| OSVDB ID | Disclosure Date | Title |
|---|
|
67868
Description:
ColdGen ColdBookmarks contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.cfm' script not properly sanitizing user-supplied input to the 'BookmarkID' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-09-08
|
ColdBookmarks index.cfm BookmarkID Parameter SQL Injection
|
|
67874
Description:
Beehive Forum contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for mutliple unspecified functionalities. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
|
2010-09-08
|
Beehive Forum Multiple Unspecified Admin Function CSRF
|
|
67869
Description:
Beehive Forum contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'webtag' parameter upon submission to the 'index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
Beehive Forum index.php webtag Parameter XSS
|
|
67873
Description:
Beehive Forum contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'webtag' parameter upon submission to the 'admin.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
Beehive Forum admin.php webtag Parameter XSS
|
|
67872
Description:
Beehive Forum contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'webtag' parameter upon submission to the 'logon.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
Beehive Forum logon.php webtag Parameter XSS
|
|
67871
Description:
Beehive Forum contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'webtag' parameter upon submission to the 'pm.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
Beehive Forum pm.php webtag Parameter XSS
|
|
67870
Description:
Beehive Forum contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'webtag' parameter upon submission to the 'post.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
Beehive Forum post.php webtag Parameter XSS
|
|
67918
Description:
(Description Provided by CVE) : SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method.
|
2010-09-08
|
Yr Weatherdata Module for Drupal sort Method Unspecified SQL Injection
|
|
67853
Description:
ColdUserGroup contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'Keywords' parameter upon submission to the 'Search' function. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
ColdUserGroup Search Function Keywords Parameter XSS
|
|
67852
Description:
ColdUserGroup contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.cfm' script not properly sanitizing user-supplied input to the 'LibraryID' and 'ArticleID' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-09-08
|
ColdUserGroup index.cfm Multiple Parameter SQL Injection
|
|
67877
Description:
ColdOfficeView contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.cfm script not properly sanitizing user-supplied input to the 'EventID' and 'UserID' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2010-09-08
|
ColdOfficeView index.cfm Multiple Parameter SQL Injection
|
|
67850
Description:
Textpattern contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate the 'q' parameter upon submission to the 'index.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
Textpattern index.php q Parameter XSS
|
|
67851
Description:
phpMyAdmin contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the server name field upon submission to the setup/frames/index.inc.php setup script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
phpMyAdmin Setup Script setup/frames/index.inc.php Server Name XSS
|
|
68313
Description:
FreeBSD is prone to memory corruption. psuedofs fails to properly sanitize user-supplied input resulting in a NULL pointer dereference. With a specially crafted call to pfs_unlock(), a local attacker can potentially cause arbitrary code execution as the root user.
|
2010-09-08
|
FreeBSD pseudofs pfs_getattr() Function NULL Dereference Local Privilege Escalation
|
|
67926
Description:
WebKit contains a double-free error in the 'RenderBlock::layoutBlock' function [WebCore/rendering/RenderBlock.cpp] that is triggered when rendering inline elements. With a specially crafted web page, a context-dependent attacker can free already freed memory, leading to a crash or potential code execution.
|
2010-09-08
|
WebKit RenderBlock::layoutBlock Inline Element Rendering Double-free
|
|
67930
Description:
WebKit contains a use-after-free error in the 'SelectionController::updateAppearance' function [WebCore/editing/SelectionController.cpp]. The issue is triggered when clearing selections in a display:none node. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.
|
2010-09-08
|
WebKit SelectionController::updateAppearance Selection Handling Use-after-free
|
|
67932
Description:
WebKit contains a bad cast flaw in the 'SelectElement::setSelectedIndex' function [WebCore/dom/SelectElement.cpp]. The issue is triggered when firing an onchange event that changes the select from a menu list to a list box. With a specially crafted web page, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.
|
2010-09-08
|
WebKit SelectElement::setSelectedIndex Form Menu Handling Bad Cast Memory Corruption
|
|
67933
Description:
WebKit contains a use-after-free error in the 'FrameView::detachCustomScrollbars' function [WebCore/page/FrameView.cpp] that is triggered when handling scrollbars. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.
|
2010-09-08
|
WebKit FrameView::detachCustomScrollbars Scrollbar Handling Use-after-free
|
|
91824
Description:
Juniper IVE OS Secure Access (SA) and Unified Access Control (UAC) contain a flaw that may lead to unauthorized disclosure of sensitive information. The issue is due to the program saving session information to the local system even when logging is disabled. This may allow a local attacker to gain access to sensitive session information.
