CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12101 CVE-2009-3321 89 1 Exec Code Sql 2009-09-23 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP HTTP header.
12102 CVE-2009-3313 89 1 Exec Code Sql 2009-09-23 2017-09-18
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php.
12103 CVE-2009-3312 94 1 Exec Code File Inclusion 2009-09-23 2017-09-18
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in php/init.poll.php in phpPollScript 1.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a crafted URL in the include_class parameter.
12104 CVE-2009-3298 264 2009-11-03 2009-11-04
6.5
None Remote Low Single system Partial Partial Partial
Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authenticated institution administrators to reset a site administrator password via unspecified vectors.
12105 CVE-2009-3255 89 1 Exec Code Sql 2009-09-18 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in RASH Quote Management System (RQMS) 1.2.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an admin action to the default URI.
12106 CVE-2009-3248 352 1 CSRF 2009-09-18 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php.
12107 CVE-2009-3231 287 Bypass 2009-09-17 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
12108 CVE-2009-3230 264 +Priv 2009-09-17 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600.
12109 CVE-2009-3223 89 1 Exec Code Sql 2009-09-16 2017-09-18
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
12110 CVE-2009-3219 22 1 Dir. Trav. 2009-09-16 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the a parameter.
12111 CVE-2009-3218 89 1 Exec Code Sql 2009-09-16 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.
12112 CVE-2009-3212 89 1 Exec Code Sql 2009-09-16 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field.
12113 CVE-2009-3211 22 1 Dir. Trav. 2009-09-16 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI.
12114 CVE-2009-3207 264 2009-09-16 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
The ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, when the private file system is used, does not properly perform access control for derivative images, which allows remote attackers to view arbitrary images via a request that specifies an image's filename.
12115 CVE-2009-3182 264 1 Exec Code 2009-09-11 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/editor/filemanager/browser.html in Anantasoft Gazelle CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in user/File/.
12116 CVE-2009-3173 1 Exec Code 2009-09-11 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/add_album.php in The Rat CMS Alpha 2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
12117 CVE-2009-3168 287 1 2009-09-11 2017-09-18
6.5
User Remote Low Single system Partial Partial Partial
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request.
12118 CVE-2009-3122 264 2009-09-09 2017-08-16
6.4
None Remote Low Not required Partial Partial None
The Ajax Table module 5.x for Drupal does not perform access control, which allows remote attackers to delete arbitrary users and nodes via unspecified vectors.
12119 CVE-2009-3053 22 1 Dir. Trav. 2009-09-03 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.
12120 CVE-2009-3052 89 1 Exec Code Sql 2009-09-03 2017-09-18
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php.
12121 CVE-2009-3028 Exec Code 2011-03-07 2013-02-06
6.8
None Remote Medium Not required Partial Partial Partial
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.
12122 CVE-2009-3022 352 CSRF 2009-08-31 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors.
12123 CVE-2009-2973 310 2009-08-27 2017-08-16
6.4
None Remote Low Not required None Partial Partial
Google Chrome before 2.0.172.43 does not prevent SSL connections to a site with an X.509 certificate signed with the (1) MD2 or (2) MD4 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary HTTPS servers via a crafted certificate, a related issue to CVE-2009-2409.
12124 CVE-2009-2964 352 CSRF 2009-08-25 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to (1) functions/mailbox_display.php, (2) src/addrbook_search_html.php, (3) src/addressbook.php, (4) src/compose.php, (5) src/folders.php, (6) src/folders_create.php, (7) src/folders_delete.php, (8) src/folders_rename_do.php, (9) src/folders_rename_getname.php, (10) src/folders_subscribe.php, (11) src/move_messages.php, (12) src/options.php, (13) src/options_highlight.php, (14) src/options_identities.php, (15) src/options_order.php, (16) src/search.php, and (17) src/vcard.php.
12125 CVE-2009-2957 119 Exec Code Overflow 2009-09-02 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
12126 CVE-2009-2939 59 2009-09-21 2011-08-23
6.9
Admin Local Medium Not required Complete Complete Complete
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
12127 CVE-2009-2904 16 +Priv 2009-10-01 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
12128 CVE-2009-2883 89 1 Exec Code Sql 2009-08-20 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in admin/login.php in SaphpLesson 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cp_username parameter, related to an error in the CleanVar function in includes/functions.php.
