| OSVDB ID | Disclosure Date | Title |
|
44648
Description:
(Description Provided by CVE) : The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends "early audio" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message.
|
2008-05-15
|
Asterisk IAX2 Channel Driver (chan_iax2) Spoofed NEW Message Remote DoS
|
|
45155
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-14
|
libvorbis OGG File Codebook Dimension Handling Overflow
|
|
45156
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-14
|
libvorbis OGG File Residue Partition Values Processing Overflow
|
|
45157
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-14
|
libvorbis OGG File quantvals / quantlist Processing Overflow
|
|
45074
Description:
Unknown / Incomplete
|
2008-05-14
|
Microsoft IE Print Table of Links Cross-Zone Scripting
|
|
45152
Description:
Unknown / Incomplete
|
2008-05-14
|
Django Login Form XSS
|
|
45161
Description:
CaLogic contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'userreg.php' script not properly sanitizing user-supplied input to the 'langsel' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.
|
2008-05-13
|
CaLogic userreg.php langsel Variable SQL Injection
|
|
45048
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-13
|
Microsoft Windows XP I2O Utility Filter Driver (i2omgmt.sys) Local Privilege Escalation
|
|
45159
Description:
Unknown / Incomplete
|
2008-05-13
|
EMO Realty Manager news.php ida Variable SQL Injection
|
|
45158
Description:
Unknown / Incomplete
|
2008-05-13
|
ZoGo-Shop Plugin for e107 products.php cat Variable SQL Injection
|
|
45050
Description:
Unknown / Incomplete
|
2008-05-13
|
WT Gallery (wt_gallery) Extension For TYPO3 Traversal Arbitrary File Disclosure
|
|
45051
Description:
Unknown / Incomplete
|
2008-05-13
|
WT Gallery (wt_gallery) Extension For TYPO3 Unspecified XSS
|
|
45154
Description:
Unknown / Incomplete
|
2008-05-13
|
UUDeview tempnam() Function Temporary File Symlink Arbitrary File Overwrite
|
|
45032
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-13
|
Microsoft Word Document Malformed CSS Handling Memory Corruption Arbitrary Code Execution
|
|
45031
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-13
|
Microsoft Office RTF File Handling Object Parsing Arbitrary Code Execution
|
|
45134
Description:
Unknown / Incomplete
|
2008-05-13
|
Statistics (ke_stats) Extension for TYPO3 Multiple Unspecified SQL Injections
|
|
45135
Description:
Unknown / Incomplete
|
2008-05-13
|
Statistics (ke_stats) Extension for TYPO3 Multiple Unspecified XSS
|
|
45133
Description:
Unknown / Incomplete
|
2008-05-13
|
Questionaire (pbsurvey) Extension for TYPO3 Unspecified XSS
|
|
45033
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-13
|
Microsoft Publisher Object Handler Header Data Validation Arbitrary Code Execution
|
|
45027
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-13
|
Microsoft Malware Protection Engine File Parsing Service DoS
|
|
45028
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-13
|
Microsoft Malware Protection Engine File Parsing Disk-space Exhaustion DoS
|
|
45029
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-13
|
OpenSSL on Debian/Ubuntu Linux Predictable Random Number Generator (RNG) Cryptographic Key Generation Weakness
|
|
45030
Description:
Unknown / Incomplete
|
2008-05-13
|
ActualAnalyzer view.php language Variable XSS
|
|
45045
Description:
Unknown / Incomplete
|
2008-05-13
|
Build A Niche Store (BANS) search Script q Variable XSS
|
|
45046
Description:
Unknown / Incomplete
|
2008-05-13
|
Event Database (rlmp_eventdb) Extension for TYPO3 Unspecified XSS
|
|
45143
Description:
Unknown / Incomplete
|
2008-05-13
|
Cisco Building Broadband Service Manager (BBSM) AccessCodeStart.asp msg Variable XSS
|
|
45145
Description:
Unknown / Incomplete
|
2008-05-13
|
Meto Forum admin/duzenle.asp id Variable SQL Injection
|
|
45146
Description:
Unknown / Incomplete
|
2008-05-13
|
Meto Forum admin_oku.asp id Variable SQL Injection
|
|
45147
Description:
Unknown / Incomplete
|
2008-05-13
|
Meto Forum kategori.asp kid Variable SQL Injection
|
|
45148
Description:
Unknown / Incomplete
|
2008-05-13
|
Meto Forum admin_kategori.asp kid Variable SQL Injection
|
|
45149
Description:
Unknown / Incomplete
|
2008-05-13
|
EQdkp eqdkp_data Cookie SQL Injection
|
|
45150
Description:
Unknown / Incomplete
|
2008-05-13
|
The Real Estate Script dpage.php docID Variable SQL Injection
|
|
45151
Description:
Unknown / Incomplete
|
2008-05-13
|
Automated Link Exchange Portal linking.page.php cat_id Variable SQL Injection
|
|
45162
Description:
Unknown / Incomplete
|
2008-05-13
|
WebGroupCommunicationCenter (WGCC) picturegallery.php bildid Variable SQL Injection
|
|
45163
Description:
Unknown / Incomplete
|
2008-05-13
|
WebGroupCommunicationCenter (WGCC) filebase.php id Variable SQL Injection
|
|
45164
Description:
Unknown / Incomplete
|
2008-05-13
|
WebGroupCommunicationCenter (WGCC) schedule.php id Variable SQL Injection
|
|
45165
Description:
Unknown / Incomplete
|
2008-05-13
|
WebGroupCommunicationCenter (WGCC) profile.php id Variable SQL Injection
|
|
45166
Description:
Unknown / Incomplete
|
2008-05-13
|
WebGroupCommunicationCenter (WGCC) profile.php userid Variable XSS
|
|
45167
Description:
Unknown / Incomplete
|
2008-05-13
|
WebGroupCommunicationCenter (WGCC) message.php Multiple Variable SQL Injection
|
|
45049
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2008-05-12
|
HP-UX ftp Server Unspecified Remote DoS
|