18 matches found
EUVD-2009-4973
Malware in sbrugna...
EUVD-2009-4972
Malware in sbrugna...
CVE-2009-5015
The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...
CVE-2009-5014
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
CVE-2009-5015
The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...
CVE-2009-5014
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
Authorization
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
CVE-2009-5015
The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...
CVE-2009-5015
The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...
CVE-2009-5014
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
CVE-2009-5014
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
Design/Logic Flaw
The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...
CVE-2009-5015
The URL dispatch mechanism in TurboGears2 aka tg2 before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors...
CVE-2009-5015
CVE-2009-5015 affects TurboGears2 (tg2) prior to 2.0.2, where the URL dispatch mechanism exposes controller methods even if @expose is not used. The description notes unspecified impact and attack vectors; the provided connected documents do not elaborate on the root cause, affected components be...
CVE-2009-5015
Removed by vendor...
CVE-2009-5014
The default quickstart configuration of TurboGears2 aka tg2 before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authorization cookie, a related issue to CVE-2010-3852...
CVE-2009-5014
CVE-2009-5014 affects TurboGears2 (tg2) in its default quickstart config prior to 2.0.2, where a weak cookie salt allows remote attackers to bypass repoze.who authentication via a forged authorization cookie. This vulnerability is closely related to CVE-2010-3852 (Luci) in that both describe inse...
CVE-2009-5014
Removed by vendor...