[CLOSE] OSVDB ID : 52950 - Disclosed: 2008-04-03

Description:

Xitami Web Server contains a flaw that may allow a malicious user to gain arbitrary code execution or DoS conditions. The issue is triggered when a specially crafted request is sent to the LRWP extension service. It is possible that the flaw may result in a loss of integrity.

[CLOSE] OSVDB ID : 52951 - Disclosed: 2008-04-03

Description:

Xitami Web Server contains a flaw that may allow a malicious user to gain arbitrary code execution or DoS conditions. The issue is triggered when a specially crafted URL is supplied to the server as with a '.ssi' extension. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 44033 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 44034 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share.

[CLOSE] OSVDB ID : 44037 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service (freeze) via a crafted URL.

[CLOSE] OSVDB ID : 44032 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.

[CLOSE] OSVDB ID : 44030 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.

[CLOSE] OSVDB ID : 44031 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted scaled image pattern in an HTML CANVAS element, which triggers memory corruption.

[CLOSE] OSVDB ID : 44039 - Disclosed: 2008-04-03

Description:

A buffer overflow exists in CaliberRM. STMultiCastService fails to validate data handled by the PGMWebHandler::parse_request function resulting in a stack overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 44040 - Disclosed: 2008-04-03

Description:

Multiple buffer overflows exist in multiple CA products. The Alert Notification Server fails to validate data passed to multiple unspecified parameters, in addition to known RPC requests, resulting in a stack overflow. With a specially crafted request, a remote authenticated attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 83528 - Disclosed: 2008-04-03

Description:

Bookmark4U contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the lostpassword.php script not properly sanitizing user input supplied to the 'env[include_prefix]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 83531 - Disclosed: 2008-04-03

Description:

RWCards for Joomla! (com_rwcards) contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the rwcards.advancedate.php script not properly sanitizing user input supplied to the 'mosConfig_absolute_path' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 90794 - Disclosed: 2008-04-03

Description:

TotalCalendar contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the validcode.php script not properly sanitizing user input supplied to the 'inc_dir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 90795 - Disclosed: 2008-04-03

Description:

Claroline contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the tracking/userLog.php script not properly sanitizing user input supplied to the 'rootSys' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 44366 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors.

[CLOSE] OSVDB ID : 43986 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-1859.

[CLOSE] OSVDB ID : 43985 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the Webform Drupal module 5.x before 5.x-1.10, 5.x-2.x before 5.x-2.0-beta3, and 6.x before 6.x-1.0-beta3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

[CLOSE] OSVDB ID : 43984 - Disclosed: 2008-04-03

Description:

Simple Gallery contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "album" variable upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 44000 - Disclosed: 2008-04-03

Description:

Smart Classified ADS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "AdNum" and "Department" variables upon submission to the view.cgi script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 44001 - Disclosed: 2008-04-03

Description:

Smart Photo ADS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "AdNum" and "Department" variables upon submission to the view.cgi script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 45015 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : HP USB 2.0 Floppy Drive Key product options (1) 442084-B21 and (2) 442085-B21 for certain HP ProLiant servers contain the (a) W32.Fakerecy and (b) W32.SillyFDC worms, which might be launched if the server does not have up-to-date detection.

[CLOSE] OSVDB ID : 44320 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."

[CLOSE] OSVDB ID : 44336 - Disclosed: 2008-04-03

Description:

ConcoursPhoto Module for KwsPHP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'C_ID' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 44357 - Disclosed: 2008-04-03

Description:

JeuxFlash Module for KwsPHP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'cat' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 52083 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 52084 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 52085 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 52086 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 52087 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 52088 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 52089 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 52118 - Disclosed: 2008-04-03

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the galerie module for KwsPHP 1.3.456 allows remote attackers to execute arbitrary SQL commands via the id_gal parameter in a gal action.

[CLOSE] OSVDB ID : 90796 - Disclosed: 2008-04-03

Description:

Contenido CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the /frontend/news.php script not properly sanitizing user input supplied to the 'cfg[path][includes]' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 44038 - Disclosed: 2008-04-02

Description:

(Description Provided by CVE) : inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.

[CLOSE] OSVDB ID : 43997 - Disclosed: 2008-04-02

Description:

(Description Provided by CVE) : The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables.

[CLOSE] OSVDB ID : 44394 - Disclosed: 2008-04-02

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd.

[CLOSE] OSVDB ID : 44160 - Disclosed: 2008-04-02

Description:

(Description Provided by CVE) : Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.

[CLOSE] OSVDB ID : 44035 - Disclosed: 2008-04-02

Description:

(Description Provided by CVE) : dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777.

[CLOSE] OSVDB ID : 44591 - Disclosed: 2008-04-02

Description:

(Description Provided by CVE) : Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 43992 - Disclosed: 2008-04-02

Description:

(Description Provided by CVE) : Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.