U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

TLP:WHITE

Bulletin (SB08-021)

Vulnerability Summary for the Week of January 14, 2008

Original release date: January 21, 2008

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

">

High Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Agares Media -- phpAutoVideoSQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter.
unknown
2008-01-15
7.5CVE-2008-0262
MILW0RM
MILW0RM
BID
XF
Apple -- QuicktimeUnspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with crafted Image Descriptor (IDSC) atoms, which triggers memory corruption.
unknown
2008-01-15
9.3CVE-2008-0033
APPLE
OTHER-REF
Article Dashboard -- Article DashboardSQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields.
unknown
2008-01-15
7.5CVE-2008-0286
BUGTRAQ
BID
BinN -- SBuilderSQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter.
unknown
2008-01-15
7.5CVE-2008-0253
MILW0RM
BID
CherryPy -- CherryPyDirectory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie.
unknown
2008-01-11
7.5CVE-2008-0252
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
FRSIRT
SECUNIA
Cisco -- Unified CallManager
Cisco -- Unified Communications Manager
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.
unknown
2008-01-16
10.0CVE-2008-0027
BUGTRAQ
OTHER-REF
CISCO
BID
XF
Debian -- apt-listchangesUntrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
unknown
2008-01-16
7.2CVE-2008-0302
OTHER-REF
OTHER-REF
DigitalHive -- DigitalHiveMultiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the selectskin parameter to an unspecified program, or (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in the gestion_membre.php page to base.php.
unknown
2008-01-15
7.5CVE-2008-0290
MILW0RM
BID
XF
DomPHP -- DomPHPSQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter.
unknown
2008-01-15
7.5CVE-2008-0282
MILW0RM
BID
SECUNIA
XF
Drupal -- Fileshare_ModuleUnspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
unknown
2008-01-15
8.5CVE-2008-0277
OTHER-REF
XF
eTicket -- eTicketMultiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
unknown
2008-01-15
7.5CVE-2008-0267
BUGTRAQ
BID
SECUNIA
XF
Evilsentinel -- Evilsentineladmin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.
unknown
2008-01-17
7.5CVE-2008-0350
MILW0RM
OTHER-REF
SECUNIA
FaScript -- FaPersian PetitionSQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-01-17
7.5CVE-2008-0325
MILW0RM
BID
FaScript -- FaPersianHackSQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php.
unknown
2008-01-17
7.5CVE-2008-0326
MILW0RM
BID
FaScript -- FaMp3SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-01-17
7.5CVE-2008-0327
MILW0RM
BID
FaScript -- FaNameSQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-01-17
7.5CVE-2008-0328
MILW0RM
BID
FreeBSD -- FreeBSDOff-by-one error in the inet_network function in libc in FreeBSD 6.2, 6.3, and 7.0-PRERELEASE and earlier allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
unknown
2008-01-15
10.0CVE-2008-0122
FREEBSD
Funkwerk -- System SoftwareUnspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests.
unknown
2008-01-17
7.8CVE-2008-0331
OTHER-REF
SECUNIA
GForge -- GForgeSQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
unknown
2008-01-15
7.5CVE-2008-0173
DEBIAN
BID
FRSIRT
Hangzhou Rui-Qiang -- RichStrong CMSSQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2008-01-16
7.5CVE-2008-0291
MILW0RM
BID
ID-Commerce -- ID-CommerceSQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter.
unknown
2008-01-15
7.5CVE-2008-0281
FULLDISC
FULLDISC
FULLDISC
BID
XF
iGaming -- iGamingSQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter.
unknown
2008-01-15
7.5CVE-2008-0255
MILW0RM
BID
SECUNIA
XF
ImageAlbum -- ImageAlbumMultiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action.
unknown
2008-01-15
7.5CVE-2008-0288
BUGTRAQ
MILW0RM
BID
Linux -- KernelVFS in the Linux kernel before 2.6.23.14 performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass file permissions.
unknown
2008-01-15
7.2CVE-2008-0001
OTHER-REF
BID
Linux -- KernelThe Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
unknown
2008-01-17
7.8CVE-2008-0352
MILW0RM
OTHER-REF
XF
Matteo Binda -- ASP Photo GalleryMultiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp.
unknown
2008-01-15
7.5CVE-2008-0256
MILW0RM
BID
SECUNIA
Menalto -- Gallery Publish XP ModuleUnspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors.
unknown
2008-01-16
10.0CVE-2007-6685
OTHER-REF
Menalto -- GalleryThe URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.
unknown
2008-01-16
10.0CVE-2007-6686
OTHER-REF
Menalto -- GalleryUnspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."
