CVE-2009-1069

Drupal CCK for Drupal 6.x contains XSS in node and user reference sub-modules (node titles and user names on the node edit form). Root cause: insufficient filtering of candidate references, enabling injection of arbitrary script/HTML. Affected: Drupal Content Construction Kit (CCK) 6.x prior to 6...

Fedora Core 9 FEDORA-2009-1069 (dnsmasq)

The remote host is missing an update to dnsmasq announced via advisory FEDORA-2009-1069. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Immunity Canvas: QGS_INCLUDE

Name| qgsinclude ---|--- CVE| CVE-2008-1069 Exploit Pack| CANVAS Description| Quantum Game Library 0.7.2c remote file include Notes| CVE Name: CVE-2008-1069 VENDOR: Quantum Game Library Repeatability: Infinite References: http://www.securityfocus.com/bid/27945 CVE Url:...

CVE-2008-1069

Quantum Game Library 0.7.2c contains multiple PHP remote file inclusion vulnerabilities that allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php. Affected component is the GAMERoot config integratio...

VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2007-0004.1 Synopsis: Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability Issue date: 2007-05-04...

VMSA-2007-0004 Multiple Denial-of-Service issues fixed

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2007-0004 Synopsis: Multiple Denial-of-Service issues fixed Issue date: 2007-05-04 Updated on: 2007-05-04 CVE numbers: CVE-2007-1069...

CVE-2007-1069

CVE-2007-1069 affects VMware Workstation prior to 5.5.4. According to VMware advisory and related materials, memory management could mishandle general protection faults in Windows guests, enabling denial-of-service by crashing the Windows VM. The issue is among several DoS problems addressed in V...

CVE-2006-1069

Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors...

CVE-2006-1069

CVE-2006-1069 affects Geeklog versions with a flaw in the session-handling library (lib-sessions.php) that can be exploited to bypass authentication and gain access as any user, including admin. Affected: Geeklog 1.4.x before 1.4.0sr2; 1.3.11 before 1.3.11sr5; 1.3.9 before 1.3.9sr5 (and possibly ...

CVE-2004-1069

Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service kernel crash via SOCKSEQPACKET unix domain sockets, which are not properly handled in the sockdgramsendmsg function...

CVE-2004-1069

CVE-2004-1069 describes a race condition affecting SELinux-enabled Linux kernels in the 2.6.x series (through 2.6.9) when handling AF_UNIX network packets. Local attackers could cause a kernel DoS (kernel crash) via SOCK_SEQPACKET Unix domain sockets due to improper handling in sock_dgram_sendmsg...

CVE-2001-1069

libCoolType library as used in Adobe Acrobat acroread on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior...

CVE-2001-1069

The CVE describes a Linux issue in the libCoolType library used by Adobe Acrobat (acroread): the AdobeFnt.lst file is created with world-writable permissions, allowing local users to modify the file and possibly alter acroread’s behavior. Vulnerable component: libCoolType in Acrobat/acroread on L...

CVE-2003-1069

The Telnet daemon in.telnetd for Solaris 2.6 through 9 allows remote attackers to cause a denial of service CPU consumption by infinite loop...

CVE-2002-1069

CVE-2002-1069 concerns the D-Link DI-804 router (firmware 4.68). The weakness allows remote attackers to bypass authentication via direct access to web pages (release.htm, Device Status, Device Information) and perform actions such as releasing DHCP addresses or retrieving sensitive data. The und...

CVE-1999-1069

The CVE-1999-1069 issue concerns the iCat Carbo Server 3.0.0, where the CGI component carbo.dll fails to sanitize the icatcommand parameter, enabling a remote attacker to perform a directory traversal and read arbitrary files. The vulnerability outcome is information disclosure (PARTIAL confident...

CVE-2001-1069

libCoolType library as used in Adobe Acrobat acroread on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior...

CVE-2000-1069

The CVE concerns pollit.cgi in Poll It 2.01 and earlier, where remote attackers can access administrative functions without the real password by supplying the same value to entered_password and admin_password. The provided references confirm the vulnerable component and the authentication bypass,...

CVE-2000-1069

pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the enteredpassword and adminpassword parameters...

CVE-2000-1069

pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the enteredpassword and adminpassword parameters...