[CLOSE] OSVDB ID : 77668 - Disclosed: 2011-12-13

Description:

Microsoft Office PowerPoint is prone to a flaw in the way it loads dynamic-link libraries (DLL). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a PowerPoint file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.

[CLOSE] OSVDB ID : 73798 - Disclosed: 2011-07-13

Description:

(Description Provided by CVE) : Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.

[CLOSE] OSVDB ID : 71256 - Disclosed: 2011-03-21

Description:

LibTIFF is prone to an overflow condition. The ThunderDecode codec fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted ThunderScan encoded file, a context-dependent attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 60929 - Disclosed: 2009-12-09

Description:

HP OpenView is prone to an overflow condition. OvWebHelp.exe fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted request, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 93547 - Disclosed: 2013-05-21

Description:

Kimai contains a flaw that is due to the program failing to properly restrict access to the db_restore.php script. This may allow a remote attacker to bypass restrictions and potentially conduct operations governed by the script.

[CLOSE] OSVDB ID : 93504 - Disclosed: 2013-03-07

Description:

Wireshark contains an overflow condition in the Websocket dissector. The issue is triggered as user-supplied input is not properly validated when handling a malformed packet. This may allow a remote attacker to cause a stack-based buffer overflow, resulting in a denial of service.

[CLOSE] OSVDB ID : 93390 - Disclosed: 2013-05-14

Description:

IBM InfoSphere Optim Data Growth for Oracle E-Business Suite contains a flaw that allows a persistent cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 89681 - Disclosed: 2013-01-29

Description:

Wireshark contains a buffer overflow condition in the NTLMSSP dissector. The issue is triggered as user-supplied input is not properly validated when parsing a specially crafted packet. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or potentially execution of arbitrary code.

[CLOSE] OSVDB ID : 53380 - Disclosed: 2009-04-06

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters."

[CLOSE] OSVDB ID : 42518 - Disclosed: 2008-03-04

Description:

Juniper Networks Secure Access 2000 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'delivery_mode' variables upon submission to the 'dana-na/auth/rdremediate.cgi' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

[CLOSE] OSVDB ID : 13920 - Disclosed: 2005-02-08

Description:

PHP=Fusion contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered to the 'viewthread.php' script not properly sanitizing user-supplied input to the 'forum_id' or 'forum_cat' parameters. This will allow remote attackers to view protected forum information resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 2117 - Disclosed: 1994-01-01

Description:

This host is running a web server that displayed no content. It appears as if each server was enabled, but was not configured or given web pages to serve. While this does not pose an immediate risk, this server appears to serve no purpose and may provide avenues of attack if vulnerabilities are published in the future. It should be noted that this web server may have a specific purpose that could not be determined during testing. This conclusion is due to a lack of content or a default "under construction" page displayed when requesting the root of the IP address, as well as not finding any known directories or links to content stored on these servers.

[CLOSE] OSVDB ID : 23257 - Disclosed: 1966-01-01

Description:

Multics CTSS on IBM 7094 contains a flaw that may disclose the contents of the password file. The issue occured when multiple instances of the system text editor were invoked, causing the editor to create temporary files with a constant name. This would unexplicably cause the contents of the system CTSS password file to display to any user logging into the system.

[CLOSE] OSVDB ID : 93546 - Disclosed: 2013-05-21

Description:

Kimai contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the db_restore.php script not properly sanitizing user-supplied input to the 'dates[]' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 93410 - Disclosed: 2013-05-15

Description:

Cisco TelePresence Supervisor MSE 8050 contains a flaw that may allow a remote denial of service. The issue is triggered during the handling of a saturation of TCP connection requests. This may allow a remote attacker to cause a consumption of CPU resources and a reload on the system.

[CLOSE] OSVDB ID : 93389 - Disclosed: 2013-05-14

Description:

BM InfoSphere Optim Data Growth for Oracle E-Business Suite contains a flaw that may lead to the unauthorized disclosure of sensitive information to a remote attacker. The issue is due to the program transmitting credential information in cleartext over the network.

[CLOSE] OSVDB ID : 93321 - Disclosed: 2013-05-14

Description:

Adobe ColdFusion contains an unspecified flaw that may allow a remote attacker to potentially execute arbitrary code. No further details have been provided by the vendor.

[CLOSE] OSVDB ID : 77772 - Disclosed: 2011-12-14

Description:

Zabbix contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input upon submission to the profiler. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77758 - Disclosed: 2011-11-04

Description:

WHMCompleteSolution contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the clientarea.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'templatefile' parameter. This directory traversal attack would allow the attacker to access arbitrary files.

[CLOSE] OSVDB ID : 77724 - Disclosed: 2011-12-05

Description:

(Description Provided by CVE) : SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program.

