271471
|
- |
|
chinagames
|
igame
|
Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argumen…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1800
|
2009-05-28 23:30 |
2009-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271472
|
- |
|
ulteo
|
open_virtual_desktop
|
Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop 1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter to header.php. NOTE: the provenance …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1785
|
2009-05-24 13:00 |
2009-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271473
|
- |
|
cisco
|
wvc54gca
|
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to o…
|
CWE-200
Information Exposure
|
CVE-2009-1555
|
2009-05-23 14:31 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271474
|
- |
|
cisco
|
wvc54gca
|
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the next_file pa…
|
CWE-200
Information Exposure
|
CVE-2009-1556
|
2009-05-23 14:31 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271475
|
- |
|
cgi_rescue
|
cgi_web_mailer
|
CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1591
|
2009-05-23 14:31 |
2009-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271476
|
- |
|
gnome
|
evolution
|
The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1631
|
2009-05-23 14:31 |
2009-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271477
|
- |
|
transmissionbt
|
transmission
|
Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2009-1757
|
2009-05-22 20:52 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271478
|
- |
|
drupal
|
drupal
|
Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows user-assisted remote attackers to obtain sensitive information by tricking victims i…
|
NVD-CWE-noinfo
|
CVE-2009-1576
|
2009-05-20 14:36 |
2009-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271479
|
- |
|
gpsdrive
|
gpsdrive
|
src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different …
|
CWE-59
Link Following
|
CVE-2008-5704
|
2009-05-20 13:00 |
2008-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271480
|
- |
|
google
|
chrome
|
Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a …
|
CWE-189
Numeric Errors
|
CVE-2009-1442
|
2009-05-19 14:35 |
2009-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|