[CLOSE] OSVDB ID : 79000 - Disclosed: 2012-02-07

Description:

XRay CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login2.php script not properly sanitizing user-supplied input to the 'username' and 'password' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79295 - Disclosed: 2012-02-07

Description:

WebKit contains a flaw in the 'RenderInline::splitFlow' function in WebCore/rendering/RenderInline.cpp when handling column styles. With a specially crafted web page, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.

[CLOSE] OSVDB ID : 84146 - Disclosed: 2012-02-07

Description:

WebKit contains a use-after-free error in the 'FrameLoader::checkTimerFired' function in WebCore/loader/FrameLoader.cpp when destructing an iframe while deferred events are raised. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 84160 - Disclosed: 2012-02-07

Description:

WebKit contains use-after-free errors in the 'ContainerNode::insertBefore', 'ContainerNode::replaceChild', 'ContainerNode::removeChild', and 'ContainerNode::appendChild' functions in WebCore/dom/ContainerNode.cpp when handling mutation events. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 87510 - Disclosed: 2012-02-07

Description:

Multiple Rovio Mobiie Ltd applications for android have intentionally trojaned copies previously available for download on the Google app market. These trojans will cause additional advertisements to be shown on certain websites or send web browsing information to a third party.

[CLOSE] OSVDB ID : 90391 - Disclosed: 2012-02-07

Description:

By default, Monroe Electronics EAS R197AV installs with default user credentials (username/password combination). No account name is required, however the password is '197set', which is publicly known and documented. This allows remote attackers to trivially access the program or system and gain privileged access.

[CLOSE] OSVDB ID : 78899 - Disclosed: 2012-02-06

Description:

Snort Report contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the DB.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'dbtype' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 78900 - Disclosed: 2012-02-06

Description:

Tube Ace contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the mobile/search/index.php script not properly sanitizing user-supplied input to the 'q' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 78913 - Disclosed: 2012-02-06

Description:

RealPlayer contains an unspecified flaw related to the handling of VIDOBJ_START_CODE segments that may allow a context-dependent attacker to execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 78910 - Disclosed: 2012-02-06

Description:

RealPlayer contains an unspecified flaw related to the handling of coded_frame_size values that may allow a context-dependent attacker to execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 79615 - Disclosed: 2012-02-06

Description:

Paste contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is due to the application not properly dropping the root GID when starting the process, allowing a remote attacker to manipulate arbitrary files.

[CLOSE] OSVDB ID : 79608 - Disclosed: 2012-02-06

Description:

Advantech/BroadWin WebAccess contains a flaw related to the RPC service, which may allow a remote attacker to execute arbitrary code. No further details have been provided.

[CLOSE] OSVDB ID : 81709 - Disclosed: 2012-02-06

Description:

Apple Mac OS X contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered the debug switch being enabled in FileVault when using Legacy FileVault, which will disclose plain text passwords to a local attacker.

[CLOSE] OSVDB ID : 83391 - Disclosed: 2012-02-06

Description:

Revelation contains a flaw that is triggered by the program not properly iterating particular passphrases through the SHA1 hashing algorithm, which may reduce the space to only 7 bits on each character. This may allow an attacker to more easily perform a dictionary-based guessing attack.

[CLOSE] OSVDB ID : 78909 - Disclosed: 2012-02-06

Description:

RealPlayer contains an out-of-bounds write flaw related to the decoding of Atrac audio samples that may allow a context-dependent attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 83775 - Disclosed: 2012-02-06

Description:

Automatic Bug Reporting Tool (ABRT) contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the program fails to set permissions on a core dump file, which will disclose potentially sensitive dump file information to a local attacker.

[CLOSE] OSVDB ID : 78911 - Disclosed: 2012-02-06

Description:

RealPlayer contains a flaw related to the handling of negative value RMFF flags within IVR files that may allow a context-dependent attacker to execute arbitrary code by retrieving and calling a function pointer.

[CLOSE] OSVDB ID : 79289 - Disclosed: 2012-02-06

Description:

WebKit contains a use-after-free error in the 'SubframeLoader::loadSubframe' function in WebCore/loader/SubframeLoader.cpp when handling mutation events during sub-frame loading where the main frame is removed. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 87509 - Disclosed: 2012-02-06

Description:

Temple Run for Android is a trojaned application previously available for download on the Google app market. This trojan will cause additional advertisements to be shown on certain websites or send web browsing information to a third party.

[CLOSE] OSVDB ID : 88321 - Disclosed: 2012-02-06

Description:

Puppet contains a flaw in Puppet::Util::SUIDManager. The issue is due to the program re-initializing supplementary groups using the "initgroups" method. If the real GID is root, this will cause Puppet to add GID "0" to supplementary groups as well. This may allow unintended users with certain group rights to elevate their privileges.

