| OSVDB ID | Disclosure Date | Title |
|---|
|
65639
Description:
Batch Audio Converter is prone to an overflow condition. The batchaudio.exe fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted .wav file, a remote attacker can potentially take over the whole system with the user/administrator privilege (depends on who executes the crafted files).
|
2010-06-17
|
Batch Audio Converter WAV File Handling Overflow
|
|
65571
Description:
(Description Provided by CVE) : Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request.
|
2010-06-17
|
File Sharing Wizard HEAD Request Overflow
|
|
65625
Description:
(Description Provided by CVE) : Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
|
2010-06-17
|
Novell NetWare CIFS.NLM Session Setup AndX Packet AccountName Value Overflow
|
|
65628
Description:
2daybiz Network Community Script contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'alb' parameter upon submission to the 'view_photo.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-06-17
|
2daybiz Network Community Script view_photo.php alb Parameter XSS
|
|
65634
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username.
|
2010-06-17
|
Moodle MNET Access Control Interface XSS
|
|
65635
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
|
2010-06-17
|
Moodle blog/index.php Unspecified Parameter XSS
|
|
65636
Description:
(Description Provided by CVE) : The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.
|
2010-06-17
|
Moodle lib/weblib.php Unspecified Parameter XSS
|
|
65637
Description:
(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter.
|
2010-06-17
|
Moodle report/overview/report.php attemptid Parameter Quiz Report Deletion CSRF
|
|
68303
Description:
(Description Provided by CVE) : The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
|
2010-06-17
|
Linux Kernel XFS Inode Allocation Btree Stale NFS Filehandle Unlinked File Access
|
|
65609
Description:
Travel Website Script / Easy Travel Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'tour_packages.asp' script not properly sanitizing user-supplied input to the 'country' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-06-17
|
Travel Website Script / Easy Travel Portal tour_packages.asp country Parameter SQL Injection
|
|
65611
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the FileField module 5.x before 5.x-2.5 and 6.x before 6.x-3.4 for Drupal allows remote authenticated users, with create or edit permissions and 'Path to File' or 'URL to File' display enabled, to inject arbitrary web script or HTML via the file name (filepath parameter).
|
2010-06-17
|
FileField Module for Drupal filepath Parameter XSS
|
|
65620
Description:
(Description Provided by CVE) : Multiple cross-site request forgery (CSRF) vulnerabilities in the Views UI implementation in the Views module 5.x before 5.x-1.8 and 6.x before 6.x-2.11 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable all Views or (2) disable all Views.
|
2010-06-17
|
Views Module for Drupal Views UI Module CSRF
|
|
65621
Description:
(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in the Views module 6.x before 6.x-2.11 for Drupal allow remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator feed title.
|
2010-06-17
|
Views Module for Drupal URL / Aggregator Feed Title XSS
|
|
65622
Description:
(Description Provided by CVE) : Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
|
2010-06-17
|
Titan FTP Server COMB Command Traversal Arbitrary File Overwrite
|
|
65627
Description:
2daybiz Network Community Script contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'id' parameter upon submission to the 'scrapbook.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-06-17
|
2daybiz Network Community Script scrapbook.php id Parameter XSS
|
|
65630
Description:
(Description Provided by CVE) : The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.
|
2010-06-17
|
pmount policy.c make_lockdir_name Function Temporary File Symlink Arbitrary File Overwrite
|
|
65638
Description:
Unknown / Incomplete
|
2010-06-17
|
Call of Juarez: Bound in Blood UDP Packet Handling DoS
|
|
65732
Description:
Unknown / Incomplete
|
2010-06-17
|
Atlassian JIRA Bamboo Plugin Multiple Interface XSS
|
|
65692
Description:
(Description Provided by CVE) : The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
|
2010-06-17
|
CUPS texttops.c _WriteProlog Function Memory Corruption
|
|
65727
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser 1.0.0 and 1.0.5 alpha, a module for the Sleipnir web browser, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the Gecko engine.
