|
256371
|
- |
|
mozilla
|
firefox
seamonkey
thunderbird
|
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and app…
|
NVD-CWE-noinfo
CWE-399
Resource Management Errors
|
CVE-2009-0353
|
2017-09-29 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256372
|
- |
|
mozilla
|
firefox
|
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0355
|
2017-09-29 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256373
|
- |
|
mozilla
|
firefox
seamonkey
|
Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0357
|
2017-09-29 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256374
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back…
|
CWE-200
Information Exposure
|
CVE-2009-0358
|
2017-09-29 10:33 |
2009-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256375
|
- |
|
ubuntu
|
ubuntu_linux
|
nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-0365
|
2017-09-29 10:33 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256376
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 7 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Cl…
|
NVD-CWE-Other
|
CVE-2009-0369
|
2017-09-29 10:33 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256377
|
- |
|
ibm
|
aix
|
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
|
NVD-CWE-noinfo
|
CVE-2009-0370
|
2017-09-29 10:33 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256378
|
- |
|
sitexs_cms
|
sitexs_cms
|
Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter.
|
CWE-22
Path Traversal
|
CVE-2009-0371
|
2017-09-29 10:33 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256379
|
- |
|
memht
|
memht_portal
|
Unrestricted file upload vulnerability in index.php in Miltenovik Manojlo MemHT Portal 4.0.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an execut…
|
CWE-20
Improper Input Validation
|
CVE-2009-0372
|
2017-09-29 10:33 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256380
|
- |
|
elearningforce
|
flash_magazine_deluxe
|
SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parame…
|
CWE-89
SQL Injection
|
CVE-2009-0373
|
2017-09-29 10:33 |
2009-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