[CLOSE] OSVDB ID : 77723 - Disclosed: 2011-12-08

Description:

QContacts Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the index.php script not properly sanitizing user-supplied input to the 'filter_order' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 77705 - Disclosed: 2011-12-13

Description:

By default, multiple Schneider Electric Ethernet Module services install with a default password. The sysdiag account has a password of factorycast@schneider which is publicly known and documented. This allows attackers to trivially access the program or system and gain privileged access. There are several other accounts and passwords which are also vulnerable, consult the Reverse Mode advisory for more details.

[CLOSE] OSVDB ID : 77679 - Disclosed: 2011-09-08

Description:

SCORM Cloud For WordPress Plugin for WordPress contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the ajax.php script not properly sanitizing user-supplied input to the 'active' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 77638 - Disclosed: 2011-12-12

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 70842 - Disclosed: 2011-02-08

Description:

IP.Board contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the application fails to check authentication when viewing topic titles, which will disclose topic titles from password protected forums to a remote attacker.

[CLOSE] OSVDB ID : 69875 - Disclosed: 2010-12-14

Description:

By default, HP MSA2000 Storage System installs with a default password. The 'admin' account has a password of '!admin' which is publicly known and documented. This allows attackers to trivially access the program or system and gain privileged access.

[CLOSE] OSVDB ID : 55822 - Disclosed: 2009-07-13

Description:

(Description Provided by CVE) : Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.

[CLOSE] OSVDB ID : 16572 - Disclosed: 2005-05-08

Description:

Advanced Guestbook contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'entry' variable in the 'index.php' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.

[CLOSE] OSVDB ID : 13621 - Disclosed: 2005-02-08

Description:

Microsoft Outlook Web Access contains a flaw within owalogon.asp that may allow a malicious user to perform account enumeration. The issue is triggered when an attacker sends a specially crafted URL to a user who is using Outlook Web Access, which redirects them to a predefined site. It is possible that the flaw may allow account enumeration from the URL resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 93545 - Disclosed: 2013-05-20

Description:

JBoss Enterprise Application Platform contains a flaw that is triggered when multiple applications are using shared authorization modules. When the first application is loaded it will have its implementation used for all other subsequent applications that are loaded. This may allow a local attacker to implement insecure authorization modules across multiple programs if the insecure module is ran first.

[CLOSE] OSVDB ID : 93505 - Disclosed: 2013-03-10

Description:

Wireshark contains a flaw in the MySQL dissector (packet-mysql.c) that may allow a remote denial of service. The issue is triggered when handling a malformed packet, which will result in an infinite loop. This will allow a remote attacker to crash the program.

[CLOSE] OSVDB ID : 93392 - Disclosed: 2013-05-14

Description:

Cisco WebEx Social contains a flaw in the user management page that is due to the program failing to properly sanitize input passed via the 'First Name', 'Last Name', 'Middle Name', 'Screen Name', 'Email Address', and 'Job Title' fields. This may allow a remote attacker to inject arbitrary values in to the aforementioned fields.

[CLOSE] OSVDB ID : 93388 - Disclosed: 2013-05-14

Description:

IBM InfoSphere Optim Data Growth for Oracle E-Business Suite contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the program not properly sanitizing user-supplied input before using it in SQL queries. This may allow an attacker to manipulate an SQL query that will result in bypassing authentication. Once authenticated, the attacker will have access to the application with the same privileges as the user account used during the authentication bypass.

[CLOSE] OSVDB ID : 93075 - Disclosed: 2013-05-07

Description:

By default, the T-Mobile router installed in the Microsoft Office 365 advertisement distributed in Forbes Magazine (as an advertising gimmick) installs with default user credentials (username/password combination) for the admin interface. The 'admin' account has a password of 'admin' with the interface defaulted to 192.168.100.1, which is publicly known and documented. This allows remote attackers to trivially access the program or system and gain privileged access.

[CLOSE] OSVDB ID : 88774 - Disclosed: 2012-12-30

Description:

Microsoft Internet Explorer contains a user-after-free error when handling CDoc objects, which contain a CDwnBindInfo object. With a specially crafted web page, a context-dependent attacker can dereference already freed memory and potentially execute arbitrary code.

[CLOSE] OSVDB ID : 82307 - Disclosed: 2012-05-21

Description:

PHP is prone to an overflow condition. The com_event_sink function fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted request, a remote attacker can potentially cause a denial of service.

[CLOSE] OSVDB ID : 77766 - Disclosed: 2011-12-07

Description:

Nagios XI contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the get_service_status_detail_link() function in includes/utils-links.inc.php does not validate the 'host' and 'service' parameters upon submission to the reports/notifications.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 77667 - Disclosed: 2011-12-13

Description:

Microsoft Windows is prone to an overflow condition. The Active Directory implementation fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted query, a remote attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 77644 - Disclosed: 2011-11-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 77637 - Disclosed: 2011-12-12

Description:

(Description Provided by CVE) : Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.