|
2010-06-17
|
ActiveGeckoBrowser Gecko Engine Multiple Unspecified Remote DoS
|
|
65755
Description:
(Description Provided by CVE) : Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
|
2010-06-17
|
PHP SplObjectStorage Unserializer Use-after-free Arbitrary Code Execution
|
|
65733
Description:
Unknown / Incomplete
|
2010-06-17
|
Atlassian JIRA Bamboo Plugin Multiple Unspecified CSRF
|
|
65957
Description:
Unknown / Incomplete
|
2010-06-17
|
CMS RedAks /search/ Controller Multiple Parameter XSS
|
|
67628
Description:
Unknown / Incomplete
|
2010-06-17
|
Firebook Admin Interface URLproxy Parameter XSS
|
|
66646
Description:
(Description Provided by CVE) : bozotic HTTP server (aka bozohttpd) before 20100621 allows remote attackers to list the contents of home directories, and determine the existence of user accounts, via multiple requests for URIs beginning with /~ sequences.
|
2010-06-17
|
bozohttp public_html Folder Request Username Enumeration Information Disclosure
|
|
67629
Description:
Unknown / Incomplete
|
2010-06-17
|
Firebook /guestbook/index.html answer Parameter XSS
|
|
67630
Description:
Unknown / Incomplete
|
2010-06-17
|
Firebook Admin Interface param Parameter Traversal Arbitrary File Access
|
|
67631
Description:
Unknown / Incomplete
|
2010-06-17
|
Firebook Admin Interface param Parameter Path Disclosure
|
|
67632
Description:
Unknown / Incomplete
|
2010-06-17
|
Firebook /guestbook/index.html answer Parameter Path Disclosure
|
|
65554
Description:
TeamSpeak Server <= 3.0.0-beta23 contains a flaw that may allow an attacker to arbitrarily execute administrative commands over UDP port 9987 without authenticating. This could allow for modification of server configuration, removal of clients, and other administrative functions.
|
2010-06-16
|
TeamSpeak Server Arbitrary Administrative Command Execution
|
|
65553
Description:
Unknown / Incomplete
|
2010-06-16
|
TeamSpeak Server Failed Assertion DoS
|
|
65551
Description:
Unknown / Incomplete
|
2010-06-16
|
TeamSpeak Server Crafted Command NULL Dereference Remote DoS
|
|
67294
Description:
Apache CXF contains a flaw that may allow a remote denial of service. The issue is triggered when handling XML SOAP messages that contain nested Document Type Declarations. With a specially crafted Document Type Declaration, a remote attacker can cause a consumption of CPU or memory resources and crash the system.
|
2010-06-16
|
Apache CXF XML SOAP Message Crafted Document Type Declaration Remote DoS
|
|
65518
Description:
(Description Provided by CVE) : Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
|
2010-06-16
|
Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption
|
|
65542
Description:
(Description Provided by CVE) : Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file.
|
2010-06-16
|
Rosoft Audio Converter M3U File Handling Overflow
|
|
65543
Description:
Nakid CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'modules/catalog/upload_photo.php' script not properly sanitizing user input supplied to the core[system_path] parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.
|
2010-06-16
|
Nakid CMS modules/catalog/upload_photo.php core[system_path] Parameter Remote File Inclusion
|
|
65601
Description:
(Description Provided by CVE) : Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.
|
2010-06-16
|
Symantec AppStream / Workspace Streaming (SWS) aswe: URI MiTM File Download Arbitrary Code Execution
|
|
65612
Description:
Unknown / Incomplete
|
2010-06-16
|
Views Module for Drupal Administer Views Excess Permissions Privilege Escalation
|
|
65613
Description:
(Description Provided by CVE) : The Telnet interface in the SAP J2EE Engine Core (SAP-JEECOR) 6.40 through 7.02, and Server Core (SERVERCORE) 7.10 through 7.30 allows remote authenticated users to bypass a security check and conduct SMB relay attacks via unspecified vectors.
|
2010-06-16
|
SAP J2EE Engine Telnet Interface SMB Relay Authentication Bypass
|
|
65614
Description:
Unknown / Incomplete
|
2010-06-16
|
Ogone | Ubercart Module for Drupal Order Status Verification Issue
|
