270901
|
- |
|
apple
|
safari
|
CFNetwork in Apple Safari before 4.0 on Windows does not properly protect the temporary files created for downloads, which allows local users to obtain sensitive information by reading these files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1716
|
2009-06-19 14:32 |
2009-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270902
|
- |
|
sun
|
opensolaris
|
Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) v…
|
NVD-CWE-noinfo
|
CVE-2009-2012
|
2009-06-19 14:32 |
2009-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270903
|
- |
|
sun
|
opensolaris
|
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.
|
CWE-200
Information Exposure
|
CVE-2009-2031
|
2009-06-19 14:32 |
2009-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270904
|
- |
|
cisco
|
ace_4710 application_control_engine_module
|
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2…
|
NVD-CWE-noinfo
|
CVE-2009-0623
|
2009-06-19 13:00 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270905
|
- |
|
angrydonuts
|
nodequeue
|
Nodequeue 5.x before 5.x-2.7 and 6.x before 6.x-2.2, a module for Drupal, does not properly restrict access when displaying node titles, which has unknown impact and attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2075
|
2009-06-19 13:00 |
2009-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270906
|
- |
|
angrydonuts
|
views
|
Drupal 6.x before 6.x-2.6, a module for Drupal, allows remote authenticated users to bypass access restrictions and (1) read unpublished content from anonymous users when a view is already configured…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2077
|
2009-06-19 13:00 |
2009-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270907
|
- |
|
squid
|
squid_web_proxy_cache
|
Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0801
|
2009-06-18 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270908
|
- |
|
qbik
|
wingate
|
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silve…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0802
|
2009-06-18 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270909
|
- |
|
smoothwall
|
networkguardian schoolguardian smoothguardian
|
SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0803
|
2009-06-18 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270910
|
- |
|
ziproxy
|
ziproxy
|
Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silv…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0804
|
2009-06-18 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|