Cisco Unified IP Phone 7960G and 7940G (SIP) RTP Header Vulnerability

Title: ------ Cisco Unified IP Phone 7960G and 7940G SIP RTP Header Vulnerability Summary: -------- The Cisco Unified IP Phone 7960G and 7940G SIP do not correctly parse some malformed RTP headers leading to a deterministic denial of service Assigned CVE: ------------- CVE-2008-4444 Details:...

Java Runtime UTF-8 Decoder Smuggling Vector

Due to misconfiguration of mailing lists, it was just pointed out this is already public. Apologies to those vendors who have not reacted to Sun's announcements of December 2nd in a timely manner; Mitre ID: CVE-2008-2938 Initial title: Java Runtime UTF-8 Decoding Flaw Actual title: Java Runtime...

Fedora Core 10 FEDORA-2009-0183 (thunderbird)

The remote host is missing an update to thunderbird announced via advisory FEDORA-2009-0183. OpenVAS Vulnerability Test $Id: fcore20090183.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0183 thunderbird Authors: Thomas Reinke Copyright: Copyright c...

PT-2009-01: PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities

Positive Technologies Research Team has discovered several vulnerabilities in PGP Desktop. 1. The IOCTL handler in pgpdisk.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system. Severity Rating : Severity: Medium Impact: Denial of...

CVE-2008-1094 - Barracuda Span Firewall SQL Injection Vulnerability

CVE Number: CVE-2008-1094 Vulnerability: SQL Injection Risk: Medium Attack vector: From Remote Vulnerability Discovered: 16th June 2008 Vendor Notified: 16th June 2008 Advisory Released: 15th December 2008 Abstract Barracuda Networks Spam Firewall is vulnerable to various SQL Injection attacks...

Additional XSS attack vectors in feed preview — Mozilla

Mozilla security researcher mozbugra4 reported an additional variation on the feed preview vulnerabilities fixed in Firefox 2.0.0.17. mozbugra4 demonstrated that it was still possible to use the feed preview as a vector for JavaScript privilege escalation. An attacker could use this issue to run...

CVE-2008-5380

gpsdrive aka gpsdrive-scripts 2.09 allows local users to overwrite arbitrary files via a symlink attack on an a /tmp/geo, a b /tmp/geocaching.loc, a c /tmp/geo., or a d /tmp/geo. temporary file, related to the 1 geo-code and 2 geo-nearest scripts, different vectors than CVE-2008-4959...

CVE-2008-5347

Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...

Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing a malformed XML tag, the...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PhpBlock A8.5 allow remote attackers to execute arbitrary PHP code via a URL in the PATHTOCODE parameter to 1 script/init/createallimagecache.php, 2 allincludefortick.php and 3 test.php in script/tick/, and 4...

CVE-2008-5210

Multiple PHP remote file inclusion vulnerabilities in PhpBlock A8.5 allow remote attackers to execute arbitrary PHP code via a URL in the PATHTOCODE parameter to 1 script/init/createallimagecache.php, 2 allincludefortick.php and 3 test.php in script/tick/, and 4...

Apoll 0.7b - Authentication Bypass

Apoll version Remote Auth Bypass Vulnerability version: beta 0.7 script dwonload: http://www.miticdjd.com/download/3/ ---------------------------------------------------------- Discovered By: ZoRLu Date: 03.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi...

CVE-2008-4598

Technical details for CVE-2008-4598 are not publicly available in the provided documents. Monitor for updates from NVD/Drupal advisories.

VulnCheck KEV: CVE-2008-2463

The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail...

Gentoo Security Advisory GLSA 200501-12 (tikiwiki)

The remote host is missing updates announced in advisory GLSA 200501-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200410-28 (rssh)

The remote host is missing updates announced in advisory GLSA 200410-28. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200412-12 (acroread)

The remote host is missing updates announced in advisory GLSA 200412-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200408-19 (courier-imap)

The remote host is missing updates announced in advisory GLSA 200408-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200402-06 (Kernel)

The remote host is missing updates announced in advisory GLSA 200402-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200711-34 (cstetex)

The remote host is missing updates announced in advisory GLSA 200711-34. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...