[CLOSE] OSVDB ID : 70473 - Disclosed: 2011-01-10

Description:

HP OpenView Network Node Manager is prone to multiple overflow conditions. The 'nnmRptConfig.exe' module fails to properly sanitize user-supplied input resulting in buffer overflows. With a specially crafted overly long 'data_select1', 'nameParams', 'schdParams', 'nameParams', 'text1' or 'schd_select1' parameter sent via a POST request to one of the CGI functions of NNM, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70622 - Disclosed: 2011-01-10

Description:

HP Business Service Management on Windows contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70681 - Disclosed: 2011-01-10

Description:

syslog-ng contains a type casting error when assigning world-writable permissions to a log file. This may be exploited by a local attacker to modify the file contents.

[CLOSE] OSVDB ID : 70724 - Disclosed: 2011-01-10

Description:

Newv SmartClient NewvCommon ActiveX contains a flaw related to the NewvCommon.ocx control. The 'RunCommand()' method may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 75073 - Disclosed: 2011-01-10

Description:

(Description Provided by CVE) : slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote attackers to cause a denial of service (daemon outage) via Simple Paged Results connections, as demonstrated by using multiple processes to replay TCP sessions, a different vulnerability than CVE-2011-0019.

[CLOSE] OSVDB ID : 70366 - Disclosed: 2011-01-09

Description:

KingView is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted TCP request, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 70401 - Disclosed: 2011-01-09

Description:

Captcha Plugin for Joomla! contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the [plugins/system/captcha/playcode.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'lng' parameter. This directory traversal attack would allow the attacker to read arbitrary files.

[CLOSE] OSVDB ID : 70433 - Disclosed: 2011-01-08

Description:

Mingle Forum Plugin for WordPress contains a flaw when updating forum posts. This may be exploited by a remote attacker to edit any post by browsing directly to the Edit Post page.

[CLOSE] OSVDB ID : 70434 - Disclosed: 2011-01-08

Description:

Mingle Forum Plugin for WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'wp-content/plugins/mingle-forum/feed.php' script not properly sanitizing user-supplied input to the 'topic' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 70435 - Disclosed: 2011-01-08

Description:

Mingle Forum Plugin for WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'wpf-post.php id' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 70436 - Disclosed: 2011-01-08

Description:

Mingle Forum Plugin for WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'wpf-class.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 71650 - Disclosed: 2011-01-08

Description:

(Description Provided by CVE) : The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM.

[CLOSE] OSVDB ID : 70411 - Disclosed: 2011-01-08

Description:

IRIX contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when a signedness error within the 'syssgi()' system call when processing the request value 'SGI_XLV_ATTR_GET' with the request attribute value 'XLV_ATTR_STATS' is exploited, which will disclose kernel memory to a local attacker. This may also be abused to cause a kernel panic denial of service.

[CLOSE] OSVDB ID : 70395 - Disclosed: 2011-01-08

Description:

Zwii contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'system/system.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'set[template][value]' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 70408 - Disclosed: 2011-01-08

Description:

NetSupport Manager is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a long control hostname sent to TCP port 5405, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70615 - Disclosed: 2011-01-08

Description:

Ax Developer CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'modules/profile/user.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'aXconf[default_language]' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 70617 - Disclosed: 2011-01-08

Description:

HP Data Protector Manager contains a flaw that may allow a remote denial of service. The RDS service (rds.exe) uses _rm32.dll to allocate memory when receiving packets, and upon reception of an overly large packet, malloc cannot allocate the size, which will result in loss of availability for the program.

[CLOSE] OSVDB ID : 70619 - Disclosed: 2011-01-08

Description:

VideoSpirit Pro and VideoSpirit Lite are prone to an overflow condition. The programs fail to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted .visprj file with a long 'name' attribute, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 72005 - Disclosed: 2011-01-08

Description:

Joostina contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the com_search component does not validate the 'ordering' parameter upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 75908 - Disclosed: 2011-01-08

Description:

WSN Software contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends a direct request to multiple scripts, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 76271 - Disclosed: 2011-01-08

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 76272 - Disclosed: 2011-01-08

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 70419 - Disclosed: 2011-01-07

Description:

Easy File Uploader Module for Joomla! contains a flaw related to the improper validation of uploaded file extensions. This may allow a remote attacker to upload arbitrary PHP files by passing an allowed MIME media type in the HTTP headers. This will allow the execution of arbitrary PHP code.

