[CLOSE] OSVDB ID : 69537 - Disclosed: 2010-11-30

Description:

Enano CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'email' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69539 - Disclosed: 2010-11-30

Description:

DynPG CMS contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'index.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'CHG_DYNPG_SET_LANGUAGE' parameter. This directory traversal attack would allow the attacker to access arbitrary files.

[CLOSE] OSVDB ID : 69534 - Disclosed: 2010-11-30

Description:

Winamp is prone to an overflow condition. An integer overflow error in 'in_nsv.dll' when parsing the NSV Table of Contents data can result in a heap-based buffer overflow. With a specially crafted stream or file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 69535 - Disclosed: 2010-11-30

Description:

Winamp is prone to an overflow condition. The in_midi plugin functionality fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 69607 - Disclosed: 2010-11-30

Description:

MIT Kerberos 5 (krb5) contains a flaw related to the Key Distrubiton Center (KDC). The KDC does not properly restrict the use of TGT credentials for armoring TGS requests. The issue is triggered when a remote, authenticated attacker rewrites an inner request (or 'KrbFastReq Forgery Issue']. This may allow the attacker to impersonate a client.

[CLOSE] OSVDB ID : 69610 - Disclosed: 2010-11-30

Description:

MIT Kerberos 5 (krb5) contains a flaw related to the acceptability of checksums. This may allow a remote attacker to modify user-visible prompt text, modify a reponse to a KDC, or forge a KRB-SAFE message via unkeyed checksums or the use of RC4 keys.

[CLOSE] OSVDB ID : 89049 - Disclosed: 2010-11-30

Description:

Foswiki contains a flaw that may lead to unauthorized disclosure of potentially sensitive information. The issue is triggered when searching private group topics. The program fails to properly check ACLs, which may allow an unprivileged remote attacker to gain access to group topic information.

[CLOSE] OSVDB ID : 71571 - Disclosed: 2010-11-30

Description:

Some versions of an unspecified package hosted on the savannah.gnu.org FTP site were found to contain a backdoor. The Trojaned code presumably allows a knowledgeable attacker to gain some form of privileged access. Using this backdoor, an attacker could gain elevated privileges to the remote host.

[CLOSE] OSVDB ID : 69532 - Disclosed: 2010-11-30

Description:

Kerio Control contains a flaw related to the Web Filter component. This is caused by an unspecified error and has an unknown impact. No further details have been provided.

[CLOSE] OSVDB ID : 69611 - Disclosed: 2010-11-30

Description:

ClamAV contains a flaw that may allow a remote denial of service. The issue is triggered when handling PDF files, and can be exploited to result in loss of availability.

[CLOSE] OSVDB ID : 69608 - Disclosed: 2010-11-30

Description:

MIT Kerberos 5 (krb5) does not properly reject RC4 key-derivation checksums. The issue is triggered when a remote, authenticated attacker forges an 'AD-SIGNEDPATH' or 'AD-KDC-ISSUED' signature through vulnerabilities in certain certain one-byte stream-cipher operations. This may allow an attacker to gain elevated privileges.

[CLOSE] OSVDB ID : 69609 - Disclosed: 2010-11-30

Description:

[MIT Kerberos 5 (krb5)contains a flaw related to the acceptability of checksums. This may allow a remote attacker to forge GSS tokens via an unkeyed checksum, gain privileges via an unkeyed PAC checksum (the attacker must be authenticated in this case), or have other unspecified impact via a KrbFastArmoredReq checksum based on an RC4 key.

[CLOSE] OSVDB ID : 69612 - Disclosed: 2010-11-30

Description:

A memory corruption flaw exists in ClamAV. The 'icon_cb()' function contains an off-by-one error, which can be exploited to result in memory corruption. This may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 69631 - Disclosed: 2010-11-30

Description:

DynPG CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'in _rights.php' script not properly sanitizing user-supplied input to the 'giveRights_UserId' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69632 - Disclosed: 2010-11-30

Description:

DynPG CMS contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered due to 'languages.inc.php' allowing remote attackers to obtain sensitive information via a direct request, disclosing the installation path in an error message to a remote attacker.

