[CLOSE] OSVDB ID : 76335 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of service (device hang) via a long tel: URL that triggers a large size for the acceptance dialog.

[CLOSE] OSVDB ID : 76354 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The WiFi component in Apple iOS before 5 stores WiFi credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application.

[CLOSE] OSVDB ID : 76356 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document.

[CLOSE] OSVDB ID : 76357 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

[CLOSE] OSVDB ID : 76360 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.

[CLOSE] OSVDB ID : 76361 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The CoreProcesses component in Apple Mac OS X 10.7 before 10.7.2 does not prevent a system window from receiving keystrokes in the locked-screen state, which might allow physically proximate attackers to bypass intended access restrictions by typing into this window.

[CLOSE] OSVDB ID : 76362 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.

[CLOSE] OSVDB ID : 76363 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection.

[CLOSE] OSVDB ID : 76364 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : IOGraphics in Apple Mac OS X through 10.6.8 does not properly handle a locked-screen state in display sleep mode for an Apple Cinema Display, which allows physically proximate attackers to bypass the password requirement via unspecified vectors.

[CLOSE] OSVDB ID : 76365 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.

[CLOSE] OSVDB ID : 76366 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The kernel in Apple Mac OS X before 10.7.2 does not properly implement the sticky bit for directories, which might allow local users to bypass intended permissions and delete files via an unlink system call.

[CLOSE] OSVDB ID : 76368 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image.

[CLOSE] OSVDB ID : 76369 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors.

[CLOSE] OSVDB ID : 76370 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation.

[CLOSE] OSVDB ID : 76371 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote attackers to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account.

[CLOSE] OSVDB ID : 76372 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.

[CLOSE] OSVDB ID : 76379 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

[CLOSE] OSVDB ID : 76376 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account.

[CLOSE] OSVDB ID : 76375 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server.

[CLOSE] OSVDB ID : 76390 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized memory during the processing of X.509 certificates, which allows remote web servers to execute arbitrary code via a crafted certificate.

[CLOSE] OSVDB ID : 76854 - Disclosed: 2011-10-12

Description:

OneOrZero Action & Information Management System (AIMS)contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the lib/ooz_access.php script not properly sanitizing user-supplied input to the 'cookieName' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 76855 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie.

[CLOSE] OSVDB ID : 77458 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

[CLOSE] OSVDB ID : 76235 - Disclosed: 2011-10-12

Description:

Microsoft Forefront Unified Access Gateway contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input when splitting responses from ExcelTabels. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76233 - Disclosed: 2011-10-12

Description:

Microsoft Forefront Unified Access Gateway contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input passed via ExcelTables before returning it to the user. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76234 - Disclosed: 2011-10-12

Description:

Microsoft Forefront Unified Access Gateway contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76232 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

[CLOSE] OSVDB ID : 76231 - Disclosed: 2011-10-12

Description:

Microsoft Windows Active Accessibility is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening an unspecified file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 76218 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer De-reference Vulnerability."

[CLOSE] OSVDB ID : 76207 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability."

[CLOSE] OSVDB ID : 76210 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."

[CLOSE] OSVDB ID : 76211 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."

[CLOSE] OSVDB ID : 76294 - Disclosed: 2011-10-12

Description:

MyStatus Plugin for MyBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the process-mystatus.php script not properly sanitizing user-supplied input to the 'statid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 76301 - Disclosed: 2011-10-12

Description:

Pretty Link Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'min_date' parameter upon submission to the wp-content/plugins/pretty-link/classes/views/prli-clicks/head.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76319 - Disclosed: 2011-10-12

Description:

(Description Provided by CVE) : CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate.

[CLOSE] OSVDB ID : 76309 - Disclosed: 2011-10-12

Description:

BugFree contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'ActionType' parameter upon submission to the Bug.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76315 - Disclosed: 2011-10-12

Description:

[Certificate Login Module for Drupal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing user-supplied input to the client certificate data fields. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 76302 - Disclosed: 2011-10-12

Description:

Pretty Link Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'message' parameter upon submission to the wp-content/plugins/pretty-link/classes/views/prli-dashboard-widget/widget.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76303 - Disclosed: 2011-10-12

Description:

Pretty Link Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'errors[]' parameter upon submission to the wp-content/plugins/pretty-link/classes/views/shared/errors.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 76304 - Disclosed: 2011-10-12

Description:

Pretty Link Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'page_first_record', 'page_last_record', 'record_count', 'controller_file' and 'page_params' parameters upon submission to the wp-content/plugins/pretty-link/classes/views/shared/table-nav.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.