[CLOSE] OSVDB ID : 70420 - Disclosed: 2011-01-07

Description:

CUDA Toolkit Developer Drivers for Linux contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'cudaHostAlloc()' and 'cuMemHostAlloc()' API calls return uncleared pinned memory, which may be exploited to disclose potentially sensitive memory to a local attacker.

[CLOSE] OSVDB ID : 70665 - Disclosed: 2011-01-07

Description:

A memory corruption flaw exists in Linux Kernel. The 'dvb_ca_ioctl()' function in 'drivers/media/dvb/ttpci/av7110_ca.c' fails to sanitize user-supplied input, resulting in memory corruption. With a specially crafted IOTCL, a local attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 72007 - Disclosed: 2011-01-07

Description:

SAP Management Console contains a flaw that may allow a remote denial of service. The issue is triggered when an error when processing administration commands occurs, allowing a remote attacker to restart the service.

[CLOSE] OSVDB ID : 72008 - Disclosed: 2011-01-07

Description:

SAP Management Console contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when an error in some 'sapstartsrv' SOAP server methods occurs, which will disclose sensitive information about log file lists content, profile parameters, and developer traces to a remote attacker.

[CLOSE] OSVDB ID : 79401 - Disclosed: 2011-01-07

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 70331 - Disclosed: 2011-01-07

Description:

AppArmor contains a flaw related to the parser. The issue is triggered when the program is misconfigured, allowing a local attacker to cause the parser to generate policy using an unconfined fallback execute transition. This may allow an attacker to bypass security restrictions.

[CLOSE] OSVDB ID : 70306 - Disclosed: 2011-01-07

Description:

StageTracker is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted SetList file entry, a context-dependent attacker can potentially cause execution of arbitrary code.

[CLOSE] OSVDB ID : 70305 - Disclosed: 2011-01-07

Description:

pimd contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the '/var/tmp/pimd.dump' and '/var/tmp/pimd.cache' files creating temporary files insecurely. It is possible for a local attacker to use a symlink attack to cause the program to unexpectedly write to, or overwrite an attacker specified file.

[CLOSE] OSVDB ID : 70312 - Disclosed: 2011-01-07

Description:

Mono contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an unspecified error within the 'mod_mono' module occurs, which will disclose ASPX script source code to a remote attacker.

[CLOSE] OSVDB ID : 70314 - Disclosed: 2011-01-07

Description:

concrete5 contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the addition of scrapbook entries. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70656 - Disclosed: 2011-01-07

Description:

VLC Media Player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted CDG video, a context-dependent attacker can cause a denial of service, or possibly execute arbitrary code.

[CLOSE] OSVDB ID : 73294 - Disclosed: 2011-01-07

Description:

Afaria Data Security Manager contains an unspecified flaw related to login that may allow an attacker to access a locked device. No further details have been provided.

[CLOSE] OSVDB ID : 72699 - Disclosed: 2011-01-07

Description:

(Description Provided by CVE) : Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers to read arbitrary files via unknown vectors.

[CLOSE] OSVDB ID : 82528 - Disclosed: 2011-01-07

Description:

BS.player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted M3U file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70368 - Disclosed: 2011-01-06

Description:

dpkg contains a flaw that allows a context-dependent attacker to traverse outside of a restricted path. The issue is due to the dpkg-source component not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via patches for source-format packages. This directory traversal attack would allow the attacker to overwrite arbitrary files.

[CLOSE] OSVDB ID : 70440 - Disclosed: 2011-01-06

Description:

Contao contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via the 'X_FORWARDED_FOR' HTTP header before being used when submitting to the 'system/modules/comments/Comments.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 74341 - Disclosed: 2011-01-06

Description:

McAfee VirusScan contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the program creating temporary files insecurely. It is possible for a local attacker to use a symlink attack to cause the program to unexpectedly write to, or overwrite an attacker specified file.