[CLOSE] OSVDB ID : 83485 - Disclosed: 2012-06-30

Description:

Sun iPlanet contains a flaw that may allow an attacker to inject an arbitrary URL into an error page. The issue is due to a non-existent URL received via the HTTP referer header being used in the error page output. The resulting error page will use an HTML href element to render the link, only showing "referring page". While minor, this type of attack may assist in social engineering attacks.

[CLOSE] OSVDB ID : 83634 - Disclosed: 2012-06-30

Description:

GIMP contains a flaw that may allow for a denial of service. The issue is triggered when a user opens a FIT file with a malformed 'XTENSION' header, resulting in a loss of availability for the program. This can be exploited remotely by tricking a user into opening the crafted file (e.g., via email), or locally by placing it in a location that may seem safe (e.g., a network share).

[CLOSE] OSVDB ID : 83486 - Disclosed: 2012-06-30

Description:

Konqueror contains a flaw that allows a Cross-Frame Scripting (XFS) attack. This flaw exists because the browser does not properly restrict JavaScript from one web page to access another when the pages originate from different domains. This may allow an attacker to use one web page to load content from another, concealing the origin of one web site. This method is useful in phishing attacks, to load legitimate content from one site, while loading a malicious form embedded in that content.

[CLOSE] OSVDB ID : 83522 - Disclosed: 2012-06-30

Description:

IBM developerWorks Nigel's Capacity Planning (ncp) contains a flaw that may lead to an unauthorized information disclosure. This issue is triggered when the system fails to require authentication for the /, /real/lsconf.html, and real.html pages, which may disclose potentially sensitive system information to a remote attacker.

[CLOSE] OSVDB ID : 83484 - Disclosed: 2012-06-30

Description:

IBM Edge Components Caching Proxy contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input in an HTTP GET request before returning it to the user in an error message. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 83719 - Disclosed: 2012-06-30

Description:

Basilic contains a flaw that is triggered when input passed via the diff.php script is not properly verified before being used in the 'file' parameter. This may allow a remote attacker to execute arbitrary commands with system privileges.

[CLOSE] OSVDB ID : 85984 - Disclosed: 2012-06-30

Description:

SAP NetWeaver Business Warehouse contains a flaw that is triggered during the parsing of XML data containing external entities. This may allow a remote attacker to gain access to arbitrary files

[CLOSE] OSVDB ID : 83768 - Disclosed: 2012-06-30

Description:

Paid Business Listings Plugin for WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the form submission not properly sanitizing user-supplied input to the 'pbl_listing_pkg_id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 83633 - Disclosed: 2012-06-30

Description:

IrfanView Formats PlugIn is prone to an overflow condition. The JLS Plugin Library (jpeg_ls.dll) fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 85983 - Disclosed: 2012-06-30

Description:

SAP NetWeaver Mobile Infrastructure Web Console contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 87908 - Disclosed: 2012-06-30

Description:

Munin contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered by the plugin directory insecurely storing root-owned plugins with non-root plugins. This may allow a local attacker to gain escalated privileges when a plugin is stored in the group-writable munin:munin directory.

[CLOSE] OSVDB ID : 83396 - Disclosed: 2012-06-29

Description:

SpecView contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the program not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) when parsing a web request. This directory traversal attack would allow the attacker to gain access to arbitrary files.

[CLOSE] OSVDB ID : 83395 - Disclosed: 2012-06-29

Description:

PowerNet Twin Client contains a flaw that may allow a remote denial of service. The issue is triggered by an error in the 00403cb0 function when handling a malformed 100 byte packet. This will result in a loss of availability for the program.

[CLOSE] OSVDB ID : 84506 - Disclosed: 2012-06-29

Description:

Cisco IOS for Catalyst Switches contains a flaw that may allow a remote denial of service. The issue is triggered when an error occurs during the parsing of local web authentication. This may allow a remote attacker to cause a loss of availability for the device.

[CLOSE] OSVDB ID : 83771 - Disclosed: 2012-06-29

Description:

Microsoft IIS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered during the parsing of a request that contains a tilde character (~). This may allow a remote attacker to gain access to file and folder name information.

[CLOSE] OSVDB ID : 83720 - Disclosed: 2012-06-29

Description:

Microsoft .NET Framework contains a flaw that may allow a remote denial of service. The issue is triggered during the handling of a specially crafted request that contains a tilde (~). This will cause a consumption of system resources, which will result in a loss of availability for the program.

[CLOSE] OSVDB ID : 83397 - Disclosed: 2012-06-29

Description:

Multiple Cisco Linksys Routers contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered by the Cloud Connect service, which causes the router to send potentially sensitive information to the vendor (Cisco). There is currently no way to opt out of this feature. This could disclose network history, applications in use, and other potentially sensitive information to a remote attacker that has access to network traffic between the router and Cisco. In addition, the information sent to Cisco may be used in a manner that violates privacy, such as targeted advertising or sharing information with the courts or law enforcement.

