CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12101 CVE-2009-0876 59 +Priv 2009-03-12 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.
12102 CVE-2009-0875 362 DoS +Priv Bypass 2009-03-12 2009-04-02
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.
12103 CVE-2009-0873 264 Bypass 2009-03-11 2018-10-30
6.8
User Remote Medium Not required Partial Partial Partial
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
12104 CVE-2009-0872 264 Bypass 2009-03-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes.
12105 CVE-2009-0868 20 Http R.Spl. 2009-03-10 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
12106 CVE-2009-0854 78 Exec Code 2009-03-11 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory.
12107 CVE-2009-0853 287 Bypass 2009-03-09 2018-10-10
6.8
User Remote Medium Not required Partial Partial Partial
login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass authentication and obtain administrative access via special characters in the Username parameter, as demonstrated by an admin'# parameter value.
12108 CVE-2009-0851 89 Exec Code Sql 2009-03-09 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.
12109 CVE-2009-0831 89 Exec Code Sql 2009-03-05 2017-09-28
6.0
User Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.
12110 CVE-2009-0806 264 2009-03-04 2009-03-05
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors.
12111 CVE-2009-0800 20 Exec Code 2009-04-23 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
12112 CVE-2009-0791 189 DoS Exec Code Overflow 2009-06-09 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.
12113 CVE-2009-0788 200 +Info 2011-04-18 2017-08-16
6.4
None Remote Low Not required Partial Partial None
Red Hat Network (RHN) Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote attackers to (1) obtain unspecified sensitive host information or (2) use the server as an inadvertent proxy to connect to arbitrary services and IP addresses via unspecified vectors.
12114 CVE-2009-0784 362 +Priv 2009-03-25 2017-09-28
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
12115 CVE-2009-0759 94 +Priv 2009-03-03 2009-06-09
6.5
User Remote Low Single system Partial Partial Partial
Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.
12116 CVE-2009-0730 89 Exec Code Sql 2009-02-24 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726.
12117 CVE-2009-0729 22 Dir. Trav. 2009-02-24 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
12118 CVE-2009-0719 2009-04-29 2017-09-28
6.0
None Local Medium Single system Complete Complete None
Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unknown vectors, a different issue than CVE-2008-1660.
12119 CVE-2009-0715 2009-04-21 2009-04-29
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors.
12120 CVE-2009-0708 352 CSRF 2009-02-23 2012-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in SemanticScuttle before 0.91 allow remote attackers to (1) hijack the authentication of administrators via unknown vectors or (2) hijack the authentication of arbitrary users via vectors involving the profile page.
12121 CVE-2009-0705 89 Exec Code Sql 2009-02-23 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
12122 CVE-2009-0701 94 Exec Code File Inclusion 2009-02-23 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in index.php in Cybershade CMS 0.2b, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) THEME_header and (2) THEME_footer parameters.
12123 CVE-2009-0689 119 DoS Exec Code Overflow 2009-07-01 2018-11-02
6.8
User Remote Medium Not required Partial Partial Partial
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
12124 CVE-2009-0677 94 Exec Code 2009-02-22 2018-10-10
6.5
User Remote Low Single system Partial Partial Partial
avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with the eval switch, as specified in an element of the patterns array.
12125 CVE-2009-0674 94 2009-02-22 2018-10-10
6.0
User Remote Medium Single system Partial Partial Partial
images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors are enabled, allows remote attackers to determine the existence of local files by sending requests with full pathnames in the aFonts array parameter, and then observing the error messages, which differ between existing and nonexistent pathnames.
12126 CVE-2009-0673 94 Exec Code 2009-02-22 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php.
12127 CVE-2009-0672 89 Exec Code Sql 2009-02-22 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php.
12128 CVE-2009-0668 94 Exec Code 2009-08-07 2017-08-16
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.
12129 CVE-2009-0662 287 2009-04-23 2017-08-16
6.0
None Remote Medium Single system Partial Partial Partial
The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitrary user via unspecified vectors.
12130 CVE-2009-0657 255 2009-02-20 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user.
12131 CVE-2009-0656 255 Bypass 2009-02-20 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user.
12132 CVE-2009-0655 287 2009-02-20 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Lenovo Veriface III allows physically proximate attackers to login to a Windows account by presenting a "plain image" of the authorized user.
12133 CVE-2009-0651 20 Exec Code 2009-02-20 2017-08-16
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to "initial communications setup."
12134 CVE-2009-0648 352 CSRF 2009-02-19 2017-08-16
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the manage_users handler in admin/index.php in Falt4 CMS (aka Falt4 Extreme) RC4 allow remote attackers to hijack the authentication of administrators for requests that change passwords via the (1) edit and (2) edit_now actions.
12135 CVE-2009-0645 22 Dir. Trav. 2009-02-18 2017-09-28
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.
12136 CVE-2009-0642 287 2009-02-20 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate.
12137 CVE-2009-0624 DoS 2009-02-26 2009-03-03
6.8
None Remote Low Single system None None Complete
Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet.
12138 CVE-2009-0613 264 Bypass 2009-02-17 2018-10-30
6.0
User Remote Medium Single system Partial Partial Partial
Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages.
12139 CVE-2009-0597 89 Exec Code Sql 2009-02-16 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in admin/index.php in w3b>cms (aka w3blabor CMS) before 3.4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the benutzername parameter (aka Username field) in a login action.
12140 CVE-2009-0596 22 Dir. Trav. 2009-02-16 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
12141 CVE-2009-0593 89 Exec Code Sql 2009-02-16 2017-09-28
6.5
User Remote Low Single system Partial Partial Partial
SQL injection vulnerability in members.php in plx Auto Reminder 3.7 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a newar action.
12142 CVE-2009-0588 2009-05-27 2009-06-09
6.5
None Remote Low Single system Partial Partial Partial
agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field.
12143 CVE-2009-0578 264 2009-03-04 2017-09-28
6.2
None Local Low Single system None Complete Complete
GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
12144 CVE-2009-0577 189 Exec Code Overflow 2009-02-20 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2008-3640.
12145 CVE-2009-0543 89 Sql Bypass 2009-02-12 2009-06-09
6.8
User Remote Medium Not required Partial Partial Partial
ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
12146 CVE-2009-0530 94 Exec Code File Inclusion 2009-02-11 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SESSION[SCRIPT_PATH] parameter to includes/vars.inc.php and the (2) g_pcltar_lib_dir parameter to includes/tar_lib/pcltar.lib.php.
12147 CVE-2009-0527 94 Exec Code File Inclusion 2009-02-11 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in plugins/rss_importer_functions.php in AdaptCMS Lite 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter.
12148 CVE-2009-0515 22 Dir. Trav. 2009-02-10 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
12149 CVE-2009-0506 2009-02-25 2017-08-07
6.2
Admin Local High Not required Complete Complete Complete
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5.1 and 6.0.2 before 6.0.2.33 on z/OS, when CSIv2 Identity Assertion is enabled and Enterprise JavaBeans (EJB) interaction occurs between a WAS 6.1 instance and a WAS pre-6.1 instance, allows local users to have an unknown impact via vectors related to (1) use of the wrong subject and (2) multiple CBIND checks.
12150 CVE-2009-0499 352 CSRF 2009-02-09 2009-04-01
6.4
None Remote Low Not required None Partial Partial
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to delete unauthorized forum posts via a link or IMG tag to post.php.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.