CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11351 CVE-2009-0972 2009-04-15 2014-09-08
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
11352 CVE-2009-0970 94 Exec Code File Inclusion 2009-03-19 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11353 CVE-2009-0969 352 1 CSRF 2009-03-19 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in account/settings/account/index.php in phpFoX 1.6.21 allows remote attackers to hijack the authentication of administrators for requests that change the email address via the act[update] action.
11354 CVE-2009-0944 94 DoS Exec Code Mem. Corr. 2009-05-13 2009-05-16
6.8
None Remote Medium Not required Partial Partial Partial
The Microsoft Office Spotlight Importer in Spotlight in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not properly validate Microsoft Office files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a file that triggers memory corruption.
11355 CVE-2009-0943 20 Exec Code 2009-05-13 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that HTML pathnames are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.
11356 CVE-2009-0942 20 Exec Code 2009-05-13 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Help Viewer in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 does not verify that certain Cascading Style Sheets (CSS) are located in a registered help book, which allows remote attackers to execute arbitrary code via a help: URL that triggers invocation of AppleScript files.
11357 CVE-2009-0932 22 Dir. Trav. 2009-03-17 2011-09-21
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
11358 CVE-2009-0915 2009-03-16 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.
11359 CVE-2009-0910 119 Exec Code Overflow 2009-04-06 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436.
11360 CVE-2009-0908 2009-04-06 2017-09-28
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the ACE shared folders implementation in the VMware Host Guest File System (HGFS) shared folders feature in VMware ACE 2.5.1 and earlier allows attackers to enable a disabled shared folder.
11361 CVE-2009-0906 287 Bypass 2009-08-13 2017-08-16
6.5
None Remote Low Single system Partial Partial Partial
The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors.
11362 CVE-2009-0904 264 Bypass 2009-07-05 2017-08-16
6.4
None Remote Low Not required Partial Partial None
The IBM Stax XMLStreamWriter in the Web Services component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 does not properly process XML encoding, which allows remote attackers to bypass intended access restrictions and possibly modify data via "XML fuzzing attacks" sent through SOAP requests.
11363 CVE-2009-0887 189 DoS 2009-03-12 2019-01-03
6.6
Admin Local Medium Single system Complete Complete Complete
Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt.
11364 CVE-2009-0883 89 Exec Code Sql 2009-03-12 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter.
11365 CVE-2009-0880 22 Exec Code Dir. Trav. 2009-03-12 2018-10-10
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
11366 CVE-2009-0876 59 +Priv 2009-03-12 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.
11367 CVE-2009-0875 362 DoS +Priv Bypass 2009-03-12 2009-04-02
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.
11368 CVE-2009-0873 264 Bypass 2009-03-11 2018-10-30
6.8
User Remote Medium Not required Partial Partial Partial
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
11369 CVE-2009-0872 264 Bypass 2009-03-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes.
11370 CVE-2009-0868 20 Http R.Spl. 2009-03-10 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
11371 CVE-2009-0854 78 Exec Code 2009-03-11 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory.
11372 CVE-2009-0853 287 Bypass 2009-03-09 2018-10-10
6.8
User Remote Medium Not required Partial Partial Partial
login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass authentication and obtain administrative access via special characters in the Username parameter, as demonstrated by an admin'# parameter value.
11373 CVE-2009-0851 89 Exec Code Sql 2009-03-09 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.
11374 CVE-2009-0831 89 Exec Code Sql 2009-03-05 2017-09-28
6.0
User Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.
11375 CVE-2009-0806 264 2009-03-04 2009-03-05
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors.
11376 CVE-2009-0800 20 Exec Code 2009-04-23 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
11377 CVE-2009-0791 189 DoS Exec Code Overflow 2009-06-09 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.
11378 CVE-2009-0788 200 +Info 2011-04-18 2017-08-16
6.4
None Remote Low Not required Partial Partial None
Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote attackers to (1) obtain unspecified sensitive host information or (2) use the server as an inadvertent proxy to connect to arbitrary services and IP addresses via unspecified vectors.
11379 CVE-2009-0784 362 +Priv 2009-03-25 2017-09-28
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
11380 CVE-2009-0759 94 +Priv 2009-03-03 2009-06-09
6.5
User Remote Low Single system Partial Partial Partial
Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.
11381 CVE-2009-0730 89 Exec Code Sql 2009-02-24 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726.
11382 CVE-2009-0729 22 Dir. Trav. 2009-02-24 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11383 CVE-2009-0719 2009-04-29 2017-09-28
6.0
None Local Medium Single system Complete Complete None
Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unknown vectors, a different issue than CVE-2008-1660.
11384 CVE-2009-0715 2009-04-21 2009-04-29
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors.
11385 CVE-2009-0708 352 CSRF 2009-02-23 2012-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in SemanticScuttle before 0.91 allow remote attackers to (1) hijack the authentication of administrators via unknown vectors or (2) hijack the authentication of arbitrary users via vectors involving the profile page.
11386 CVE-2009-0705 89 Exec Code Sql 2009-02-23 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
11387 CVE-2009-0701 94 Exec Code File Inclusion 2009-02-23 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in index.php in Cybershade CMS 0.2b, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) THEME_header and (2) THEME_footer parameters.
11388 CVE-2009-0689 119 DoS Exec Code Overflow 2009-07-01 2018-11-02
6.8
User Remote Medium Not required Partial Partial Partial
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
11389 CVE-2009-0677 94 Exec Code 2009-02-22 2018-10-10
6.5
User Remote Low Single system Partial Partial Partial
avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with the eval switch, as specified in an element of the patterns array.
11390 CVE-2009-0674 94 2009-02-22 2018-10-10
6.0
User Remote Medium Single system Partial Partial Partial
images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors are enabled, allows remote attackers to determine the existence of local files by sending requests with full pathnames in the aFonts array parameter, and then observing the error messages, which differ between existing and nonexistent pathnames.
11391 CVE-2009-0673 94 Exec Code 2009-02-22 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php.
11392 CVE-2009-0672 89 Exec Code Sql 2009-02-22 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php.
11393 CVE-2009-0668 94 Exec Code 2009-08-07 2017-08-16
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
11394 CVE-2009-0662 287 2009-04-23 2017-08-16
6.0
None Remote Medium Single system Partial Partial Partial
The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitrary user via unspecified vectors.
11395 CVE-2009-0657 255 2009-02-20 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user.
11396 CVE-2009-0656 255 Bypass 2009-02-20 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user.
11397 CVE-2009-0655 287 2009-02-20 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a "plain image" of the authorized user.
11398 CVE-2009-0651 20 Exec Code 2009-02-20 2017-08-16
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to "initial communications setup."
11399 CVE-2009-0648 352 CSRF 2009-02-19 2017-08-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the manage_users handler in admin/index.php in Falt4 CMS (aka Falt4 Extreme) RC4 allow remote attackers to hijack the authentication of administrators for requests that change passwords via the (1) edit and (2) edit_now actions.
11400 CVE-2009-0645 22 Dir. Trav. 2009-02-18 2017-09-28
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.