|
266701
|
- |
|
javier_fernandez
|
jailer
|
updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.
|
CWE-59
Link Following
|
CVE-2008-5139
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266702
|
- |
|
federico_di_gregorio
|
nvidia-cg-toolkit
|
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvidia-cg-toolkit-manifest temporary file.
|
CWE-59
Link Following
|
CVE-2008-5144
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266703
|
- |
|
aucko
|
libncbi6
|
fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-5149
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266704
|
- |
|
smsclient
|
smsclient
|
mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary file…
|
CWE-59
Link Following
|
CVE-2008-5155
|
2009-02-17 15:53 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266705
|
- |
|
fotoware
|
fotoweb
|
Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb 6.0 (Build 273) allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to cmdrequest/Login.fwx and the (2…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0573
|
2009-02-16 14:00 |
2009-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266706
|
- |
|
fail2ban
|
fail2ban
|
filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved D…
|
CWE-287
Improper Authentication
|
CVE-2009-0362
|
2009-02-13 14:00 |
2009-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266707
|
- |
|
modernmethod
|
sajax
|
Cross-site scripting (XSS) vulnerability in the sajax_get_common_js function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0525
|
2009-02-12 14:00 |
2009-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266708
|
- |
|
semanticscuttle
|
semanticscuttle
|
Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php.
|
NVD-CWE-noinfo
|
CVE-2008-6110
|
2009-02-11 14:00 |
2009-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266709
|
- |
|
ibm
|
db2
|
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
|
CWE-287
Improper Authentication
|
CVE-2007-1228
|
2009-02-11 14:00 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266710
|
- |
|
freedesktop
|
xdg-utils
|
Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-ope…
|
CWE-94
Code Injection
|
CVE-2009-0068
|
2009-02-10 15:59 |
2009-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
