|
264831
|
- |
|
postfix
|
postfix
|
The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink a…
|
CWE-59
Link Following
|
CVE-2009-2939
|
2011-08-24 12:02 |
2009-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264832
|
- |
|
apple
|
webkit
|
page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rd…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1386
|
2011-08-23 13:00 |
2010-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264833
|
- |
|
ibm
|
websphere_application_server
|
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2)…
|
CWE-200
Information Exposure
|
CVE-2008-5413
|
2011-08-23 13:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264834
|
- |
|
ibm
|
websphere_application_server
|
The vendor has released a fixpack:
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg24021073
|
CWE-200
Information Exposure
|
CVE-2008-5413
|
2011-08-23 13:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264835
|
- |
|
oaboard
|
oaboard
|
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_stat parameter, a different vulnerability than CVE-2006-00…
|
CWE-94
Code Injection
|
CVE-2006-0094
|
2011-08-23 13:00 |
2006-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264836
|
- |
|
focus-sis
|
focus_sis
|
PHP remote file inclusion vulnerability in modules/Discipline/StudentFieldBreakdown.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter, a …
|
CWE-94
Code Injection
|
CVE-2007-4942
|
2011-08-22 13:00 |
2007-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264837
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an Op…
|
CWE-287
Improper Authentication
|
CVE-2009-5083
|
2011-08-13 02:55 |
2011-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264838
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Iss…
|
CWE-20
Improper Input Validation
|
CVE-2008-7299
|
2011-08-13 02:55 |
2011-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264839
|
- |
|
march-hare
|
cvs_suite
cvsnt
|
perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1326
|
2011-08-12 13:00 |
2010-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264840
|
- |
|
rockwellautomation
|
factorytalk_diagnostics_viewer
|
Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.…
|
NVD-CWE-noinfo
|
CVE-2011-2957
|
2011-08-12 11:45 |
2011-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
