CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12451 CVE-2009-0157 119 DoS Exec Code Overflow 2009-05-13 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers.
12452 CVE-2009-0155 189 DoS Exec Code Overflow 2009-05-13 2017-08-07
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow.
12453 CVE-2009-0154 119 Exec Code Overflow 2009-05-13 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font.
12454 CVE-2009-0145 94 DoS Exec Code Mem. Corr. 2009-05-13 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers memory corruption.
12455 CVE-2009-0122 264 2009-01-15 2009-01-31
6.9
Admin Local Medium Not required Complete Complete Complete
hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to correct the ownership of its configuration files within home directories.
12456 CVE-2009-0112 352 CSRF 2009-01-09 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.asp in PollPro 3.0 allows remote attackers to create or modify accounts as administrators via the username, password, and name parameters.
12457 CVE-2009-0080 +Priv 2009-04-15 2018-10-12
6.9
None Local Medium Not required Complete Complete Complete
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability."
12458 CVE-2009-0079 264 +Priv 2009-04-15 2018-10-12
6.9
None Local Medium Not required Complete Complete Complete
The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."
12459 CVE-2009-0068 94 Exec Code 2009-01-07 2009-02-10
6.8
User Remote Medium Not required Partial Partial Partial
Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as demonstrated by overwriting the .desktop file.
12460 CVE-2009-0058 20 DoS 2009-02-04 2018-10-30
6.1
None Local Network Low Not required None None Complete
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner.
12461 CVE-2009-0056 352 Exec Code CSRF 2009-01-16 2009-02-05
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
12462 CVE-2009-0055 352 CSRF 2009-01-16 2009-02-05
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.
12463 CVE-2009-0040 94 DoS Exec Code 2009-02-22 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
12464 CVE-2009-0039 352 CSRF 2009-04-17 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown.
12465 CVE-2009-0037 352 Exec Code 2009-03-04 2018-10-11
6.8
User Remote Medium Not required Partial Partial Partial
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.
12466 CVE-2009-0034 264 +Priv 2009-01-30 2018-10-11
6.9
Admin Local Medium Not required Complete Complete Complete
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.
12467 CVE-2009-0032 59 2009-01-27 2017-08-07
6.9
None Local Medium Not required Complete Complete Complete
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
12468 CVE-2009-0030 287 2009-01-21 2017-09-28
6.5
None Remote Low Single system Partial Partial Partial
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3663.
12469 CVE-2009-0025 287 Bypass 2009-01-07 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
12470 CVE-2009-0022 20 2009-01-05 2018-10-03
6.3
None Remote Medium Single system Complete None None
Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name.
12471 CVE-2009-0009 119 DoS Exec Code Overflow Mem. Corr. 2009-02-12 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption.
12472 CVE-2008-7283 264 Bypass 2011-03-18 2011-03-22
6.0
None Remote Medium Single system Partial Partial Partial
Open Ticket Request System (OTRS) before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions.
12473 CVE-2008-7279 264 Bypass 2011-03-18 2011-03-22
6.5
None Remote Low Single system Partial Partial Partial
The CustomerInterface component in Open Ticket Request System (OTRS) before 2.2.8 allows remote authenticated users to bypass intended access restrictions and access tickets of arbitrary customers via unspecified vectors.
12474 CVE-2008-7277 264 Bypass 2011-03-18 2011-03-22
6.5
None Remote Low Single system Partial Partial Partial
Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets.
12475 CVE-2008-7262 22 Dir. Trav. 2010-10-19 2010-10-20
6.5
None Remote Low Single system Partial Partial Partial
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a pathname to a (1) CWD, (2) DELE, (3) STOR, or (4) RETR command.
12476 CVE-2008-7248 20 Bypass CSRF 2009-12-15 2012-07-06
6.8
None Remote Medium Not required Partial Partial Partial
Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.
12477 CVE-2008-7247 59 Bypass 2009-11-30 2018-01-04
6.0
None Remote Medium Single system Partial Partial Partial
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
12478 CVE-2008-7243 352 CSRF 2009-09-17 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. NOTE: due to the lack of details, it is not clear whether this is related to CVE-2008-5941.
