270881
|
- |
|
gupnp
|
gupnp
|
GUPnP 0.12.7 allows remote attackers to cause a denial of service (crash) via an empty (1) subscription or (2) control message.
|
NVD-CWE-Other
|
CVE-2009-2174
|
2009-06-25 03:52 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270882
|
- |
|
irfanview
|
irfanview
|
Integer overflow in IrfanView 4.23, when the resampling or screen fitting option is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF 1 BPP image, which triggers a heap-ba…
|
CWE-94
Code Injection
|
CVE-2009-2118
|
2009-06-24 14:34 |
2009-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270883
|
- |
|
foxitsoftware
|
foxit_reader jpeg2000\/jbig2_decoder_add-on
|
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, whic…
|
CWE-189
Numeric Errors
|
CVE-2009-0690
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270884
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-2170
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270885
|
- |
|
mahara
|
mahara
|
Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2171
|
2009-06-24 13:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270886
|
- |
|
emn
|
coccinelle
|
Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."
|
CWE-59
Link Following
|
CVE-2009-1753
|
2009-06-23 14:33 |
2009-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270887
|
- |
|
sun
|
opensolaris solaris
|
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS sha…
|
CWE-255
Credentials Management
|
CVE-2009-1933
|
2009-06-23 14:33 |
2009-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270888
|
- |
|
google
|
chrome
|
Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary…
|
CWE-287
Improper Authentication
|
CVE-2009-2071
|
2009-06-23 14:33 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270889
|
- |
|
apple
|
safari
|
Apple Safari does not require a cached certificate before displaying a lock icon for an https web site, which allows man-in-the-middle attackers to spoof an arbitrary https site by sending the browse…
|
CWE-287
Improper Authentication
|
CVE-2009-2072
|
2009-06-23 14:33 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270890
|
- |
|
steve_grundell
|
frontend_mp3_player
|
SQL injection vulnerability in the Frontend MP3 Player (fe_mp3player) 0.2.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-2103
|
2009-06-23 14:33 |
2009-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|