|
262601
|
- |
|
sun
|
sun_fire_server
|
Per http://sunsolve.sun.com/search/document.do?assetkey=1-26-257329-1
"This issue only affects Sun Fire V215 servers which are equipped with system boards 375-3463 dash level -04 or later AND XVR-…
|
NVD-CWE-noinfo
|
CVE-2009-2458
|
2017-08-17 10:30 |
2009-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262602
|
- |
|
movabletype
|
six_apart_movable_type
|
Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type 4.24, and 4.25 when global templates are not initialized, allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2480
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262603
|
- |
|
six_apart
sixapart
|
movable_type
|
mt-wizard.cgi in Six Apart Movable Type before 4.261, when global templates are not initialized, allows remote attackers to bypass access restrictions and (1) send e-mail to arbitrary addresses or (2…
|
NVD-CWE-noinfo
CWE-287
Improper Authentication
|
CVE-2009-2481
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262604
|
- |
|
netbsd
|
netbsd
|
The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2482
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262605
|
- |
|
netbsd
|
netbsd
|
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) cont…
|
CWE-189
Numeric Errors
|
CVE-2009-2483
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262606
|
- |
|
sun
|
ray_server_software
|
Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-2489
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262607
|
- |
|
sun
|
ray_server_software
|
Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or p…
|
NVD-CWE-noinfo
|
CVE-2009-2490
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262608
|
- |
|
sun
|
ray_server_software
|
The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "res…
|
NVD-CWE-noinfo
|
CVE-2009-2491
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262609
|
- |
|
anelectron
|
advanced_electron_forum
|
SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the filename in an uploaded attachme…
|
CWE-89
SQL Injection
|
CVE-2009-2545
|
2017-08-17 10:30 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262610
|
- |
|
anelectron
|
advanced_electron_forum
|
Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote attackers to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, w…
|
CWE-22
Path Traversal
|
CVE-2009-2546
|
2017-08-17 10:30 |
2009-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