12129 CVE-2009-2872 DoS 2009-09-28 2009-10-01
6.8
None Remote Low Single system None None Complete
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776.
12130 CVE-2009-2854 264 2009-08-18 2017-11-22
6.4
None Remote Low Not required Partial Partial None
Wordpress before 2.8.3 does not check capabilities for certain actions, which allows remote attackers to make unauthorized edits or additions via a direct request to (1) edit-comments.php, (2) edit-pages.php, (3) edit.php, (4) edit-category-form.php, (5) edit-link-category-form.php, (6) edit-tag-form.php, (7) export.php, (8) import.php, or (9) link-add.php in wp-admin/.
12131 CVE-2009-2852 20 1 Exec Code 2009-08-18 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WP-Syntax plugin 0.9.1 and earlier for Wordpress, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via the test_filter[wp_head] array parameter to test/index.php, which is used in a call to the call_user_func_array function.
12132 CVE-2009-2839 399 DoS Exec Code Mem. Corr. 2009-11-10 2009-12-19
6.8
None Remote Medium Not required Partial Partial Partial
Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
12133 CVE-2009-2838 189 DoS Exec Code Overflow 2009-11-10 2009-11-17
6.8
User Remote Medium Not required Partial Partial Partial
Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document that triggers a buffer overflow.
12134 CVE-2009-2837 119 DoS Exec Code Overflow 2009-11-10 2017-09-18
6.8
User Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
12135 CVE-2009-2836 362 Bypass 2009-11-10 2009-11-17
6.2
Admin Local High Not required Complete Complete Complete
Race condition in Login Window in Apple Mac OS X 10.6.x before 10.6.2, when at least one account has a blank password, allows attackers to bypass password authentication and obtain login access to an arbitrary account via unspecified vectors.
12136 CVE-2009-2830 119 DoS Exec Code Overflow 2009-11-10 2009-11-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file. NOTE: this might overlap CVE-2009-1515.
12137 CVE-2009-2827 119 DoS Exec Code Overflow 2009-11-10 2009-11-17
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Disk Images in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FAT filesystem on a disk image.
12138 CVE-2009-2826 189 DoS Exec Code Overflow 2009-11-10 2009-11-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in CoreGraphics in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers a heap-based buffer overflow.
12139 CVE-2009-2824 119 Exec Code Overflow 2009-11-10 2009-11-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allow remote attackers to execute arbitrary code via a crafted embedded font in a document.
12140 CVE-2009-2822 264 Bypass 2010-04-05 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
AirPort Utility before 5.5.1 for Apple AirPort Base Station does not properly distribute MAC address ACLs to network extenders, which allows remote attackers to bypass intended access restrictions via an 802.11 authentication frame.
12141 CVE-2009-2816 352 CSRF 2009-11-13 2017-09-18
6.8
User Remote Medium Not required Partial Partial Partial
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page.
12142 CVE-2009-2813 264 Bypass 2009-09-14 2018-10-10
6.0
None Remote Medium Single system Partial Partial Partial
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.
12143 CVE-2009-2812 Exec Code 2009-09-14 2012-10-22
6.8
None Remote Medium Not required Partial Partial Partial
Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site.
12144 CVE-2009-2811 94 Exec Code 2009-09-14 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature.
12145 CVE-2009-2810 Exec Code 2009-11-10 2009-11-17
6.8
None Remote Medium Not required Partial Partial Partial
Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message.
12146 CVE-2009-2809 94 DoS Exec Code Mem. Corr. 2009-09-14 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues."
12147 CVE-2009-2805 189 DoS Exec Code Overflow 2009-09-14 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow.
12148 CVE-2009-2804 189 DoS Exec Code Overflow 2009-09-14 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow.
12149 CVE-2009-2803 399 DoS Exec Code Mem. Corr. 2009-09-14 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork.
12150 CVE-2009-2801 264 Bypass 2010-03-30 2010-03-31
6.4
None Remote Low Not required None Partial Partial
The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified firewall rules after a reboot, which might allow remote attackers to bypass intended access restrictions via packet data, related to a "timing issue."
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.