| OSVDB ID | Disclosure Date | Title |
|---|
|
62469
Description:
(Description Provided by CVE) : Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits.
|
2010-02-04
|
RealNetworks Multiple Products xcommon/util/hxurl.cpp Unescape Function Overflow
|
|
62470
Description:
(Description Provided by CVE) : Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClientSink.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a URL argument containing a % (percent) character that is not followed by two hex digits.
|
2010-02-04
|
RealNetworks Multiple Products player/hxclientkit/src/CHXClientSink.cpp Unescape Function Overflow
|
|
62471
Description:
(Description Provided by CVE) : Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap memory corruption.
|
2010-02-04
|
RealNetworks Multiple Products common/util/rlstate.cpp RuleBook Structure Overflow
|
|
63207
Description:
OpUtils contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'Login.do' script not properly sanitizing user-supplied input to the 'isHttpPort' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-02-04
|
OpUtils Login.do isHttpPort Parameter SQL Injection
|
|
64901
Description:
Unknown / Incomplete
|
2010-02-04
|
Wippien Key Exchange Derivation Weakness Session Key Remote Disclosure
|
|
64486
Description:
evalsmsi stores user passwords in plain-text in the database.
|
2010-02-04
|
evalsmsi Plaintext Password Storage Weakness
|
|
64897
Description:
In the default configuration, IMail grants "Full Control" access to "Internet Guest Account" to the "HKEY_LOCAL_MACHINE\SOFTWARE\Ipswitch\IMail\Domains\[domain name]\Users" registry keys which contains the user names and passwords. The passwords can be converted to plain text (see OSVDB-64898)
|
2010-02-04
|
Ipswitch IMail Registry Ownership Weakness
|
|
64487
Description:
evalsmsi does not authenticate requests made via the ajax.php script. It may allow an attacker to extract or modify data in the application.
|
2010-02-04
|
evalsmsi ajax.php Authentication Bypass
|
|
64489
Description:
evalsmsi contains a flaw that allows a remote persistent cross site scripting (XSS) attack. This flaw exists because the application does not validate the comment parameter upon submission to the report script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-04
|
evalsmsi Report Comment Field XSS
|
|
64495
Description:
Huski Retail contains multiple flaws that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the categoryID and productID parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-02-04
|
Huski Retail Multiple Parameter SQL Injection
|
|
64492
Description:
Huski CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the size.php script not properly sanitizing user-supplied input to the "i" parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.
|
2010-02-04
|
HuskiCMS size.php i Parameter Local File Inclusion
|
|
64898
Description:
The account passwords are stored in "HKEY_LOCAL_MACHINE\SOFTWARE\Ipswitch\IMail\Domains\[domain name]\Users" and can be reverted to plain-text.
|
2010-02-04
|
Ipswitch IMail IMailsec.dll Password Decryption Algorithm Weakness
|
|
64902
Description:
Unknown / Incomplete
|
2010-02-04
|
Wippien Key Generation Entropy Weakness
|
|
62184
Description:
Oracle Database contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered by a flaw in the DBMS_JVM_EXP_PERMS package, allowing a user with 'create session' privileges to gain Java IO privileges.
|
2010-02-03
|
Oracle Database DBMS_JVM_EXP_PERMS Package IMPORT_JVM_PERMS Function Privilege Escalation
|
|
62185
Description:
Unknown / Incomplete
|
2010-02-03
|
Oracle Database DBMS_JAVA.SET_OUTPUT_TO_JAVA Procedure Argument Handling Privilege Escalation
|
|
65013
Description:
(Description Provided by CVE) : The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter.
|
2010-02-03
|
Microsoft .NET ASP.NET EnableViewStateMac Property Default Configuration XSS
|
|
62099
Description:
WebCalendar 1.2b0 contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions such as deleting an event, banning an IP address from posting, or changing the administrative password. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
|
2010-02-03
|
WebCalendar Event Deletion CSRF
|
|
62136
Description:
LANDesk Management Gateway contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions such us inject and execute arbitrary shell commands. By using a crafted URL (e.g., a crafted GET request inside an 'img' tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
|
2010-02-03
|
LANDesk Management Gateway Arbitrary Shell Command Execution CSRF
|
|
62095
Description:
WebCalendar 1.2b0 contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the "tab" parameter upon submission to the users.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
WebCalendar users.php tab Parameter XSS
|
|
62100
Description:
Hipergate contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'title' or 'desc' parameters upon submission to the 'common/errmsg.jsp' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
Hipergate common/errmsg.jsp Multiple Parameter XSS
|
|
62089
Description:
(Description Provided by CVE) : Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number.
