[CLOSE] OSVDB ID : 58114 - Disclosed: 2009-08-12

Description:

Gazelle CMS contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'lookup' parameters upon submission to the 'search.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 58116 - Disclosed: 2009-08-12

Description:

Gazelle CMS contains a flaw that may allow a malicious user to reset user passwords. The issue is triggered when submitting a password reset to the renew.php script which does not validate the 'user' parameter. It is possible that the flaw may allow password resets resulting in a loss of integrity.

[CLOSE] OSVDB ID : 58117 - Disclosed: 2009-08-12

Description:

Gazelle CMS contains a flaw that allows a remote attacker to overwrite files outside of the web path. The issue is due to the admin/settemplate.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'customizetemplate' variable(s).

[CLOSE] OSVDB ID : 57002 - Disclosed: 2009-08-12

Description:

(Description Provided by CVE) : Format string vulnerability in the CNS_AddTxt function in logs.dll in 2K Games Vietcong 2 1.10 and earlier might allow remote attackers to execute arbitrary code via format string specifiers in the nickname.

[CLOSE] OSVDB ID : 57001 - Disclosed: 2009-08-12

Description:

(Description Provided by CVE) : Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to (1) functions/mailbox_display.php, (2) src/addrbook_search_html.php, (3) src/addressbook.php, (4) src/compose.php, (5) src/folders.php, (6) src/folders_create.php, (7) src/folders_delete.php, (8) src/folders_rename_do.php, (9) src/folders_rename_getname.php, (10) src/folders_subscribe.php, (11) src/move_messages.php, (12) src/options.php, (13) src/options_highlight.php, (14) src/options_identities.php, (15) src/options_order.php, (16) src/search.php, and (17) src/vcard.php.

[CLOSE] OSVDB ID : 57026 - Disclosed: 2009-08-12

Description:

Elicio contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'campaignpage.cfm' script not properly sanitizing user-supplied input to the 'c_campaignid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 57007 - Disclosed: 2009-08-12

Description:

Plume CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'manager/index.php' script not properly sanitizing user-supplied input to the 'm' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 57008 - Disclosed: 2009-08-12

Description:

Plume CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'manager/tools.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 57134 - Disclosed: 2009-08-12

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in HP Insight Control Suite For Linux (aka ICE-LX) before 2.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

[CLOSE] OSVDB ID : 57397 - Disclosed: 2009-08-12

Description:

Buildbot contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate unspecified variables upon submission to the status/web/waterfall.py script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 62293 - Disclosed: 2009-08-12

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 62400 - Disclosed: 2009-08-12

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 58203 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : OXID eShop 4.x before 4.1.4-21266, 3.x, and 2.x allows remote attackers to obtain sensitive information (session details and order history of other users) via a crafted cookie.

[CLOSE] OSVDB ID : 56911 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."

[CLOSE] OSVDB ID : 56912 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability."

[CLOSE] OSVDB ID : 56910 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability."

[CLOSE] OSVDB ID : 56908 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka "Malformed AVI Header Vulnerability."

[CLOSE] OSVDB ID : 56909 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability."

[CLOSE] OSVDB ID : 56905 - Disclosed: 2009-08-11

Description:

.NET Framework contains a flaw that may allow a remote denial of service. The issue is triggered by the way ASP.NET scheduling is managed , and will result in loss of availability for the IIS service.

[CLOSE] OSVDB ID : 56904 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telnet Credential Reflection Vulnerability," a related issue to CVE-2000-0834.

[CLOSE] OSVDB ID : 56902 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability."

[CLOSE] OSVDB ID : 56901 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MSMQ Null Pointer Vulnerability."

[CLOSE] OSVDB ID : 57030 - Disclosed: 2009-08-11

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 57031 - Disclosed: 2009-08-11

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 57032 - Disclosed: 2009-08-11

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 58099 - Disclosed: 2009-08-11

Description:

Fedora Puppet contains a flaw that may allow a malicious user to access restricted files. The issue is triggered when permissions are not set correctly for the /var/log/puppet directory occurs. It is possible that the flaw may allow access to restricted files resulting in a loss of confidentiality and integrity.

[CLOSE] OSVDB ID : 57025 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276 and CVE-2009-2711.

[CLOSE] OSVDB ID : 56899 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow Vulnerability."

[CLOSE] OSVDB ID : 56900 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability."

[CLOSE] OSVDB ID : 56985 - Disclosed: 2009-08-11

Description:

Libxml2 contains a flaw in the XML attribute handling that may allow a remote denial of service. The issue is due to multiple use-after-free errors when handling 'Notation' and 'Enumeration' attribute types. With a specially crafted XML file, a context-dependent attacker can cause the service to crash.

[CLOSE] OSVDB ID : 56916 - Disclosed: 2009-08-11

Description:

Office Web Components is prone to an overflow condition. The ActiveX control fails to properly sanitize user-supplied input via the HTMLURL parameter resulting in a buffer overflow. With a specially crafted website, a context-dependent attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 56914 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 does not properly allocate memory, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger "system state" corruption, aka "Office Web Components Memory Allocation Vulnerability."

[CLOSE] OSVDB ID : 56915 - Disclosed: 2009-08-11

Description:

A heap based buffer overflow exists in Microsoft Office Web Components. With a specially crafted web page, an attacker can cause code execution resulting in a loss of confidentiality and/or availability.

[CLOSE] OSVDB ID : 56986 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document.

[CLOSE] OSVDB ID : 56987 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.

[CLOSE] OSVDB ID : 56989 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Unspecified vulnerability in Apple Safari 4 before 4.0.3 allows remote web servers to place an arbitrary web site in the Top Sites view, and possibly conduct phishing attacks, via unknown vectors.

[CLOSE] OSVDB ID : 56988 - Disclosed: 2009-08-11

Description:

(Description Provided by CVE) : Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.

[CLOSE] OSVDB ID : 56997 - Disclosed: 2009-08-11

Description:

ViewVC contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'view' parameter upon submission to the 'viewvc.py' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 57000 - Disclosed: 2009-08-11

Description:

SAP NetWeaver Application Server UDDI Client contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'TModel Key' parameter upon submission to the '/uddiclient/process' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 57013 - Disclosed: 2009-08-11

Description:

IDoBlog Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'userid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.