EUVD-2005-2984

Malware in sbrugna...

Input validation

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges...

Multiple XSS vulnerabilities in FortiSandbox WebUI

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-FORTISANDBOX-0801.txt Vendor: ================================ www.fortinet.com PSIRT ID: 1418018 Product: ================================== FortiSandbox 3000D v2.02...

iPhone Safari phone-auto-dial vulnerability (original date: Nov. 2008)

Released since Apple published the iPhone 3.0 security fixes. Vulnerability Report --- BEGIN ADVISORY --- Manufacturer: Apple www.apple.com Device: iPhone 3G iPhone 1st Gen Firmware: 2.1 possible earlier versions Device Type: smart phone Subsystems: Safari and mobile telephony...

CVE-2005-0494

The CVE-2005-0494 entry concerns Thomson TCW690 cable modem firmware 2.1 and software ST42.03.0a. The RgSecurity form in the HTTP server fails to properly validate the password before making changes, enabling remote attackers on the LAN to gain access through a direct POST request. The vulnerabil...