|
257291
|
- |
|
adium
pidgin
|
adium
pidgin
|
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute …
|
CWE-399
Resource Management Errors
|
CVE-2009-2694
|
2017-09-19 10:29 |
2009-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257292
|
- |
|
gnome
|
gdm
|
The Red Hat build script for the GNOME Display Manager (GDM) before 2.16.0-56 on Red Hat Enterprise Linux (RHEL) 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended acc…
|
CWE-287
Improper Authentication
|
CVE-2009-2697
|
2017-09-19 10:29 |
2009-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257293
|
- |
|
pidgin
|
libpurple
pidgin
|
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2703
|
2017-09-19 10:29 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257294
|
- |
|
sun
x.org
|
opensolaris
solaris
x11
|
XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive informa…
|
CWE-200
Information Exposure
|
CVE-2009-2711
|
2017-09-19 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257295
|
- |
|
sun
|
virtualbox
|
Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2009-2714
|
2017-09-19 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257296
|
- |
|
sun
|
virtualbox
|
Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction.
|
CWE-20
Improper Input Validation
|
CVE-2009-2715
|
2017-09-19 10:29 |
2009-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257297
|
- |
|
sun-jester
|
opennews
|
SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2009-2735
|
2017-09-19 10:29 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257298
|
- |
|
sun-jester
|
opennews
|
Static code injection vulnerability in admin.php in sun-jester OpenNews 1.0 allows remote authenticated administrators to inject arbitrary PHP code into config.php via the "Overall Width" field in a …
|
CWE-94
Code Injection
|
CVE-2009-2736
|
2017-09-19 10:29 |
2009-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257299
|
- |
|
dd-wrt
|
dd-wrt
|
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bi…
|
CWE-20
Improper Input Validation
|
CVE-2009-2765
|
2017-09-19 10:29 |
2009-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257300
|
- |
|
dd-wrt
|
dd-wrt
|
httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2766
|
2017-09-19 10:29 |
2009-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
