382 matches found
EUVD-2010-0957
Malware in sbrugna...
CVE-2010-0929
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff...
Elxis CMS 2008.1 PHPSESSID Variable Session Fixation
No description provided by source. source: http://www.securityfocus.com/bid/31764/info Elxis CMS is prone to multiple cross-site scripting and session-fixation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The application is also prone to a session-fixation...
Elxis CMS 2008.1 modules/mod_language.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/31764/info Elxis CMS is prone to multiple cross-site scripting and session-fixation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The application is also prone to a session-fixation...
CVE-2010-0931
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data, possibly involving a large sndbuf value...
CVE-2010-0934
The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script...
Design/Logic Flaw
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service infinite loop via crafted data that includes a byte sequence of 0xdc, 0xff, 0xff, and 0xff immediately before the client protocol version number...
Code injection
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data, possibly involving a large sndbuf value...
Null pointer dereference
The FTP server in Perforce Server 2008.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a certain MKD command...
Directory traversal
Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. dot dot in the argument to the "p4 add" command...
CVE-2010-0929
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff...
Code injection
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff...
CVE-2010-0933
Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. dot dot in the argument to the "p4 add" command...
CVE-2010-0932
The FTP server in Perforce Server 2008.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a certain MKD command...
CVE-2010-0931
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data, possibly involving a large sndbuf value...
CVE-2010-0933
Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. dot dot in the argument to the "p4 add" command...
CVE-2010-0929
The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data beginning with a byte sequence of 0x4c, 0xb3, 0xff, 0xff, and 0xff...
CVE-2010-0932
The CVE-2010-0932 entry concerns Perforce Server 2008.1, where the FTP server component is vulnerable to a denial of service via a crafted MKD command that triggers a NULL pointer dereference and daemon crash. The cited Red Hat and NVD records confirm the same description and indicate the impact ...
CVE-2010-0934
CVE-2010-0934 affects Perforce Server 2008.1, where the triggers functionality can be abused by remote authenticated users with super privileges to execute arbitrary operating-system commands via a p4 client invocation combined with the form-in trigger script. The Red Hat, NVD, and OpenVAS record...
CVE-2010-0930
The vulnerability CVE-2010-0930 affects Perforce Server 2008.1 (p4s.exe). A crafted data sequence containing 0xDC 0xFF 0xFF 0xFF immediately before the client protocol version number can cause a denial of service (infinite loop). Connected sources consistently describe this as a DoS caused by tha...