unknown
2008-01-16
10.0CVE-2007-6688
OTHER-REF
Menalto -- GalleryMenalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module.
unknown
2008-01-16
7.5CVE-2007-6689
OTHER-REF
Menalto -- GalleryThe Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors.
unknown
2008-01-16
10.0CVE-2007-6690
OTHER-REF
Menalto -- GalleryMultiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "item information disclosure attacks" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules.
unknown
2008-01-16
10.0CVE-2007-6691
OTHER-REF
Menalto -- Gallery WebCam ModuleUnspecified vulnerability in the WebCam module in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to a "proxied request."
unknown
2008-01-16
10.0CVE-2007-6693
OTHER-REF
Microsoft -- Excel
Microsoft -- Excel Viewer
Unspecified vulnerability in Microsoft Excel 2004 and earlier, and Microsoft Office Excel Viewer 2003, allows remote attackers to execute arbitrary code via an Excel file with a malformed header, which triggers memory corruption. NOTE: due to lack of details from the vendor, it is not clear whether this is the same issue as CVE-2007-3490.
unknown
2008-01-16
10.0CVE-2008-0081
OTHER-REF
BID
FRSIRT
SECTRACK
XF
Microsoft -- Visual InterDevBuffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line.
unknown
2008-01-11
9.3CVE-2008-0250
MILW0RM
OTHER-REF
BID
MiniWeb HTTP Server -- MiniWeb HTTP ServerHeap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.
unknown
2008-01-17
7.5CVE-2008-0337
MILW0RM
OTHER-REF
SECUNIA
MTCMS -- MTCMSSQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter.
unknown
2008-01-15
7.5CVE-2008-0280
BUGTRAQ
MILW0RM
BID
Oracle -- Oracle DatabaseUnspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01.
unknown
2008-01-17
10.0CVE-2008-0339
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04).
unknown
2008-01-17
10.0CVE-2008-0340
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- Oracle DatabaseUnspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03.
unknown
2008-01-17
10.0CVE-2008-0341
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- Oracle DatabaseUnspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05.
unknown
2008-01-17
10.0CVE-2008-0342
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown impact and remote attack vectors, aka DB06.
unknown
2008-01-17
10.0CVE-2008-0343
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07.
unknown
2008-01-17
10.0CVE-2008-0344
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.
unknown
2008-01-17
10.0CVE-2008-0345
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.
unknown
2008-01-17
10.0CVE-2008-0346
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2 and Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka OCS01.
unknown
2008-01-17
10.0CVE-2008-0347
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.
unknown
2008-01-17
10.0CVE-2008-0348
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02.
unknown
2008-01-17
10.0CVE-2008-0349
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
PhotoPost -- Photopost vBGalleryUnrestricted file upload vulnerability in PhotoPost vBGallery before 2.4.2 allows remote attackers to upload and execute arbitrary files via unknown vectors.
unknown
2008-01-11
10.0CVE-2008-0251
OTHER-REF
OTHER-REF
SECUNIA
XF
Radiator -- RADIUS_ServerRadiator before 4.0 allows remote attackers to cause a denial of service (daemon crash) via malformed RADIUS requests, as demonstrated by packets sent by nmap.
unknown
2008-01-17
7.8CVE-2008-0330
OTHER-REF
SECUNIA
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
unknown
2008-01-15
10.0CVE-2007-5655
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
unknown
2008-01-15
10.0CVE-2007-5656
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
unknown
2008-01-15
10.0CVE-2007-5657
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.
unknown
2008-01-15
10.0CVE-2007-5658
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
VideoLAN -- VLCStack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
unknown
2008-01-16
7.5CVE-2007-6681
BUGTRAQ
MLIST
MLIST
VideoLAN -- VLCFormat string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.
unknown
2008-01-16
7.5CVE-2007-6682
BUGTRAQ
VideoLAN -- VLC Media PlayerHeap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
unknown
2008-01-16
8.5CVE-2008-0295
OTHER-REF
BID
FRSIRT
SECUNIA
VideoLAN -- VLC Media PlayerHeap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
unknown
2008-01-16
10.0CVE-2008-0296
OTHER-REF
FRSIRT
Xforum -- XforumSQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected.
unknown
2008-01-15
7.5CVE-2008-0279
MILW0RM
BID
XF

