OSVDB ID : 36061 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

[CLOSE] OSVDB ID : 35880 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.

[CLOSE] OSVDB ID : 35881 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.

[CLOSE] OSVDB ID : 35882 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.

[CLOSE] OSVDB ID : 35883 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.

[CLOSE] OSVDB ID : 35884 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.

[CLOSE] OSVDB ID : 35885 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.

[CLOSE] OSVDB ID : 35886 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php, (2) ltdialogo.php, (3) login.php, and (4) logingecon.php in inc/; and multiple unspecified files in frm/, sql/, and cns/.

[CLOSE] OSVDB ID : 34340 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the ConnectAsyncEx function in VNC Viewer ActiveX control (scvncctrl.dll) in the SmartCode VNC Manager 3.6 allows remote attackers to execute arbitrary code via a long argument.

[CLOSE] OSVDB ID : 35822 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in index.pl in Open Ticket Request System (OTRS) 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action. NOTE: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, but the proper identifier for the ipsec-tools issue is CVE-2007-1841.

[CLOSE] OSVDB ID : 40975 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow."

[CLOSE] OSVDB ID : 35874 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.

[CLOSE] OSVDB ID : 35873 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.

[CLOSE] OSVDB ID : 34765 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.

[CLOSE] OSVDB ID : 34766 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.

[CLOSE] OSVDB ID : 35789 - Disclosed: 2007-05-08

Description:

A buffer overflow exists in ServerProtect. EarthAgent.exe fails to validate data received on TCP port 3628 resulting in a stack overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 35790 - Disclosed: 2007-05-08

Description:

A buffer overflow exists in ServerProtect. SpntSvc.exe fails to validate data passed to the CAgRpcClient::CreateBinding() function resulting in a stack overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 35791 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll.

[CLOSE] OSVDB ID : 35792 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll.

[CLOSE] OSVDB ID : 35793 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC requests. NOTE: this is probably a different vulnerability than CVE-2007-2508.

[CLOSE] OSVDB ID : 37789 - Disclosed: 2007-05-08

Description:

Miplex2 contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'lib/smarty/SmartyFU.class.php' script not properly sanitizing user input supplied to the 'system[smarty][dir]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 37790 - Disclosed: 2007-05-08

Description:

LaVague contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'views/print/printbar.php' script not properly sanitizing user input supplied to the 'views_path' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 37796 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Crie seu PHPLojaFacil 0.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the path_local parameter to (1) ftp.php, (2) libs/db.php, and (3) libs/ftp.php.

[CLOSE] OSVDB ID : 37797 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Crie seu PHPLojaFacil 0.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the path_local parameter to (1) ftp.php, (2) libs/db.php, and (3) libs/ftp.php.

[CLOSE] OSVDB ID : 37798 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in Crie seu PHPLojaFacil 0.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the path_local parameter to (1) ftp.php, (2) libs/db.php, and (3) libs/ftp.php.

[CLOSE] OSVDB ID : 38248 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38249 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38250 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38251 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38252 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38253 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38254 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38255 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 38256 - Disclosed: 2007-05-08

Description:

(Description Provided by CVE) : Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

[CLOSE] OSVDB ID : 42108 - Disclosed: 2007-05-07

Description:

The PEAR Installer contains a flaw that allows an attacker to traverse outside of a restricted path. The issue is due to the package.xml file not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via multiple attributes. This directory traversal attack would allow a remote attacker to overwrite arbitrary files.

[CLOSE] OSVDB ID : 36181 - Disclosed: 2007-05-07

Description:

(Description Provided by CVE) : Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rubrik parameter.