|
258401
|
- |
|
adobe
|
acrobat
|
Per: http://www.adobe.com/support/security/bulletins/apsb09-15.html
This update resolves an issue that could allow a malicious user to bypass file extension security controls. This issue is specif…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3461
|
2017-09-19 10:29 |
2009-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258402
|
- |
|
adobe
|
acrobat
|
Per: http://www.adobe.com/support/security/bulletins/apsb09-15.html
Acrobat
Acrobat Standard and Pro users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3461
|
2017-09-19 10:29 |
2009-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258403
|
- |
|
adobe
|
shockwave_player
|
Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3463
|
2017-09-19 10:29 |
2009-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258404
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issu…
|
CWE-94
Code Injection
|
CVE-2009-3464
|
2017-09-19 10:29 |
2009-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258405
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issu…
|
CWE-94
Code Injection
|
CVE-2009-3465
|
2017-09-19 10:29 |
2009-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258406
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption, related to an "invalid string length vulnerability."…
|
CWE-399
Resource Management Errors
|
CVE-2009-3466
|
2017-09-19 10:29 |
2009-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258407
|
- |
|
gnu
|
wget
|
GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SS…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3490
|
2017-09-19 10:29 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258408
|
- |
|
gotdns
|
loggix_project
|
Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to (1) Calendar.php,…
|
CWE-94
Code Injection
|
CVE-2009-3492
|
2017-09-19 10:29 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258409
|
- |
|
jean-michel_wyttenbach
|
cmsphp
|
Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) cook_user parameter to index.php and the (2) name paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3506
|
2017-09-19 10:29 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258410
|
- |
|
jean-michel_wyttenbach
|
cmsphp
|
Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter.
|
CWE-22
Path Traversal
|
CVE-2009-3507
|
2017-09-19 10:29 |
2009-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