Back to top

Medium Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
AfterLogic -- MailBee WebMail Pro
Microsoft -- ASP.NET
Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the temp_filename parameter.
unknown
2008-01-17
5.0CVE-2008-0333
MILW0RM
Apple -- QuicktimeUnspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execurte arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption.
unknown
2008-01-15
5.8CVE-2008-0031
APPLE
OTHER-REF
Apple -- QuicktimeApple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption.
unknown
2008-01-15
5.8CVE-2008-0032
IDEFENSE
APPLE
OTHER-REF
Apple -- iPhoneUnspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls.
unknown
2008-01-15
4.6CVE-2008-0034
APPLE
OTHER-REF
Apple -- SafariUnspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2 and iPod touch 1.1 through 1.1.2 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted URL that triggers memory corruption in Safari.
unknown
2008-01-15
6.8CVE-2008-0035
APPLE
OTHER-REF
Apple -- QuicktimeBuffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which triggers the overflow during decoding.
unknown
2008-01-15
6.8CVE-2008-0036
APPLE
OTHER-REF
Apple -- SafariKHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.
unknown
2008-01-16
4.3CVE-2008-0298
BUGTRAQ
OTHER-REF
BID
XF
Aria -- AriaDirectory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
unknown
2008-01-17
5.0CVE-2008-0332
MILW0RM
Boost -- Boost
Boost -- Boost Regex Library
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.
unknown
2008-01-17
5.0CVE-2008-0171
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Boost -- BoostThe get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.
unknown
2008-01-17
5.0CVE-2008-0172
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Bugtracker.NET -- Bugtracker.NETCross-site scripting (XSS) vulnerability in BugTracker.NET before 2.7.2 allows remote attackers to inject arbitrary web script or HTML via an arbitrary custom text field.
unknown
2008-01-17
4.3CVE-2008-0335
OTHER-REF
OTHER-REF
BID
SECUNIA
XF
Bugtracker.NET -- Bugtracker.NETMultiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remote attackers to delete arbitrary bugs and perform other administrative tasks via unspecified vectors, possibly related to delete_*.aspx pages, and massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx.
unknown
2008-01-17
4.3CVE-2008-0336
OTHER-REF
OTHER-REF
SECUNIA
XF
Cisco -- VPN ClientCisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
unknown
2008-01-16
4.9CVE-2008-0324
MILW0RM
BID
XF
Dansie -- Search EngineCross-site scripting (XSS) vulnerability in search.pl in Dansie Search Engine 2.7 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-01-15
4.3CVE-2008-0257
SECUNIA
Dansie -- Photo AlbumCross-site scripting (XSS) vulnerability in photo_album.pl in Dansie Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-01-16
4.3CVE-2008-0292
SECUNIA
XF
DomPHP -- DomPHPPHP remote file inclusion vulnerability in /aides/index.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
unknown
2008-01-15
6.8CVE-2008-0283
MILW0RM
BID
Drupal -- Meta_Tags_ModuleUnspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node.
unknown
2008-01-15
6.8CVE-2008-0264
OTHER-REF
FRSIRT
SECUNIA
Drupal -- BUEditorThe editor deletion form in BUEditor 4.7.x before 4.7.x-1.0 and 5.x before 5.x-1.1, a module for Drupal, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete custom editor interfaces.
unknown
2008-01-15
4.3CVE-2008-0271
OTHER-REF
SECUNIA
XF
Drupal -- DrupalCross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.
unknown
2008-01-15
4.3CVE-2008-0272
OTHER-REF
BID
SECUNIA
XF
Drupal -- DrupalInterpretation conflict in Drupal 4.7.x before 4.7.11 and 5.x before 5.6, when Internet Explorer 6 is used, allows remote attackers to conduct cross-site scripting (XSS) attacks via invalid UTF-8 byte sequences, which are not processed as UTF-8 by Drupal's HTML filtering, but are processed as UTF-8 by Internet Explorer, effectively removing characters from the document and defeating the HTML protection mechanism.
unknown
2008-01-15
4.3CVE-2008-0273
OTHER-REF
BID
SECUNIA
XF
Drupal -- Atom ModuleThe Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content.
unknown
2008-01-15
5.0CVE-2008-0275
OTHER-REF
XF
Drupal -- DrupalCross-site scripting (XSS) vulnerability in the Devel module before 5.x-0.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via a site variable, related to lack of escaping of the variable table.
unknown
2008-01-15
4.3CVE-2008-0276
OTHER-REF
XF
eTicket -- eTicketCross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
unknown
2008-01-15
5.8CVE-2008-0268
BUGTRAQ
BID
SECUNIA
XF
Evilsentinel -- Evilsentineladmin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the es_security_captcha parameter and not invoking captcha.php.
unknown
2008-01-17
5.0CVE-2008-0351
MILW0RM
F5 -- BIG-IPMultiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories.
