[CLOSE] OSVDB ID : 70899 - Disclosed: 2011-02-08

Description:

The Administrator Console in Adobe ColdFusion contains flaws that allow multiple remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70900 - Disclosed: 2011-02-08

Description:

Adobe ColdFusion contains multiple CRLF injection vulnerabilities in certain unspecified tags. This may allow a remote attacker to inject HTTP headers and conduct HTTP response splitting attacks.

[CLOSE] OSVDB ID : 70903 - Disclosed: 2011-02-08

Description:

Adobe ColdFusion contains a session fixation vulnerability. The issue is triggered when a context-dependent, remote attacker tricks a user into following a crafted link. This may allow an attacker to hijack the user's web session after the user logs in.

[CLOSE] OSVDB ID : 70902 - Disclosed: 2011-02-08

Description:

Adobe ColdFusion contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the input passed via the cfform tag before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70901 - Disclosed: 2011-02-08

Description:

Adobe ColdFusion contains a flaw related to the Administrator Console that may disclose certain unspecified information to an attacker. No further details have been provided.

[CLOSE] OSVDB ID : 71001 - Disclosed: 2011-02-08

Description:

Django contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to thefile-based session storage system not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the key in a session cookie. This directory traversal attack would allow the attacker to access arbitrary files.

[CLOSE] OSVDB ID : 71000 - Disclosed: 2011-02-08

Description:

Django contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the filename of uploaded files upon submission to the 'file' field. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 70999 - Disclosed: 2011-02-08

Description:

Django contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not properly validate HTTP requests that contain an X-Requested-With header. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may use a forged Ajax request to trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70855 - Disclosed: 2011-02-08

Description:

PHPXref contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via the URL to 'nav.html' before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71376 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 71374 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. With a specially crafted PDF file, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 71399 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat contain an unspecified flaw that may allow an attacker to cause a denial of service. It is possible, though not confirmed, that this vulnerability may also allow the execution of arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 71398 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize user-supplied input when parsing certain images, resulting in memory corruption. With a specially crafted image file, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 71397 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The AcroRd32.dll component fails to sanitize user-supplied input calculating a pointer while passing it to memset, resulting in memory corruption. With a specially crafted image, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 71373 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 71395 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat contain an unspecified flaw that may allow a context-dependent attacker to cause an infinite loop condition, resulting in a denial of service. No further details have been provided.

[CLOSE] OSVDB ID : 71394 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat fail to properly validate certain unspecified input data, which may allow an attacker to execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 71393 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat contain a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the applications do not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71392 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to a flaw in the way they load dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 71391 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. With a specially crafted PDF file, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 71390 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The program's implementation of an image format supported by the Universal 3D compressed file format fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted Universal 3D (U3D) file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71389 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The program's implementation of an image format supported by the Universal 3D compressed file format fails to properly sanitize user-supplied input resulting in a buffer overflow related to Texture and rgba. With a specially crafted Universal 3D (U3D) file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71388 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The program's implementation of an image format supported by the Universal 3D compressed file format fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted Universal 3D (U3D) file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71387 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The program's implementation of an image format supported by the Universal 3D compressed file format fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted Universal 3D (U3D) file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71386 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat contain an unspecified flaw related that may allow a context-dependent attacker to use a crafted font to execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 71385 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The program's implementation of an image format supported by the Universal 3D compressed file format fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted Universal 3D (U3D) file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71384 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The Bitmap parsing component of 2d.dll fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With specially crafted height and width values for an RLE_8 compressed bitmap, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71383 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The ICC parsing component of ACE.dll fails to properly sanitize user-supplied input resulting in an integer overflow. With specially crafted crafted ICC data, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 71382 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat contain a flaw related to the Bitmap parsing component in rt3d.dll's use of 4/8-bit RLE compression. The issue is triggered when an attacker uses a pointer to copy data into the fixed-length color data buffer. This may allow a context-dependent attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 71381 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The U3D component fails to sanitize user-supplied input when using the Parent Node count to calculate the size of an allocation, resulting in memory corruption. With a specially crafted 3D file, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 71375 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize user-supplied input when handling a JPEG2000 file embedded inside of a PDF file, resulting in memory corruption. With a specially crafted JP2K record type in a JPEG2000 image in a PDF file, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 71380 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The program fails to sanitize certain unspecified user-supplied input, resulting in memory corruption. With a specially crafted PDF file, a context-dependent attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 71379 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat contain a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the applications do not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 71377 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The 3d.dll component fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted length value in a file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 72501 - Disclosed: 2011-02-08

Description:

Adobe Reader and Acrobat are prone to an overflow condition. The program's implementation of an image format supported by the Universal 3D compressed file format fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted Universal 3D (U3D) file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 70845 - Disclosed: 2011-02-08

Description:

UMI.CMS contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the '/admin/users/edit/USERID/do/' script does not require multiple steps or explicit confirmation for sensitive transactions for the addition of administrator users. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 70849 - Disclosed: 2011-02-08

Description:

RealPlayer and RealPlayer Enterprise contain a flaw related to the temporary file naming scheme used for reference storage in Real Media files. The filenames are easily predicted, which may be brute forced and used in combination with the 'OpenURLinPlayerBrowser()' function in 'classid:FDC7A535-4070-4B92-A0EA-D9994BCC0DC5' to execute the file, allowing a context-dependent attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 70825 - Disclosed: 2011-02-08

Description:

Microsoft Windows contains a flaw that may allow a local denial of service. The issue is triggered when an error in Active Directory occurs when handling Server Principal Name update requests. This may be exploited by a local authenticated attacker with administrative privileges via crafted packets to the Active Directory server to cause a denial of service.

[CLOSE] OSVDB ID : 73006 - Disclosed: 2011-02-08

Description:

A memory corruption flaw exists in Adobe Shockwave Player. The dirapi.dll module contains a signedness error when evaluating the length of certain data in CSWV chunks resulting in memory corruption. With a Director file containing a specially crafted CSWV chunk, a remote attacker can execute arbitrary code.

[CLOSE] OSVDB ID : 73005 - Disclosed: 2011-02-08

Description:

Adobe Shockwave Player is prone to an overflow condition. The dirapi.dll module fails to properly sanitize user-supplied input in CSWV chunks resulting in an integer overflow. With a specially crafted Director file, a remote attacker can execute arbitrary code.