| OSVDB ID | Disclosure Date | Title |
|---|
|
73523
Description:
Newsletter Subscriber Plugin for Joomla! contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because then newsletter_subscriber.php script does not validate the 'name' and 'email' parameters or input passed via the URL upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-06-30
|
Newsletter Subscriber Plugin for Joomla! index.php Multiple Parameter XSS
|
|
73512
Description:
Unknown / Incomplete
|
2011-06-30
|
SAP NetWeaver SAPTerm Hardcoded Credentials User Creation
|
|
91168
Description:
stardict contains a flaw that may lead to unauthorized disclosure of potentially sensitive information. The issue is due to the program re-enabling the network directories option when the program is restarted, even if it has been turned off by the user. This may allow a remote attacker to gain access to search information as it is sent to remote dictionaries.
|
2011-06-30
|
stardict Network Dictionary Search Remote Information Disclosure
|
|
73582
Description:
AeroMail contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'folder' parameter upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-06-30
|
AeroMail index.php folder Parameter XSS
|
|
73592
Description:
Unknown / Incomplete
|
2011-06-30
|
HP WebOS Contacts Application Imported Contact Multiple Field XSS
|
|
73583
Description:
AeroMail contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of emails. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
|
2011-06-30
|
AeroMail Email Manipulation CSRF
|
|
74139
Description:
Unknown / Incomplete
|
2011-06-30
|
cFTP includes/userlevel_check.php Cookie Parsing Admin Authentication Bypass
|
|
76814
Description:
(Description Provided by CVE) : The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.
|
2011-06-30
|
Cisco IOS ethernet-lldp Component 12 LLDP Management Address TLV Weakness LLDPDU Parsing Remote DoS
|
|
88499
Description:
IBM WebSphere DataPower Integration Appliance contains a flaw in the MQ Server that may allow a remote denial of service. The issue is triggered during the parsing of a corrupted binary message, which may result in a device restart. This may allow a remote attacker to cause a loss of availability for the system.
|
2011-06-30
|
IBM WebSphere DataPower Integration Appliance MQ Server Corrupted Binary Message Processing Remote Device Restart DoS
|
|
88498
Description:
IBM WebSphere DataPower Integration Appliance contains a flaw that is due to 'valcred' in legacy mode improperly accepting expired certificates. This may may assist an attacker in conducting phishing attacks.
|
2011-06-30
|
IBM WebSphere DataPower Integration Appliance Expired Certificate Acceptance Weakness
|
|
73724
Description:
Unknown / Incomplete
|
2011-06-29
|
RSLinx OPC Automation ActiveX (RsiOPCAuto.OPCServer) Debug String Parsing Overflow
|
|
73684
Description:
(Description Provided by CVE) : Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file.
|
2011-06-29
|
ALZip MIM File Handling Overflow
|
|
73493
Description:
libpng contains a flaw in the handling of PNG files that may allow a remote denial of service. The issue is due to an off-by-one error in the 'png_format_buffer()' function in pngerror.c when handling a PNG image file. With a specially crafted PNG file, a context-dependent attacker can cause the program to crash.
|
2011-06-29
|
libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS
|
|
73705
Description:
(Description Provided by CVE) : Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table.
|
2011-06-29
|
Drupal node_access System Node Table JOIN Access Restriction Bypass
|
|
73477
Description:
Accela and eAccela BizSearch contain a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the applications do not validate certain unspecified input related to the search page before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-06-29
|
Accela / eAccela BizSearch Search Page Unspecified XSS
|
|
76456
Description:
(Description Provided by CVE) : Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header.
|
2011-06-29
|
IBM DB2 Tivoli Monitoring Agent (ITMA) db2rspgn libkbb.so Path Subversion Arbitrary DLL Injection Code Execution
|
|
76457
Description:
(Description Provided by CVE) : Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header.
|
2011-06-29
|
IBM DB2 Tivoli Monitoring Agent (ITMA) kbbacf1 libkbb.so Path Subversion Arbitrary DLL Injection Code Execution
|
|
73547
Description:
IBM Rational DOORS Web Access contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-06-29
|
IBM Rational DOORS Web Access Unspecified XSS
|
|
73548
Description:
IBM Rational DOORS Web Access contains an unspecified flaw related to the handling of Server Error responses that may allow an attacker to have an unspecified impact. No further details have been provided.