unknown
2008-01-15
4.3CVE-2008-0265
BUGTRAQ
FreeBSD -- FreeBSDThe script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.
unknown
2008-01-15
6.9CVE-2008-0217
FREEBSD
FreeSeat -- FreeSeatUnspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when format.php has certain modifications, allows remote attackers to bypass authentication and gain privileges via unspecified vectors related to the show_foot function.
unknown
2008-01-16
6.8CVE-2008-0293
OTHER-REF
SECUNIA
XF
FreeSeat -- FreeSeatUnspecified vulnerability in the seat-locking implementation in FreeSeat before 1.1.5d allows attackers to book a seat more than once via unspecified vectors.
unknown
2008-01-16
5.0CVE-2008-0294
OTHER-REF
BID
SECUNIA
XF
Ingate -- Ingate_SIParator
Ingate -- firewall
The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media ports in unspecified call hold and send-only stream scenarios, which allows remote attackers to cause a denial of service (port exhaustion) via unspecified vectors.
unknown
2008-01-15
5.0CVE-2008-0263
OTHER-REF
BID
FRSIRT
SECTRACK
SECTRACK
SECUNIA
Julien_Plesniak -- LulieBlogLulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) article_suppr.php, (2) comment_accepter.php, and (3) comment_refuser.php in Admin/, which allows remote attackers to accept comments, delete comments, and delete articles via the id parameter.
unknown
2008-01-17
5.0CVE-2008-0329
MILW0RM
BID
SECUNIA
XF
Keil Software -- PhotoKornPhotoKorn allows remote attackers to obtain database credentials via a direct request to update/update3.php, which includes the credentials in its output.
unknown
2008-01-16
5.0CVE-2008-0297
MILW0RM
XF
Mambo -- Mambo Open SourceUnspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service (query flood) via unspecified vectors.
unknown
2008-01-15
5.0CVE-2008-0261
OTHER-REF
BID
SECUNIA
XF
Mansion Productions -- Member Area SystemPHP remote file inclusion vulnerability in view_func.php in Member Area System (MAS) 1.7 and possibly others allows remote attackers to execute arbitrary PHP code via a URL in the i parameter. NOTE: a second vector might exist via the l parameter.
unknown
2008-01-15
6.8CVE-2008-0289
BUGTRAQ
BID
XF
Menalto -- GalleryMultiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery before 2.2.4 allow remote attackers to inject arbitrary web script or HTML via crafted filenames to the (1) Core or (2) add-item modules; or via (3) HTTP PROPPATCH in the WebDAV module.
unknown
2008-01-16
4.3CVE-2007-6687
OTHER-REF
Menalto -- GalleryOpen redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules.
unknown
2008-01-16
6.4CVE-2007-6692
OTHER-REF
minimal design -- minimal GalleryMultiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters.
unknown
2008-01-15
6.4CVE-2008-0259
MILW0RM
BID
SECUNIA
minimal design -- minimal Galleryminimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to php_info.php, which calls the phpinfo function.
unknown
2008-01-15
5.0CVE-2008-0260
MILW0RM
SECUNIA
MiniWeb HTTP Server -- MiniWeb HTTP ServerDirectory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI.
unknown
2008-01-17
5.0CVE-2008-0338
MILW0RM
OTHER-REF
SECUNIA
ngIRCd -- ngIRCdngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
unknown
2008-01-15
5.0CVE-2008-0285
OTHER-REF
OTHER-REF
OTHER-REF
PHP Running Management -- phpRunManCross-site scripting (XSS) vulnerability in index.php in PHP Running Management (phpRunMan) before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
unknown
2008-01-15
4.3CVE-2008-0258
OTHER-REF
OTHER-REF
BID
SECUNIA
Python Software Foundation -- Paramikocommon.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.
unknown
2008-01-16
4.3CVE-2008-0299
OTHER-REF
OTHER-REF
OTHER-REF
Simple Machines -- Simple Machines SMFCross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments.
unknown
2008-01-15
4.3CVE-2008-0284
BUGTRAQ
XF
Sun -- SolarisUnspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors.
unknown
2008-01-15
4.9CVE-2008-0269
SUNALERT
TaskFreak -- TaskFreakSQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter.
unknown
2008-01-15
6.0CVE-2008-0270
MILW0RM
VideoLAN -- VLCThe browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
unknown
2008-01-16
5.0CVE-2007-6683
MLIST
OTHER-REF
OTHER-REF
VideoLAN -- VLCThe RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
unknown
2008-01-16
5.0CVE-2007-6684
MLIST
OTHER-REF
VisionBurst -- vcartPHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 and possibly others allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php and (2) checkout.php.
unknown
2008-01-15
6.8CVE-2008-0287
MILW0RM
BID
SECUNIA
Wavelink Media -- TutorialCMSSQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter.
unknown
2008-01-15
6.8CVE-2008-0254
MILW0RM
BID
SECUNIA
X7 Group -- X7 ChatSQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action.
unknown
2008-01-15
6.5CVE-2008-0278
MILW0RM
BID
XF

