271171
|
- |
|
ibm
|
db2
|
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
|
CWE-287
Improper Authentication
|
CVE-2007-1228
|
2009-02-11 14:00 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271172
|
- |
|
freedesktop
|
xdg-utils
|
Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-ope…
|
CWE-94
Code Injection
|
CVE-2009-0068
|
2009-02-10 15:59 |
2009-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271173
|
- |
|
xrdp
|
xrdp
|
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5902
|
2009-02-10 15:59 |
2009-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271174
|
- |
|
mantis
|
mantis
|
core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue…
|
CWE-200
Information Exposure
|
CVE-2008-4688
|
2009-02-10 15:56 |
2008-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271175
|
- |
|
sentex
|
jhead
|
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-4575
|
2009-02-10 15:55 |
2008-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271176
|
- |
|
onlinegrades
|
online_grades
|
Multiple SQL injection vulnerabilities in admin/admin_login.php in Online Grades 3.2.4 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pword parameter. NOTE: the pr…
|
CWE-89
SQL Injection
|
CVE-2009-0479
|
2009-02-9 14:00 |
2009-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271177
|
- |
|
goahead goahead_software
|
goahead_webserver
|
GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function.
|
CWE-20
Improper Input Validation
|
CVE-2003-1568
|
2009-02-9 14:00 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271178
|
- |
|
goahead
|
goahead_webserver
|
GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ de…
|
CWE-20
Improper Input Validation
|
CVE-2003-1569
|
2009-02-9 14:00 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271179
|
- |
|
goahead
|
goahead_webserver
|
Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered fun…
|
NVD-CWE-noinfo
|
CVE-2002-2431
|
2009-02-9 14:00 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271180
|
- |
|
goahead
|
goahead_webserver
|
webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header.
|
CWE-20
Improper Input Validation
|
CVE-2002-2429
|
2009-02-7 04:30 |
2009-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|