12479 CVE-2008-7241 352 CSRF 2009-09-17 2009-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 allows remote attackers to hijack the authentication of unspecified users for requests related to a logout, probably a forced logout.
12480 CVE-2008-7238 2009-09-14 2012-10-22
6.0
None Remote Medium Single system Partial Partial Partial
Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors related to the Oracle Applications Framework (APP03); remote authenticated users to affect confidentiality and integrity via unknown vectors related to the (3) CRM Technical Foundation (APP05) and (4) Oracle Application Object Library (APP06); and remote authenticated users to affect integrity and availability via unknown vectors related to (5) Oracle Applications Technology Stack (APP07).
12481 CVE-2008-7234 2009-09-14 2012-10-22
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03.
12482 CVE-2008-7221 352 CSRF 2009-09-14 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows remote attackers to hijack the authentication of administrators for requests that (1) add new administrators or (2) modify user profiles via a crafted request to system/admin.php.
12483 CVE-2008-7214 352 XSS CSRF 2009-09-11 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator accounts via the save task in a com_users action, as demonstrated using a separate XSS vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php.
12484 CVE-2008-7211 +Priv 2009-09-11 2018-10-11
6.9
Admin Local Medium Not required Complete Complete Complete
CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object (FDO) to prevent user-moade access to the Physical Device Object (PDO), which allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer.
12485 CVE-2008-7208 89 Exec Code Sql 2009-09-11 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php.
12486 CVE-2008-7204 352 CSRF 2009-09-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
12487 CVE-2008-7193 352 CSRF 2009-09-09 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks by reading the PHPKITSID parameter from the HTTP Referer and using it in a request to (1) modify the user profile via upload_files/include.php or (2) create a new administrator via upload_files/pk/include.php.
12488 CVE-2008-7192 352 CSRF 2009-09-09 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
12489 CVE-2008-7183 94 Exec Code File Inclusion 2009-09-08 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the eva[caminho] parameter to index.php.
12490 CVE-2008-7176 22 Dir. Trav. 2009-09-08 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php.
12491 CVE-2008-7165 352 CSRF 2009-09-04 2018-10-11
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the administrator panel in TELECOM ITALIA Alice Gate2 Plus Wi-Fi allows remote attackers to hijack the authentication of administrators for requests that disable Wi-Fi encryption via certain values for the wlChannel and wlRadioEnable parameters.
12492 CVE-2008-7163 22 Dir. Trav. 2009-09-04 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and earlier, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the sine[config][index_main] parameter.
12493 CVE-2008-7157 264 Exec Code 2009-09-02 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/.
12494 CVE-2008-7156 287 +Priv Bypass 2009-09-02 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
EkinBoard 1.1.0 and earlier, when register_globals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php.
12495 CVE-2008-7152 94 Exec Code File Inclusion 2009-09-01 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) client.php or (2) taxonservice.php.
12496 CVE-2008-7151 352 Exec Code CSRF 2009-09-01 2017-08-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to hijack the authentication of unspecified privileged users for requests that can be leveraged to execute arbitrary PHP code.
12497 CVE-2008-7143 200 +Info 2009-09-01 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
phpBB 2.0.23 includes the session ID in a request to modcp.php when the moderator or administrator closes a thread, which allows remote attackers to hijack the session via a post in the thread containing a URL to a remotely hosted image, which might include the session ID in the Referer header.
12498 CVE-2008-7139 352 CSRF 2009-09-01 2018-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in WS-Proxy in Eye-Fi 1.1.2 allow remote attackers to hijack the authentication of users for requests that modify configuration via a SOAPAction parameter of (1) urn:SetOptions for autostart, (2) urn:SetDesktopSync for file upload, or (3) urn:SetFolderConfig for file download location or modification of authentication credentials; and (4) urn:AddNetwork for adding an arbitrary Service Set Identifier (SSID) to hijack the image upload.
12499 CVE-2008-7131 2009-08-31 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to gain access to a database via a link to a victim who is already connected to the database.
12500 CVE-2008-7123 94 Bypass 2009-08-31 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter in an ajout action, which bypasses the regular expression check.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.