Back to top

Low Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Drupal -- DrupalCross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML via crafted links involving theme .tpl.php files.
unknown
2008-01-15
2.6CVE-2008-0274
OTHER-REF
BID
SECUNIA
XF
eTicket -- eTicketCross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attacker must leverage a separate SQL injection vulnerability.
unknown
2008-01-15
2.6CVE-2008-0266
BUGTRAQ
BID
SECUNIA
XF
FreeBSD -- FreeBSDThe ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user.
unknown
2008-01-15
2.1CVE-2008-0216
FREEBSD
pMachine -- PMachine ProCross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter.
unknown
2008-01-17
2.6CVE-2008-0334
OTHER-REF
BID

Back to top

">

High Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Agares Media -- phpAutoVideoSQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter.
unknown
2008-01-15
7.5CVE-2008-0262
MILW0RM
MILW0RM
BID
XF
Apple -- QuicktimeUnspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a movie file with crafted Image Descriptor (IDSC) atoms, which triggers memory corruption.
unknown
2008-01-15
9.3CVE-2008-0033
APPLE
OTHER-REF
Article Dashboard -- Article DashboardSQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields.
unknown
2008-01-15
7.5CVE-2008-0286
BUGTRAQ
BID
BinN -- SBuilderSQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter.
unknown
2008-01-15
7.5CVE-2008-0253
MILW0RM
BID
CherryPy -- CherryPyDirectory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie.
unknown
2008-01-11
7.5CVE-2008-0252
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
FRSIRT
SECUNIA
Cisco -- Unified CallManager
Cisco -- Unified Communications Manager
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.
unknown
2008-01-16
10.0CVE-2008-0027
BUGTRAQ
OTHER-REF
CISCO
BID
XF
Debian -- apt-listchangesUntrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
unknown
2008-01-16
7.2CVE-2008-0302
OTHER-REF
OTHER-REF
DigitalHive -- DigitalHiveMultiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the selectskin parameter to an unspecified program, or (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in the gestion_membre.php page to base.php.
unknown
2008-01-15
7.5CVE-2008-0290
MILW0RM
BID
XF
DomPHP -- DomPHPSQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter.
unknown
2008-01-15
7.5CVE-2008-0282
MILW0RM
BID
SECUNIA
XF
Drupal -- Fileshare_ModuleUnspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
unknown
2008-01-15
8.5CVE-2008-0277
OTHER-REF
XF
eTicket -- eTicketMultiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
unknown
2008-01-15
7.5CVE-2008-0267
BUGTRAQ
BID
SECUNIA
XF
Evilsentinel -- Evilsentineladmin/index.php in Evilsentinel 1.0.9 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to gain administrative privileges and make arbitrary configuration changes.
unknown
2008-01-17
7.5CVE-2008-0350
MILW0RM
OTHER-REF
SECUNIA
FaScript -- FaPersian PetitionSQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-01-17
7.5CVE-2008-0325
MILW0RM
BID
FaScript -- FaPersianHackSQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php.
unknown
2008-01-17
7.5CVE-2008-0326
MILW0RM
BID
FaScript -- FaMp3SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-01-17
7.5CVE-2008-0327
MILW0RM
BID
FaScript -- FaNameSQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-01-17
7.5CVE-2008-0328
MILW0RM
BID
FreeBSD -- FreeBSDOff-by-one error in the inet_network function in libc in FreeBSD 6.2, 6.3, and 7.0-PRERELEASE and earlier allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
unknown
2008-01-15
10.0CVE-2008-0122
FREEBSD
Funkwerk -- System SoftwareUnspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests.
unknown
2008-01-17
7.8CVE-2008-0331
OTHER-REF
SECUNIA
GForge -- GForgeSQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
unknown
2008-01-15
7.5CVE-2008-0173
DEBIAN
BID
FRSIRT
Hangzhou Rui-Qiang -- RichStrong CMSSQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2008-01-16
7.5CVE-2008-0291
MILW0RM
BID
ID-Commerce -- ID-CommerceSQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter.
unknown
2008-01-15
7.5CVE-2008-0281
FULLDISC
FULLDISC
FULLDISC
BID
XF
iGaming -- iGamingSQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter.
unknown
2008-01-15
7.5CVE-2008-0255
MILW0RM
BID
SECUNIA
XF
ImageAlbum -- ImageAlbumMultiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action.
unknown
2008-01-15
7.5CVE-2008-0288
BUGTRAQ
MILW0RM
BID
Linux -- KernelVFS in the Linux kernel before 2.6.23.14 performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass file permissions.
unknown
2008-01-15
7.2CVE-2008-0001
OTHER-REF
BID
Linux -- KernelThe Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).
unknown
2008-01-17
7.8CVE-2008-0352
MILW0RM
OTHER-REF
XF
Matteo Binda -- ASP Photo GalleryMultiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp.
unknown
2008-01-15
7.5CVE-2008-0256
MILW0RM
BID
SECUNIA
Menalto -- Gallery Publish XP ModuleUnspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors.
unknown
2008-01-16
10.0CVE-2007-6685
OTHER-REF
Menalto -- GalleryThe URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.
unknown
2008-01-16
10.0CVE-2007-6686
OTHER-REF
Menalto -- GalleryUnspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to "web-accessibility protection of the storage folder."