[CLOSE] OSVDB ID : 83414 - Disclosed: 2012-06-29

Description:

webERP contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the index.php script not properly sanitizing user input supplied to the 'PathPrefix' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 83392 - Disclosed: 2012-06-29

Description:

phpmoneybooks contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input when adding a new bank account upon submission to the /banks/index.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 83393 - Disclosed: 2012-06-29

Description:

phpmoneybooks contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input when adding a new customer account upon submission to the /customers/index.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 83394 - Disclosed: 2012-06-29

Description:

PC Tools Firewall Plus contains a flaw that may allow a local denial of service. The issue is triggered when processes are terminated by an unprivileged local attacker, and will result in loss of availability for the program. This may in turn allow traffic or malware to reach the machine without being filtered.

[CLOSE] OSVDB ID : 83492 - Disclosed: 2012-06-29

Description:

Magix CMS contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the framework/js/tiny_mce/plugins/pdw_file_browser/swfupload/upload.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 83493 - Disclosed: 2012-06-29

Description:

Magix CMS contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the framework/js/ckeditor/plugins/pdw_file_browser/swfupload/upload.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 87964 - Disclosed: 2012-06-29

Description:

IBM Rational Automation Framework contains a flaw that is due to the was_common_configure_create_ssl_certs action creating unencrypted SSL certificates. This may allow a local attacker to more easily gain access to certificate password information.

[CLOSE] OSVDB ID : 93404 - Disclosed: 2012-06-29

Description:

Akismet Plugin for WordPress contains a flaw that allows a reflected cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via referer headers upon submission to the admin.php or wp-comments-post.php script. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 93403 - Disclosed: 2012-06-29

Description:

Akismet Plugin for WordPress contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends a direct request for the /admin.php, /akismet.php, /legacy.php, or /widget.php scripts, which discloses the software's installation path resulting in a loss of confidentiality. While such information is relatively low risk, it is often useful in carrying out additional, more focused attacks.

[CLOSE] OSVDB ID : 83398 - Disclosed: 2012-06-28

Description:

AccountsService contains a flaw that is triggered when a race condition occurs in the user_change_icon_file_authorized_cb() function of user.c during the parsing of a UID file read request. This may allow a local attacker to gain access to arbitrary files.

[CLOSE] OSVDB ID : 83400 - Disclosed: 2012-06-28

Description:

webERP contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the LanguageSetup.php script not properly sanitizing user input supplied to the 'PathPrefix' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 83494 - Disclosed: 2012-06-28

Description:

SAP Netweaver is prone to multiple overflow conditions. The issues are triggered when boundary errors occur in msg_server.exe, which will result in stack-based buffer overflows. With a specially crafted parameter or parameter name in a package containing opcode 0x43 and sub-opcode 0x4, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 83495 - Disclosed: 2012-06-28

Description:

Novell GroupWise contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to WebAccess Interface not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'User.interface' parameter. This directory traversal attack would allow the attacker to gain access to arbitrary files.

[CLOSE] OSVDB ID : 83994 - Disclosed: 2012-06-28

Description:

ZTE 890L contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'nick_name' parameter upon submission to goform/dhcp_list_cmd. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 83984 - Disclosed: 2012-06-28

Description:

ZTE 890L contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via SMS messages before returning it to the user. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 83985 - Disclosed: 2012-06-28

Description:

Verizon ZTE 890L contains a flaw that allows a remote Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps or explicit confirmation for sensitive transactions. By using a crafted URL (e.g., a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into resetting the password of the device, changing the SIM PIN, changing wireless settings, and locking or verifying the PUK in the context of their session with the application, without further prompting or verification.

[CLOSE] OSVDB ID : 83399 - Disclosed: 2012-06-28

Description:

Avaya IP Office Customer Call Reporter contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the ImageUpload.ashx script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 83986 - Disclosed: 2012-06-28

Description:

ZTE 890L contains a flaw that may allow an attacker to bypass authentication. This issue is triggered when a remote attacker changes two 'login' values of a cookie from 'n' to 'y' and then uses that cookie in a specially crafted request passed to /goform/pwd_cmd?cmd=lucky_num. This will allow the attacker to bypass authentication and become authenticated as an administrator.

[CLOSE] OSVDB ID : 83348 - Disclosed: 2012-06-28

Description:

Job Manager Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input upon submission to the wp-content/plugins/job-manager/admin-applications.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 83401 - Disclosed: 2012-06-28

Description:

LIOOSYS CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 83496 - Disclosed: 2012-06-28

Description:

Items Manager Plugin for GetSimple CMS contains a flaw that allows a remote user to execute arbitrary PHP code. This flaw exists because the plugins/items/uploader/server/php.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the user to execute the script.

[CLOSE] OSVDB ID : 83548 - Disclosed: 2012-06-28

Description:

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when certain input is not properly sanitized during the loading of sparing tables. This will result in loss of availability for the system when a specially crafted file system is loaded.

[CLOSE] OSVDB ID : 83549 - Disclosed: 2012-06-28

Description:

Linux Kernel contains a flaw that may allow a local denial of service. This issue is triggered when an error occurs in the udf_load_logicalvol() function in fs/udf/super.c during the parsing of a partition table. This will result in a loss of availability for the system when a specially crafted file system is mounted.