CVE-2008-6863

CVE-2008-6863 : Xigla Software Absolute Form Processor .NET 4.0 contains an authentication bypass. Remote attackers can gain administrative access by setting a specific cookie value. Impact is described as partial confidentiality, integrity, and availability with a CVSS v2 base score of 7.5 (HIGH...

Fedora Core 11 FEDORA-2009-6768 (kernel)

The remote host is missing an update to kernel announced via advisory FEDORA-2009-6768. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora 11 : kernel-2.6.29.5-191.fc11 (2009-6768)

Update to kernel 2.6.29.5: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29.5 Includes DRM modesetting bug fixes. Adds driver for VIA SD/MMC controllers and full support for the Nano processor in 64-bit mode. Note that Tenable Network Security has extracted the preceding description...

CVE-2009-1902

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

Null pointer dereference

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

CVE-2009-1902

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

CVE-2009-1902

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

CVE-2009-1902

CVE-2009-1902 affects ModSecurity prior to 2.5.9. The vulnerability arises in the multipart processor when a datapost request has a missing part header name, causing a NULL pointer dereference and potential denial of service (remote crash). Evidence from SUSE confirms the same description and imp...

CVE-2004-2764

CVE-2004-2764 affects Sun JRE/JSDK 1.4.x (1.4.0 to 1.4.2_04, and 1.4.1, 1.4.2) where untrusted applets and unprivileged servlets could gain privileges and read data from other applets due to issues in the XSLT processor (XML sniffing). The vulnerability description states privilege escalation via...

Debian Security Advisory DSA 1799-1 (qemu)

The remote host is missing an update to qemu announced via advisory DSA 1799-1. OpenVAS Vulnerability Test $Id: deb17991.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1799-1 qemu Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Ascad Networks 5 Products Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications ================================================================ Ascad Networks 5 Products Insecure Cookie Handling Vulnerability ================================================================...

Ascad Networks 5 - Products Insecure Cookie Handling

Ascad Networks 5 - Products Insecure Cookie Handling ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...

Ascad Networks 5 Products Insecure Cookie Handling Vulnerability

No description provided by source. ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ==============================================================================...

Ascad Networks 5 Insecure Cookie

============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ============================================================================== / | | || | | \ | | / \ | |/ / | | |...

Ascad Networks 5 - Products Insecure Cookie Handling

============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ============================================================================== / | | || | | \ | | / \ | |/ / | | |...

[SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1799-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 11, 2009 http://www.debian.org/security/faq -...

CVE-2009-1504

Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."...

Authentication flaw

Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."...

CVE-2009-1504

Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."...

CVE-2009-1504

CVE-2009-1504 affects Absolute Form Processor XE 1.5. The vulnerability allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to “lvl=1&userid=1.” This is supported by NVD/NVD-derived details; CVSS metrics indicate network attack, low co...