unknown
2008-01-16
10.0CVE-2007-6688
OTHER-REF
Menalto -- GalleryMenalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module.
unknown
2008-01-16
7.5CVE-2007-6689
OTHER-REF
Menalto -- GalleryThe Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors.
unknown
2008-01-16
10.0CVE-2007-6690
OTHER-REF
Menalto -- GalleryMultiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "item information disclosure attacks" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules.
unknown
2008-01-16
10.0CVE-2007-6691
OTHER-REF
Menalto -- Gallery WebCam ModuleUnspecified vulnerability in the WebCam module in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to a "proxied request."
unknown
2008-01-16
10.0CVE-2007-6693
OTHER-REF
Microsoft -- Excel
Microsoft -- Excel Viewer
Unspecified vulnerability in Microsoft Excel 2004 and earlier, and Microsoft Office Excel Viewer 2003, allows remote attackers to execute arbitrary code via an Excel file with a malformed header, which triggers memory corruption. NOTE: due to lack of details from the vendor, it is not clear whether this is the same issue as CVE-2007-3490.
unknown
2008-01-16
10.0CVE-2008-0081
OTHER-REF
BID
FRSIRT
SECTRACK
XF
Microsoft -- Visual InterDevBuffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line.
unknown
2008-01-11
9.3CVE-2008-0250
MILW0RM
OTHER-REF
BID
MiniWeb HTTP Server -- MiniWeb HTTP ServerHeap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.
unknown
2008-01-17
7.5CVE-2008-0337
MILW0RM
OTHER-REF
SECUNIA
MTCMS -- MTCMSSQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter.
unknown
2008-01-15
7.5CVE-2008-0280
BUGTRAQ
MILW0RM
BID
Oracle -- Oracle DatabaseUnspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01.
unknown
2008-01-17
10.0CVE-2008-0339
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04).
unknown
2008-01-17
10.0CVE-2008-0340
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- Oracle DatabaseUnspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03.
unknown
2008-01-17
10.0CVE-2008-0341
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- Oracle DatabaseUnspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05.
unknown
2008-01-17
10.0CVE-2008-0342
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown impact and remote attack vectors, aka DB06.
unknown
2008-01-17
10.0CVE-2008-0343
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07.
unknown
2008-01-17
10.0CVE-2008-0344
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.
unknown
2008-01-17
10.0CVE-2008-0345
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.
unknown
2008-01-17
10.0CVE-2008-0346
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2 and Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka OCS01.
unknown
2008-01-17
10.0CVE-2008-0347
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.
unknown
2008-01-17
10.0CVE-2008-0348
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
Oracle -- E-Business Suite 11i
Oracle -- Oracle 10g Application Server Release 3
Oracle -- E-Business Suite 12
Oracle -- Application Server 9i Release 1
Oracle -- Oracle 9i Database Release 2
Oracle -- Database 11g
Oracle -- Collaboration Suite 10g
Oracle -- Database 9i
Oracle -- Oracle 10g Database Release 2
Oracle -- Oracle10g Application Server Release 2
Oracle -- Oracle10g Application Server
Oracle -- PeopleSoft Enterprise PeopleTools
Oracle -- Database 10g
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02.
unknown
2008-01-17
10.0CVE-2008-0349
OTHER-REF
HP
CERT
BID
FRSIRT
SECTRACK
SECUNIA
PhotoPost -- Photopost vBGalleryUnrestricted file upload vulnerability in PhotoPost vBGallery before 2.4.2 allows remote attackers to upload and execute arbitrary files via unknown vectors.
unknown
2008-01-11
10.0CVE-2008-0251
OTHER-REF
OTHER-REF
SECUNIA
XF
Radiator -- RADIUS_ServerRadiator before 4.0 allows remote attackers to cause a denial of service (daemon crash) via malformed RADIUS requests, as demonstrated by packets sent by nmap.
unknown
2008-01-17
7.8CVE-2008-0330
OTHER-REF
SECUNIA
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
unknown
2008-01-15
10.0CVE-2007-5655
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
unknown
2008-01-15
10.0CVE-2007-5656
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
unknown
2008-01-15
10.0CVE-2007-5657
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Tibco -- SmartSockets RTserver
Tibco -- RTworks
Tibco -- Enterprise Message Service
Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.
unknown
2008-01-15
10.0CVE-2007-5658
IDEFENSE
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
VideoLAN -- VLCStack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
unknown
2008-01-16
7.5CVE-2007-6681
BUGTRAQ
MLIST
MLIST
VideoLAN -- VLCFormat string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.
unknown
2008-01-16
7.5CVE-2007-6682
BUGTRAQ
VideoLAN -- VLC Media PlayerHeap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
unknown
2008-01-16
8.5CVE-2008-0295
OTHER-REF
BID
FRSIRT
SECUNIA
VideoLAN -- VLC Media PlayerHeap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
unknown
2008-01-16
10.0CVE-2008-0296
OTHER-REF
FRSIRT
Xforum -- XforumSQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected.
unknown
2008-01-15
7.5CVE-2008-0279
MILW0RM
BID
XF

