| OSVDB ID | Disclosure Date | Title |
|---|
|
75454
Description:
Unknown / Incomplete
|
2011-09-15
|
DivX Plus Web Player DivXPlaybackModule.dll file:// URL Handling Overflow
|
|
75455
Description:
Unknown / Incomplete
|
2011-09-15
|
NetCat /search search_query Parameter eval() Call Arbitrary PHP Code Execution
|
|
75587
Description:
Unknown / Incomplete
|
2011-09-15
|
Sap NetWeaver com.sap.ipc.webapp.ipcpricing Unspecified Remote Information Disclosure
|
|
75632
Description:
Unknown / Incomplete
|
2011-09-15
|
Nortel Contact Recording SOAP Message EyrAPIConfigurationIf getSubKeys() Function SQL Injection
|
|
85715
Description:
SilverStripe contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the addslashes method not properly sanitizing user-supplied input that contains far east encoded characters before using it in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
|
2011-09-15
|
SilverStripe Far East Character Encoding addslashes Method Unspecified SQL Injection
|
|
75535
Description:
JasperReports Server contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the addition of users. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.
|
2011-09-15
|
JasperReports Server User Addition CSRF
|
|
75588
Description:
SAP Crystal Reports contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'service' parameter upon submission to the pubDBLogon.jsp script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-15
|
SAP Crystal Reports pubDBLogon.jsp service Parameter XSS
|
|
75592
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2011-09-15
|
Red Hat Network Satellite SystemGroupList.do Unspecified XSS
|
|
75593
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2011-09-15
|
Red Hat Network Satellite Search Result Filtering Unspecified XSS
|
|
75594
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2011-09-15
|
Red Hat Network Satellite XSS help/forgot_password.pxt URI XSS
|
|
75595
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2011-09-15
|
Red Hat Network Satellite Channels Search Unspecified XSS
|
|
75672
Description:
A. Gallery Plugin for WordPress contains a flaw related to the wp-content/plugins/a-gallery/timthumb.php script failing to properly sanitize user supplied input passed via the 'src' parameter. This may allow a remote attacker to upload and execute arbitrary PHP files.
|
2011-09-15
|
A. Gallery Plugin for WordPress wp-content/plugins/a-gallery/timthumb.php src Parameter File Upload Arbitrary PHP Code Execution
|
|
76892
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2011-09-15
|
LightDM Multiple File Root Write Weakness Symlink Arbitrary File Overwrite
|
|
75459
Description:
(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
|
2011-09-14
|
Evolution evolution-data-server Settings Import MitM Weakness Credentials Disclosure
|
|
75482
Description:
Advance Tag Extension for Magento contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'tagcloud' parameter upon submission to the js/advancetag/tagcloud.swf script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Advance Tag Extension for Magento js/advancetag/tagcloud.swf tagcloud Parameter XSS
|
|
75426
Description:
Support Incident Tracker contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'user' parameter upon submission to the edit_backup_users.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Support Incident Tracker (SiT!) edit_backup_users.php user Parameter XSS
|
|
75442
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
|
2011-09-14
|
Cisco Multiple Products brstart.exe add_dm Request Parsing Remote Overflow
|
|
75647
Description:
(Description Provided by CVE) : The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.
|
2011-09-14
|
Apache HTTP Server mod_proxy_ajp Module mod_proxy_balancer HTTP Request Remote DoS
|
|
75494
Description:
(Description Provided by CVE) : Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field.
|
2011-09-14
|
Progea Movicon / PowerHMI Content-Length HTTP Header Web Request Parsing Remote Overflow
|
|
75492
Description:
(Description Provided by CVE) : Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location.
|
2011-09-14
|
Progea Movicon / PowerHMI EIDP Request Parsing Remote DoS
|
|
75460
Description:
Unknown / Incomplete
|
2011-09-14
|
s2Member Plugin for WordPress Unspecified Traversal Arbitrary File Access
|
|
75495
Description:
(Description Provided by CVE) : Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read.
|
2011-09-14
|
Beckhoff TwinCAT TCATSysSrv.exe Datagram Parsing Remote DoS
|
|
77172
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
|
2011-09-14
|
Cisco Multiple Products brstart.exe SMARTS Request sm_read_string_length Value Parsing Remote Overflow
|
|
75461
Description:
(Description Provided by CVE) : Directory traversal vulnerability in CarelDataServer.exe in Carel PlantVisor 2.4.4 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
|
2011-09-14
|
Carel PlantVisor Enhanced URI Traversal Arbitrary File Access
|
|
75496
Description:
(Description Provided by CVE) : Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034.