|
2010-09-08
|
Juniper IVE OS Secure Access (SA) / Unified Access Control (UAC) Log File User Session Information Local Disclosure
|
|
67878
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invision Power Board (IP.Board) 3.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
2010-09-08
|
IP.Board admin/sources/classes/bbcode/custom/defaults.php BBCode XSS
|
|
67919
Description:
(Description Provided by CVE) : Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653.
|
2010-09-08
|
Cisco WLC Unspecified IKE Packet Handling Remote DoS
|
|
67920
Description:
(Description Provided by CVE) : Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938.
|
2010-09-08
|
Cisco WLC Unspecified HTTP Packet Handling Remote DoS
|
|
67921
Description:
(Description Provided by CVE) : Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033.
|
2010-09-08
|
Cisco WLC Unspecified Privilege Escalation (2010-2842)
|
|
67922
Description:
(Description Provided by CVE) : Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033.
|
2010-09-08
|
Cisco WLC Unspecified Privilege Escalation (2010-2843)
|
|
67923
Description:
(Description Provided by CVE) : Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843.
|
2010-09-08
|
Cisco WLC Unspecified Privilege Escalation (2010-3033)
|
|
67925
Description:
(Description Provided by CVE) : Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034.
|
2010-09-08
|
Cisco WLC Unspecified ACL Bypass (2010-0575)
|
|
67924
Description:
(Description Provided by CVE) : Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575.
|
2010-09-08
|
Cisco WLC Unspecified ACL Bypass (2010-3034)
|
|
67927
Description:
(Description Provided by CVE) : The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.
|
2010-09-08
|
Apple iOS Accessibility Component on iPhone / iPod Location Services VoiceOver Announcement Unspecified Issue
|
|
67928
Description:
(Description Provided by CVE) : FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.
|
2010-09-08
|
Apple iOS FaceTime on iPhone / iPod Invalid X.509 Certificate MiTM Call Redirect
|
|
67929
Description:
(Description Provided by CVE) : ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.
|
2010-09-08
|
Apple iOS ImageIO on iPhone / iPod Crafted TIFF File Arbitrary Code Execution
|
|
67934
Description:
(Description Provided by CVE) : Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
|
2010-09-08
|
Apple iOS ImageIO on iPhone / iPod Crafted GIF File Overflow
|
|
67965
Description:
IBM Records Manager contains a flaw that may lead to an unauthorized password exposure. It could be possible for a remote/local attacker to gain access to cleartext passwords when the applications submits unspecified requests.
|
2010-09-08
|
IBM Records Manager Unspecified Cleartext Password Transmission
|
|
67940
Description:
Unknown / Incomplete
|
2010-09-08
|
Events Manager Extended Plugin for WordPress Unspecified Script Multiple Parameter XSS
|
|
67966
Description:
IBM Records Manager (RM) contains a flaw that allows a remote cross site scripting (XSS) attack. This flaw exists because the application does not validate user supplied input upon submission. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2010-09-08
|
IBM Records Manager Unspecified XSS
|
|
67967
Description:
IBM Records Manager (RM) contains a flaw that allows a remote cross site redirection attack. This flaw exists because the application does not validate user supplied input upon submission. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. This could be leveraged to direct a user to a web page containing attacks that target client side software such as a web browser or document rendering programs.
|
2010-09-08
|
IBM Records Manager Unspecified Arbitrary Site Redirect
|
|
67970
Description:
(Description Provided by CVE) : IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file.
|
2010-09-08
|
IBM Records Manager URI Session Token Referer Log File Remote Disclosure
|
|
67996
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.
|
2010-09-08
|
Django csrfmiddlewaretoken Cookie XSS
|
|
68044
Description:
(Description Provided by CVE) : Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W.
|
2010-09-08
|
IBM Lotus Sametime Connect Webcontainer Implementation Unspecified Issue
|
|
68158
Description:
Unknown / Incomplete
|
2010-09-08
|
Hitachi Multiple Products JP1/Remote Control Agent File Transfer Feature Remote Authentication Bypass
|
|
67875
Description:
(Description Provided by CVE) : Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote Management card with firmware before 4.06 allows remote attackers to cause a denial of service via unknown vectors.
|
2010-09-07
|
HP ProLiant Lights-Out Onboard Administrator Powered By LO100i Unspecified Remote DoS
|
