7474 matches found
Aeries Browser Interface 'LostPwd.asp' SQL注入漏洞
BUGTRAQ ID: 26962 CNCAN ID:CNCAN-2007122401 Aeries Browser Interface是一款基于ASP的WEB应用程序。 Aeries Browser Interface不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'LostPwd.asp'脚本对用户提交的WEB参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Eagle Software AERIES Browser Interface 3.7.9.17...
CVE-2007-5860
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."...
Design/Logic Flaw
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."...
CVE-2007-5860
CVE-2007-5860 affects Apple Mac OS X 10.5.1 (Spin Tracer). The vulnerability is described as an unspecified local condition that allows an attacker with local access to execute arbitrary code via insecure file operations on output files. This is confirmed by multiple sources in the connected set,...
CVE-2007-5860
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."...
mysql DoS in the InnoDB Engine
The convertsearchmodetoinnobase function in hainnodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service database crash via a certain CONTAINS operation on an indexed column, which triggers an assertion error...
DEBIAN-CVE-2007-6389
The notify feature in GNOME screensaver gnome-screensaver 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V...
Session fixation
Pioneers formerly gnocatan before 0.11.3 allows remote attackers to cause a denial of service crash by triggering a delete operation while the Session object is still being used, as demonstrated by causing a "Broken pipe" error...
miniBB BB_FUNC_SEARCH.PHP SQL注入漏洞
miniBB是一款基于PHP的WEB应用程序。 miniBB不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL攻击,获得敏感信息或操作数据库。 问题是由于'BBFUNCSEARCH.PHP'脚本对用户提交的'table'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,攻击者可以获得敏感信息或操作数据库。 MiniBB MiniBB 2.1 - Apache Software Foundation Apache 1.3.24 - Apache Software Foundation Apache 1.3.23 - Apache Software...
Bbsxp 2 0 0 7[previous version don't know]an interesting vulnerability-vulnerability warning-the black bar safety net
| cpmpact. asp % option explicit Const JET3X = 4 if ""&Request"sessionid"&""""&session. sessionid&"" then error"validation code error" Dim dbpath,boolIs97 dbpath = Request"dbpath" boolIs97 = Request"boolIs97" If dbpath "" Then dbpath = server. mappathdbpath response. writeCompactDBdbpath,boolIs97...
Buffer overflow
Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service application crash or system crash and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing...
CVE-2007-5144
Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service application crash or system crash and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing...
[SECURITY] Fedora 7 Update: sylpheed-2.3.1-5
This program is an X based fast email client which has features like: o user-friendly and intuitive interface o integrated NetNews client partially implemented o ability of keyboard-only operation o Mew/Wanderlust-like key bind o multipart MIME o unlimited multiple account handling o message...
Microsoft Virtual PC / Virtual Server buffer overflow
Heap based buffer overflow allows guest operation system user with administrative privileges to execute code on host operation system or another guest operation system...
Design/Logic Flaw
The xfersecondarypool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof...
Code injection
Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers...
Security issue: user can copy page with only view permissions
I have a user who only has view permissions to a space. Logging on as that user, I went to the Info tab of a page. The Copy operation appeared, and I was able click the link, edit the copied page, and save it. This must be a security hole?...
Security issue: user can copy page with only view permissions
I have a user who only has view permissions to a space. Logging on as that user, I went to the Info tab of a page. The Copy operation appeared, and I was able click the link, edit the copied page, and save it. This must be a security hole?...
Security issue: user can copy page with only view permissions
I have a user who only has view permissions to a space. Logging on as that user, I went to the Info tab of a page. The Copy operation appeared, and I was able click the link, edit the copied page, and save it. This must be a security hole?...
Cross site scripting
Adobe Integrated Runtime AIR, aka Apollo allows context-dependent attackers to modify arbitrary files within an executing .air file compiled AIR application and perform cross-site scripting XSS attacks, as demonstrated by an application that modifies an HTML file inside itself via JavaScript that...