Back to top

Medium Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
AfterLogic -- MailBee WebMail Pro
Microsoft -- ASP.NET
Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the temp_filename parameter.
unknown
2008-01-17
5.0CVE-2008-0333
MILW0RM
Apple -- QuicktimeUnspecified vulnerability in Apple QuickTime before 7.4 allows remote attackers to cause a denial of service (application termination) and execurte arbitrary code via a crafted Sorenson 3 video file, which triggers memory corruption.
unknown
2008-01-15
5.8CVE-2008-0031
APPLE
OTHER-REF
Apple -- QuicktimeApple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption.
unknown
2008-01-15
5.8CVE-2008-0032
IDEFENSE
APPLE
OTHER-REF
Apple -- iPhoneUnspecified vulnerability in Passcode Lock in Apple iPhone 1.0 through 1.1.2 allows users with physical access to execute applications without entering the passcode via vectors related to emergency calls.
unknown
2008-01-15
4.6CVE-2008-0034
APPLE
OTHER-REF
Apple -- SafariUnspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2 and iPod touch 1.1 through 1.1.2 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted URL that triggers memory corruption in Safari.
unknown
2008-01-15
6.8CVE-2008-0035
APPLE
OTHER-REF
Apple -- QuicktimeBuffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which triggers the overflow during decoding.
unknown
2008-01-15
6.8CVE-2008-0036
APPLE
OTHER-REF
Apple -- SafariKHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.
unknown
2008-01-16
4.3CVE-2008-0298
BUGTRAQ
OTHER-REF
BID
XF
Aria -- AriaDirectory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
unknown
2008-01-17
5.0CVE-2008-0332
MILW0RM
Boost -- Boost
Boost -- Boost Regex Library
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.
unknown
2008-01-17
5.0CVE-2008-0171
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Boost -- BoostThe get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression.
unknown
2008-01-17
5.0CVE-2008-0172
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Bugtracker.NET -- Bugtracker.NETCross-site scripting (XSS) vulnerability in BugTracker.NET before 2.7.2 allows remote attackers to inject arbitrary web script or HTML via an arbitrary custom text field.
unknown
2008-01-17
4.3CVE-2008-0335
OTHER-REF
OTHER-REF
BID
SECUNIA
XF
Bugtracker.NET -- Bugtracker.NETMultiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remote attackers to delete arbitrary bugs and perform other administrative tasks via unspecified vectors, possibly related to delete_*.aspx pages, and massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx.
unknown
2008-01-17
4.3CVE-2008-0336
OTHER-REF
OTHER-REF
SECUNIA
XF
Cisco -- VPN ClientCisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
unknown
2008-01-16
4.9CVE-2008-0324
MILW0RM
BID
XF
Dansie -- Search EngineCross-site scripting (XSS) vulnerability in search.pl in Dansie Search Engine 2.7 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-01-15
4.3CVE-2008-0257
SECUNIA
Dansie -- Photo AlbumCross-site scripting (XSS) vulnerability in photo_album.pl in Dansie Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-01-16
4.3CVE-2008-0292
SECUNIA
XF
DomPHP -- DomPHPPHP remote file inclusion vulnerability in /aides/index.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
unknown
2008-01-15
6.8CVE-2008-0283
MILW0RM
BID
Drupal -- Meta_Tags_ModuleUnspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node.
unknown
2008-01-15
6.8CVE-2008-0264
OTHER-REF
FRSIRT
SECUNIA
Drupal -- BUEditorThe editor deletion form in BUEditor 4.7.x before 4.7.x-1.0 and 5.x before 5.x-1.1, a module for Drupal, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete custom editor interfaces.
unknown
2008-01-15
4.3CVE-2008-0271
OTHER-REF
SECUNIA
XF
Drupal -- DrupalCross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.
unknown
2008-01-15
4.3CVE-2008-0272
OTHER-REF
BID
SECUNIA
XF
Drupal -- DrupalInterpretation conflict in Drupal 4.7.x before 4.7.11 and 5.x before 5.6, when Internet Explorer 6 is used, allows remote attackers to conduct cross-site scripting (XSS) attacks via invalid UTF-8 byte sequences, which are not processed as UTF-8 by Drupal's HTML filtering, but are processed as UTF-8 by Internet Explorer, effectively removing characters from the document and defeating the HTML protection mechanism.
unknown
2008-01-15
4.3CVE-2008-0273
OTHER-REF
BID
SECUNIA
XF
Drupal -- Atom ModuleThe Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content.
unknown
2008-01-15
5.0CVE-2008-0275
OTHER-REF
XF
Drupal -- DrupalCross-site scripting (XSS) vulnerability in the Devel module before 5.x-0.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via a site variable, related to lack of escaping of the variable table.
unknown
2008-01-15
4.3CVE-2008-0276
OTHER-REF
XF
eTicket -- eTicketCross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
unknown
2008-01-15
5.8CVE-2008-0268
BUGTRAQ
BID
SECUNIA
XF
Evilsentinel -- Evilsentineladmin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA test by omitting the es_security_captcha parameter and not invoking captcha.php.
unknown
2008-01-17
5.0CVE-2008-0351
MILW0RM
F5 -- BIG-IPMultiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories.
unknown
2008-01-15
4.3CVE-2008-0265
BUGTRAQ
FreeBSD -- FreeBSDThe script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.
unknown
2008-01-15
6.9CVE-2008-0217
FREEBSD
FreeSeat -- FreeSeatUnspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when format.php has certain modifications, allows remote attackers to bypass authentication and gain privileges via unspecified vectors related to the show_foot function.