[CLOSE] OSVDB ID : 79096 - Disclosed: 2012-02-05

Description:

Gazie contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions for the manipulation of an administrator's password. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 81477 - Disclosed: 2012-02-05

Description:

PDF Viewer Component is prone to an overflow condition. The 'TitlebarText' method within pdfviewer.ocx fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted PDF file, a context-dependent attacker can potentially cause the application to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 83389 - Disclosed: 2012-02-05

Description:

Revelation contains a flaw that is triggered when the program limits password lengths to thirty two characters. This may make it easier for an attacker to perform brute force attack.

[CLOSE] OSVDB ID : 79352 - Disclosed: 2012-02-05

Description:

TXR contains a flaw related to UTF-8 decoding and re-encoding that may allow an attacker to perform actions with an unknown impact. No further details have been provided.

[CLOSE] OSVDB ID : 80076 - Disclosed: 2012-02-05

Description:

LightDM contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is due to an error of the service leaking several file descriptors to its child process which propagates to other processes running in an interactive session. This may allow a local attacker to manipulate the log file of the service.

[CLOSE] OSVDB ID : 91075 - Disclosed: 2012-02-05

Description:

By default, Nuxeo EP installs with default admin credentials (username/password combination). The 'Administrator' account has a password of 'Administrator', which is publicly known and documented. This allows remote attackers to trivially access the program or system and gain privileged access.

[CLOSE] OSVDB ID : 84151 - Disclosed: 2012-02-05

Description:

WebKit contains a typecasting flaw in the 'FormSubmission::create' function in WebCore/loader/FormSubmission.cpp when handling form submissions. With a specially crafted web page, a context-dependent attacker can corrupt memory to cause a denial of service or potentially execute arbitrary code.

[CLOSE] OSVDB ID : 87728 - Disclosed: 2012-02-05

Description:

CodeIgniter contains a flaw that is triggered when lang.php fails to properly sanitize input. This may allow a remote attacker to inject hex-encoded PHP commands. No further details are available.

[CLOSE] OSVDB ID : 78890 - Disclosed: 2012-02-04

Description:

XWiki Enterprise contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'XWiki.XWikiComments_comment' parameter upon submission to xwiki/bin/commentadd/Main/WebHome. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 78891 - Disclosed: 2012-02-04

Description:

XWiki Enterprise contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'XWiki.XWikiUsers_0_company' parameter upon submission to the profile editing page. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 78887 - Disclosed: 2012-02-04

Description:

IBM AIX contains a flaw in the TCP stack that may allow a remote denial of service. The issue is triggered when the 'TCP large send offload' option is enabled. With a specially crafted sequence of TCP packets, a remote attacker can cause the system to stop responding.

[CLOSE] OSVDB ID : 81483 - Disclosed: 2012-02-04

Description:

Edraw Diagram Component is prone to an overflow condition. The EDBoard.ocx ActiveX control fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted diagram file, a context-dependent attacker can potentially cause the component to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 78886 - Disclosed: 2012-02-04

Description:

EMC Documentum xPlore contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the application providing improper access restrictions, which will disclose certain metadata of objects in search results to a remote attacker.

[CLOSE] OSVDB ID : 78928 - Disclosed: 2012-02-04

Description:

GForge Advanced Server contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing certain unspecified input before use in SQL queries. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 79003 - Disclosed: 2012-02-04

Description:

A memory corruption flaw exists in ImageMagick. The ResolutionUnit tag in EXIF IFD0 fails to sanitize user-supplied input when parsing offset and count values resulting in memory corruption. With a specially crafted image, a context-dependent attacker can cause a denial of service or potentially execute arbitrary code.

[CLOSE] OSVDB ID : 78819 - Disclosed: 2012-02-03

Description:

PHP contains a flaw related to the hashing of form posts. The issue is due to an error of the 'php_register_variable_ex()' function within php_variables.c when hashing form posts and updating a hash table, which may allow a remote attacker to execute arbitrary code.

[CLOSE] OSVDB ID : 78831 - Disclosed: 2012-02-03

Description:

2X ApplicationServer contains a flaw related to the TuxSystem ActiveX control. The issue is due to the insecure 'ExportSettings()' method within the TuxScripting.dll library. This may allow an attacker to arbitrary arbitrary overwrite files.

[CLOSE] OSVDB ID : 78926 - Disclosed: 2012-02-03

Description:

GForge Advanced Server contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'redirect_to' parameter upon submission to the project/test/forum/admin/index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 78927 - Disclosed: 2012-02-03

Description:

GForge Advanced Server contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'snippet_id' parameter upon submission to the gf/snippet/index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 79004 - Disclosed: 2012-02-03

Description:

ImageMagick contains a flaw that may allow a remote denial of service. The issue is due to an error when parsing an IFD with IOP tag offsets pointing to the start of the IFD, which causes the application to go into an infinite loop resulting in a loss of availability.