|
271181
|
- |
|
freebsd
|
freebsd
|
Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use …
|
CWE-362
Race Condition
|
CVE-2009-3527
|
2009-10-7 13:00 |
2009-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271182
|
- |
|
sun
|
java_system_identity_manager
|
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not use SSL in all expected circumstances, which makes it easier for remote attackers to obtain sensitive information by sniffing the netwo…
|
CWE-310
Cryptographic Issues
|
CVE-2009-1074
|
2009-10-6 13:00 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271183
|
- |
|
sun
|
java_system_identity_manager
|
Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the Forgot Password feature depending on whether the user account exists, which allows remote attackers to…
|
CWE-255
Credentials Management
|
CVE-2009-1075
|
2009-10-6 13:00 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271184
|
- |
|
sun
|
java_system_identity_manager
|
The Change My Password implementation in the admin interface in Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the RequiresChallenge property setting, which allows remote aut…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1077
|
2009-10-6 13:00 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271185
|
- |
|
sun
|
java_system_identity_manager
|
Sun Java System Identity Manager (IdM) 7.0 through 8.0 does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, which allows remote authentica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-1078
|
2009-10-6 13:00 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271186
|
- |
|
sun
|
java_system_identity_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, ak…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1079
|
2009-10-6 13:00 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271187
|
- |
|
sun
|
java_system_identity_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, ak…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1080
|
2009-10-6 13:00 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271188
|
- |
|
sun
|
java_system_identity_manager
|
Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote attackers to execute arbit…
|
CWE-94
Code Injection
|
CVE-2009-1083
|
2009-10-6 13:00 |
2009-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271189
|
- |
|
juniper
|
junos
|
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default U…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3485
|
2009-10-5 13:00 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271190
|
- |
|
juniper
|
junos
|
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to …
|
CWE-79
Cross-site Scripting
|
CVE-2009-3486
|
2009-10-5 13:00 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