|
2010-02-03
|
Asterisk T.38 SDP Packet FaxMaxDatagram Field Remote DoS
|
|
62094
Description:
Kubelance contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions such as create an arbitrary user with administrative privileges. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
|
2010-02-03
|
Kubelance Admin User Creation CSRF
|
|
62088
Description:
Eicra Car Rental-Script contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'users' and 'passwords' parameters (when 'plugin_id' is set to '4'). This may allow an attacker to bypass authentication.
|
2010-02-03
|
Eicra Car Rental-Script index.php Multiple Parameter SQL Injection Authentication Bypass
|
|
62096
Description:
WebCalendar 1.2b0 contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because input appended to the URL after day.php is not properly sanitised before being returned to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
WebCalendar day.php URI XSS
|
|
62097
Description:
WebCalendar 1.2b0 contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because input appended to the URL after month.php is not properly sanitised before being returned to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
WebCalendar month.php URI XSS
|
|
62098
Description:
WebCalendar 1.2b0 contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because input appended to the URL after week.php is not properly sanitised before being returned to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
WebCalendar week.php URI XSS
|
|
62101
Description:
Hipergate contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'title' or 'desc' parameters upon submission to the 'common/pwd_errmsg.jsp' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
Hipergate common/pwd_errmsg.jsp Multiple Parameter XSS
|
|
62102
Description:
Unknown / Incomplete
|
2010-02-03
|
Hipergate admin/sql.htm Access Restriction Weakness Arbitrary SQL Command Execution
|
|
62103
Description:
Hipergate contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'nm_campaign' parameter when submitting a new campaign. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
Hipergate New Campaign Addition nm_campaign Parameter XSS
|
|
62147
Description:
(Description Provided by CVE) : PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command.
|
2010-02-03
|
trac-git PyGIT.py HTTP Request Arbitrary Shell Command Injection
|
|
62113
Description:
Unknown / Incomplete
|
2010-02-03
|
Novell NetStorage xsrvd Process Wide Character Conversion Remote Overflow
|
|
62115
Description:
Unknown / Incomplete
|
2010-02-03
|
Signwriter Module for Drupal preg_replace() Function Arbitrary PHP Code Execution
|
|
62116
Description:
ODF Import Module for Drupal contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate an unspecified parameter upon submission to an unspecified script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
ODF Import Module for Drupal Unspecified XSS
|
|
62117
Description:
Menu Breadcrumb contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate unspecified input upon submission to an unspecified script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
Menu Breadcrumb Module for Drupal Unspecified XSS
|
|
62118
Description:
(Description Provided by CVE) : IBM Cognos Express 9.0 allows attackers to obtain unspecified access to the Tomcat Manager component, and cause a denial of service, by leveraging hardcoded credentials.
|
2010-02-03
|
IBM Cognos Express Tomcat Manager Hardcoded Credentials
|
|
62156
Description:
(Description Provided by CVE) : Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.
|
2010-02-03
|
Microsoft IE Dynamic OBJECT Tag Cross-domain Arbitrary File Access
|
|
62132
Description:
Unknown / Incomplete
|
2010-02-03
|
Node Export Module for Drupal Import Function Arbitrary PHP Code Execution
|
|
62137
Description:
LANDesk Management Gateway contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate an unspecified parameter upon submission to an unspecified script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-02-03
|
LANDesk Management Gateway Unspecified XSS
|
|
62157
Description:
(Description Provided by CVE) : Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product's use of text/html as the default content type for files that are encountered after a redirection, aka the URLMON sniffing vulnerability, a variant of CVE-2009-1140 and related to CVE-2008-1448.
|
2010-02-03
|
Microsoft IE text/html Content Type URLMON Sniffing Arbitrary File Access
|
|
62280
Description:
Unknown / Incomplete
|
2010-02-03
|
Interspire Knowledge Manager admin/de/dialog/media_manager.php roots["dRoot"] Parameter Direct Request Path Disclosure
|