|
2011-09-14
|
Azeotech DAQFactory Client Detail Logging NETB Datagram Parsing Remote Overflow
|
|
75493
Description:
(Description Provided by CVE) : Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
|
2011-09-14
|
Progea Movicon / PowerHMI HTTP Packet Parsing Remote Overflow
|
|
75389
Description:
Microsoft SharePoint contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain input in the SharePoint Calender passed via the URL before returning it to the user. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Microsoft SharePoint SharePoint Calendar URI XSS
|
|
75390
Description:
Microsoft SharePoint contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input upon submission to the EditForm.aspx script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Microsoft SharePoint EditForm.aspx XSS
|
|
75391
Description:
Microsoft SharePoint contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via contact details before returning it to the user. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Microsoft SharePoint Contact Details XSS
|
|
75393
Description:
Microsoft SharePoint contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input passed via the URL before returning it to the user. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Microsoft SharePoint Unspecified URI XSS
|
|
75394
Description:
Microsoft SharePoint contains a flaw that allows a remote cross site redirection attack. This flaw exists because the application does not validate the 'source' parameter before returning it to the user. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. Such attacks are useful as the crafted URL initially appear to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client side software such as a web browser or document rendering programs.
|
2011-09-14
|
Microsoft SharePoint Source Parameter Arbitrary Site Redirect
|
|
75382
Description:
Microsoft Windows is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a .txt, .rtf or .doc file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.
|
2011-09-14
|
Microsoft Windows Shell Extensions Path Subversion Arbitrary DLL Injection Code Execution
|
|
75379
Description:
Microsoft Office is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a .PPT file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.
|
2011-09-14
|
Microsoft Office MSO.dll Path Subversion Arbitrary DLL Injection Code Execution
|
|
91830
Description:
Juniper IVE OS Secure Access (SA) and Unified Access Control (UAC) contain an unspecified flaw in OpenLDAP that may allow an attacker to have an impact on LDAPS based authentication and authorization. No further details have been provided by the vendor.
|
2011-09-14
|
Juniper IVE OS Secure Access (SA) / Unified Access Control (UAC) OpenLDAP Unspecified Authentication Issue
|
|
91829
Description:
Juniper IVE OS Secure Access (SA) and Unified Access Control (UAC) contain an unspecified flaw in the custom Sign-In page that may allow an attacker to gain access to the admin interface. No further details have been provided by the vendor.
|
2011-09-14
|
Juniper IVE OS Secure Access (SA) / Unified Access Control (UAC) Custom Sign-in Page Unspecified Issue
|
|
91828
Description:
Juniper IVE OS Secure Access (SA) and Unified Access Control (UAC) contain a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input used during sign-in. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Juniper IVE OS Secure Access (SA) / Unified Access Control (UAC) Sign-in Unspecified XSS
|
|
91856
Description:
Juniper IVE OS Secure Access (SA) contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input passed via the Terminal Access page before returning it to the user. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Juniper IVE OS Secure Access (SA) Terminal Access Page Unspecified XSS
|
|
91855
Description:
Juniper IVE OS Secure Access (SA) contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input passed via the Session Manager page before returning it to the user. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2011-09-14
|
Juniper IVE OS Secure Access (SA) Session Manager Page Unspecified XSS
|
|
75383
Description:
(Description Provided by CVE) : Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Use after Free WriteAV Vulnerability."
|
2011-09-14
|
Microsoft Office Excel Unspecified Use-after-free Memory Dereference Excel File Handling Remote Code Execution
|
|
75569
Description:
Rockwell Automation RSLogix 5000 and FactoryTalk Services Platform contain an overflow condition in RnaUtility.dll. The issue is triggered as a 32-bit size field in received RNA packets is not properly validated during parsing. With a specially crafted request to e.g. the Rockwell Application Services (RsvcHost.exe) service, a remote attacker can cause a heap-based buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.
|
2011-09-14
|
Rockwell Automation RSLogix 5000 / FactoryTalk Services Platform RnaUtility.dll rna Packet Parsing Remote Overflow
|