[CLOSE] OSVDB ID : 69652 - Disclosed: 2010-11-30

Description:

FontForge is prone to an overflow condition. The program fails to parse overly long 'CHARSET_REGISTRY' lines properly, resulting in a stack-based buffer overflow. With a specially crafted BDF font file, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 69656 - Disclosed: 2010-11-30

Description:

ClamAV contains a flaw that may allow a remote denial of service. The issue is triggered when handling PDF files, and can be exploited to result in loss of availability.

[CLOSE] OSVDB ID : 70658 - Disclosed: 2010-11-30

Description:

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'pipe_fcntl' function in 'fs/pipe.c' fails to determine whether a file is a named pipe, allowing a local attacker to use a F_SETPIPE_SZ fcntl call to cause a denial of service.

[CLOSE] OSVDB ID : 71533 - Disclosed: 2010-11-30

Description:

WebKit contains a use-after-free error that is triggered when handling CSS stylesheets lacking wrappers in detached subtrees. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71501 - Disclosed: 2010-11-30

Description:

WebKit contains a use-after-free error that is triggered when the title of an AccessibilityImageMapLink is requested, but the map's area element is removed. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71572 - Disclosed: 2010-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 74994 - Disclosed: 2010-11-30

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 73144 - Disclosed: 2010-11-30

Description:

(Description Provided by CVE) : index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message.

[CLOSE] OSVDB ID : 69569 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'pcd' parameter upon submission to the edit_bug.aspx script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 69576 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'bug_id' parameter upon submission to the edit_comment.aspx script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 69575 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'default_name' parameter upon submission to the edit_customfield.aspx script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 69574 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'id' parameter upon submission to the edit_user_permissions2.aspx script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 69573 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the bugs.aspx script not properly sanitizing user-supplied input to the 'qu_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69572 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the delete_query.aspx script not properly sanitizing user-supplied input to the 'row_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69571 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the edit_bug.aspx script not properly sanitizing user-supplied input to the 'us_id' and 'new_project' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69570 - Disclosed: 2010-11-29

Description:

BugTracker.NET contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the massedit.aspx script not properly sanitizing user-supplied input to the 'bug_list' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69786 - Disclosed: 2010-11-29

Description:

BizDir contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'f_srch' parameter upon submission to the bizdir.cgi script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 69503 - Disclosed: 2010-11-29

Description:

McAfee VirusScan Enterprise is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a Word Document with an embedded ActiveX control from a remote WebDAV or SMB share in Microsoft Office 2003.

[CLOSE] OSVDB ID : 69613 - Disclosed: 2010-11-29

Description:

Xen contains a flaw that may allow a local denial of service. The issue is triggered when insufficient restriction checks within the 'fixup_page_fault()' function in 'xen/arch/x86/traps.c' are exploited from a guest system to trigger a 'BUG_ON()', which will result in loss of availability.

[CLOSE] OSVDB ID : 69582 - Disclosed: 2010-11-29

Description:

Multiple Cisco products contain a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the remote-access IPSec VPN implementation responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device, allowing a remote attacker to enumerate valid group names via IKE negotiation attempts.

[CLOSE] OSVDB ID : 69505 - Disclosed: 2010-11-29

Description:

Big Truck Broker contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'news_default.asp' script not properly sanitizing user-supplied input to the 'txtSiteId' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69504 - Disclosed: 2010-11-29

Description:

SiteEngine contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'comments.php' script not properly sanitizing user-supplied input to the 'module' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 69506 - Disclosed: 2010-11-29

Description:

MemHT Portal contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'User-Agent' HTTP header upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 69533 - Disclosed: 2010-11-29

Description:

GNU Gnash contains a flaw related to the configure script functionality. The issue is triggered when a local attacker uses symlink attacks to overwrite arbitrary files with privileges of the user running the script.

[CLOSE] OSVDB ID : 69580 - Disclosed: 2010-11-29

Description:

RV Dealer Website contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'search.asp' script not properly sanitizing user-supplied input to the 'selStock' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.