|
2011-06-29
|
IBM Rational DOORS Web Access Server Error Response Unspecified Issue
|
|
73549
Description:
IBM Rational DOORS Web Access contains an unspecified flaw that may allow an attacker to have an unspecified impact. No further details have been provided.
|
2011-06-29
|
IBM Rational DOORS Web Access Unspecified Issue
|
|
73723
Description:
WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the wp-admin/link-manager.php script not properly sanitizing user-supplied input to the 'order' and 'orderby' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-06-29
|
WordPress wp-admin/link-manager.php Multiple Parameter SQL Injection
|
|
73722
Description:
WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the wp-admin/edit-tags.php script not properly sanitizing user-supplied input to the 'order' and 'orderby' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-06-29
|
WordPress wp-admin/edit-tags.php Multiple Parameter SQL Injection
|
|
75247
Description:
(Description Provided by CVE) : The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311.
|
2011-06-29
|
IBM Java Class File Parser Attribute Length Field Parsing Remote DoS
|
|
89548
Description:
cronie contains a flaw in file descriptor handling that may lead to unauthorized disclosure of potentially sensitive information. The issue is due to the program identifying the file descriptor as a security hole. This may allow a local attacker to gain access to sensitive information.
|
2011-06-29
|
cronie File Descriptor Local Information Disclosure
|
|
74750
Description:
(Description Provided by CVE) : libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
|
2011-06-29
|
libgssglue GSSAPI_MECH_CONF Environment Variable Path Subversion Local Privilege Escalation
|
|
73491
Description:
Joomla! contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'option', 'view', 'id' and 'searchword' parameters upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-06-29
|
Joomla! index.php Multiple Parameter XSS
|
|
73478
Description:
Parodia contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the employer-profile.asp script not properly sanitizing user-supplied input to the 'ag_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-06-29
|
Parodia employer-profile.asp ag_id Parameter SQL Injection
|
|
73721
Description:
Unknown / Incomplete
|
2011-06-29
|
WordPress Unspecified Access Restriction Bypass
|
|
73551
Description:
(Description Provided by CVE) : IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
|
2011-06-29
|
IBM InfoSphere Information Server DSEngine File Permissions Local Privilege Escalation
|
|
73552
Description:
IBM Tivoli Storage Manager Client is prone to an overflow condition. The Journal Based Backup function fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow a local attacker to potentially execute arbitrary code.
|
2011-06-29
|
IBM Tivoli Storage Manager Client Journal Based Backup (JBB) Function Overflow
|
|
73640
Description:
Unknown / Incomplete
|
2011-06-29
|
Secure Password Hashes (phpass) Module for Drupal Brute Force Password Reset Link Disclosure
|
|
73553
Description:
IBM Tivoli Storage Manager Client is prone to an overflow condition. The Alternate Data Streams function fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow a local attacker to potentially execute arbitrary code.
|
2011-06-29
|
IBM Tivoli Storage Manager Client Alternate Data Streams (ADS) Function Overflow
|
|
73630
Description:
Unknown / Incomplete
|
2011-06-29
|
F5 BIG-IP ASM Web Scraping Unspecified XSS
|
|
73641
Description:
Unknown / Incomplete
|
2011-06-29
|
Secure Password Hashes (phpass) Module for Drupal Password Reset Link Persistence Password Manipulation
|
|
74492
Description:
(Description Provided by CVE) : IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors.
|
2011-06-29
|
IBM InfoSphere Information Server Incorrect File Ownership Local Privilege Escalation
|
|
73571
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
|
2011-06-28
|
HP OpenView Storage Data Protector inet Crafted Parameter Multiple Remote Overflows
|
|
73572
Description:
(Description Provided by CVE) : Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.
|
2011-06-28
|
HP OpenView Storage Data Protector inet omniinet.exe EXEC_CMD Remote Overflow
|
|
73488
Description:
The Joomla! com_content component contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker submits arbitrary values to the index.php script via the 'limitstart' or 'limit' parameters, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.
|
2011-06-28
|
Joomla! com_content Component index.php Multiple Parameter Path Disclosure
|
|
73489
Description:
Unknown / Incomplete
|
2011-06-28
|
Joomla! Unspecified Permissions Check Weakness Access Restriction Bypass
|
|
73494
Description:
(Description Provided by CVE) : Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element.
|
2011-06-28
|
Novell File Reporter Engine RECORD Element Tag Parsing Overflow
|
