CVE-2011-2543

CVE-2011-2543 affects Cisco TelePresence System Integrator C Series 4.x up to TC4.2.0. A buffer overflow in the cuil component triggered by a long location parameter to getxml (via the locally listening tshell) allows remote authenticated users to cause a denial of service (endpoint reboot or pro...

JAKCMS PRO 2.2.5 Arbitrary File Upload

Exploit Title: JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload Exploit Google Dork: "Powered By JAKCMS" Date: 21/09/2011 Author: EgiX Software Link: http://www.jakcms.com/ Version: 2.2.5 Tested on: Windows 7 and Debian 6.0.2 ?php / -------------------------------------------------------- JAKCMS P...

Arbitrary file deletion

Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and...

Authentication flaw

EMC RSA Adaptive Authentication On-Premise AAOP 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the...

Remote Authentication Message Check

In order to avoid false positives, this plugin determines if the remote system accepts any kind of login. Some SSH implementations claim that a login has been accepted when it has not. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid55900; scriptversion"1.11";...

UBUNTU-CVE-2011-2907

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

IBM JDK Class file parsing denial-of-service

The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service JVM segmentation fault, and possibly memory consumption or an infinite loop via a crafted...

DEBIAN-CVE-2011-2511

Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service libvirtd crash and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption...

Directory traversal

Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to 1...

libvirt: integer overflow in VirDomainGetVcpus

Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service libvirtd crash and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption...

CVE-2011-2279

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1, Bundle, and 6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Manager...

Code injection

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50.20 and 8.51.11 allows remote authenticated users to affect integrity via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability, related to XMLSEQIMPT...

Design/Logic Flaw

Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMSSYSSQL...

CVE-2011-0816

Unspecified vulnerability in the CMDB Metadata & Instance APIs component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentialit...

CVE-2011-0875

Oracle Database Server EMCTL Component Unspecified Vulnerability (CVE-2011-0875) affects EMCTL in Oracle Database Server 11.1.0.7 and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1. Root cause is an unspecified vulnerability allowing remote authenticated users to affect c...

CVE-2011-2385

The CVE-2011-2385 entry concerns the iPhoneHandle component in Open Ticket Request System (OTRS). Affected versions include iPhoneHandle 0.9.x prior to 0.9.7 and 1.0.x prior to 1.0.3, where the iPhoneHandle interface is not properly restricted. This allows remote authenticated users to gain privi...

Cisco Network Registrar Default Credentials Authentication Bypass

An authentication weakness vulnerability exists in Cisco Network Registrar. A remote attacker can leverage this vulnerability to authenticate with administrative privileges to the affected device and change the configuration...

H3C ER5100 - Authentication Bypass

H3C ER5100 - Authentication Bypass source: https://www.securityfocus.com/bid/48384/info The H3C ER5100 is prone to a remote authentication-bypass vulnerability. Attackers can exploit this issue to bypass the authentication mechanism and perform unauthorized actions...

H3C ER5100 - Authentication Bypass

source: https://www.securityfocus.com/bid/48384/info The H3C ER5100 is prone to a remote authentication-bypass vulnerability. Attackers can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. http://www.example.com:8080/home.asp?userLogin.asp...