unknown
2008-01-16
6.8CVE-2008-0293
OTHER-REF
SECUNIA
XF
FreeSeat -- FreeSeatUnspecified vulnerability in the seat-locking implementation in FreeSeat before 1.1.5d allows attackers to book a seat more than once via unspecified vectors.
unknown
2008-01-16
5.0CVE-2008-0294
OTHER-REF
BID
SECUNIA
XF
Ingate -- Ingate_SIParator
Ingate -- firewall
The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media ports in unspecified call hold and send-only stream scenarios, which allows remote attackers to cause a denial of service (port exhaustion) via unspecified vectors.
unknown
2008-01-15
5.0CVE-2008-0263
OTHER-REF
BID
FRSIRT
SECTRACK
SECTRACK
SECUNIA
Julien_Plesniak -- LulieBlogLulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) article_suppr.php, (2) comment_accepter.php, and (3) comment_refuser.php in Admin/, which allows remote attackers to accept comments, delete comments, and delete articles via the id parameter.
unknown
2008-01-17
5.0CVE-2008-0329
MILW0RM
BID
SECUNIA
XF
Keil Software -- PhotoKornPhotoKorn allows remote attackers to obtain database credentials via a direct request to update/update3.php, which includes the credentials in its output.
unknown
2008-01-16
5.0CVE-2008-0297
MILW0RM
XF
Mambo -- Mambo Open SourceUnspecified vulnerability in the search component and module in Mambo 4.5.x and 4.6.x allows remote attackers to cause a denial of service (query flood) via unspecified vectors.
unknown
2008-01-15
5.0CVE-2008-0261
OTHER-REF
BID
SECUNIA
XF
Mansion Productions -- Member Area SystemPHP remote file inclusion vulnerability in view_func.php in Member Area System (MAS) 1.7 and possibly others allows remote attackers to execute arbitrary PHP code via a URL in the i parameter. NOTE: a second vector might exist via the l parameter.
unknown
2008-01-15
6.8CVE-2008-0289
BUGTRAQ
BID
XF
Menalto -- GalleryMultiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery before 2.2.4 allow remote attackers to inject arbitrary web script or HTML via crafted filenames to the (1) Core or (2) add-item modules; or via (3) HTTP PROPPATCH in the WebDAV module.
unknown
2008-01-16
4.3CVE-2007-6687
OTHER-REF
Menalto -- GalleryOpen redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules.
unknown
2008-01-16
6.4CVE-2007-6692
OTHER-REF
minimal design -- minimal GalleryMultiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters.
unknown
2008-01-15
6.4CVE-2008-0259
MILW0RM
BID
SECUNIA
minimal design -- minimal Galleryminimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to php_info.php, which calls the phpinfo function.
unknown
2008-01-15
5.0CVE-2008-0260
MILW0RM
SECUNIA
MiniWeb HTTP Server -- MiniWeb HTTP ServerDirectory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI.
unknown
2008-01-17
5.0CVE-2008-0338
MILW0RM
OTHER-REF
SECUNIA
ngIRCd -- ngIRCdngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference.
unknown
2008-01-15
5.0CVE-2008-0285
OTHER-REF
OTHER-REF
OTHER-REF
PHP Running Management -- phpRunManCross-site scripting (XSS) vulnerability in index.php in PHP Running Management (phpRunMan) before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
unknown
2008-01-15
4.3CVE-2008-0258
OTHER-REF
OTHER-REF
BID
SECUNIA
Python Software Foundation -- Paramikocommon.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.
unknown
2008-01-16
4.3CVE-2008-0299
OTHER-REF
OTHER-REF
OTHER-REF
Simple Machines -- Simple Machines SMFCross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments.
unknown
2008-01-15
4.3CVE-2008-0284
BUGTRAQ
XF
Sun -- SolarisUnspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors.
unknown
2008-01-15
4.9CVE-2008-0269
SUNALERT
TaskFreak -- TaskFreakSQL injection vulnerability in index.php in TaskFreak! 0.6.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sContext parameter.
unknown
2008-01-15
6.0CVE-2008-0270
MILW0RM
VideoLAN -- VLCThe browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
unknown
2008-01-16
5.0CVE-2007-6683
MLIST
OTHER-REF
OTHER-REF
VideoLAN -- VLCThe RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
unknown
2008-01-16
5.0CVE-2007-6684
MLIST
OTHER-REF
VisionBurst -- vcartPHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 and possibly others allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php and (2) checkout.php.
unknown
2008-01-15
6.8CVE-2008-0287
MILW0RM
BID
SECUNIA
Wavelink Media -- TutorialCMSSQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter.
unknown
2008-01-15
6.8CVE-2008-0254
MILW0RM
BID
SECUNIA
X7 Group -- X7 ChatSQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action.
unknown
2008-01-15
6.5CVE-2008-0278
MILW0RM
BID
XF

Back to top

Low Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Drupal -- DrupalCross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML via crafted links involving theme .tpl.php files.
unknown
2008-01-15
2.6CVE-2008-0274
OTHER-REF
BID
SECUNIA
XF
eTicket -- eTicketCross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attacker must leverage a separate SQL injection vulnerability.
unknown
2008-01-15
2.6CVE-2008-0266
BUGTRAQ
BID
SECUNIA
XF
FreeBSD -- FreeBSDThe ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user.
unknown
2008-01-15
2.1CVE-2008-0216
FREEBSD
pMachine -- PMachine ProCross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter.
unknown
2008-01-17
2.6CVE-2008-0334
OTHER-REF
BID

Back to top

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top