|
260291
|
- |
|
opensolution
|
quick.cms
quick.cms.lite
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 allow remote attackers to hijack the authentication of the administrator for requests that (1) delet…
|
CWE-352
Origin Validation Error
|
CVE-2009-4121
|
2017-08-17 10:31 |
2009-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260292
|
- |
|
ruby-lang
|
ruby
|
Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4124
|
2017-08-17 10:31 |
2009-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260293
|
- |
|
mozilla
|
firefox
|
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load fo…
|
CWE-362
Race Condition
|
CVE-2009-4129
|
2017-08-17 10:31 |
2009-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260294
|
- |
|
mozilla
|
firefox
|
Visual truncation vulnerability in the MakeScriptDialogTitle function in nsGlobalWindow.cpp in Mozilla Firefox allows remote attackers to spoof the origin domain name of a script via a long name.
|
NVD-CWE-Other
|
CVE-2009-4130
|
2017-08-17 10:31 |
2009-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260295
|
- |
|
bestpractical
|
rt
|
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting…
|
CWE-287
Improper Authentication
|
CVE-2009-4151
|
2017-08-17 10:31 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260296
|
- |
|
apple
|
safari
|
Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4186
|
2017-08-17 10:31 |
2009-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260297
|
- |
|
merkaartor
|
merkaartor
|
Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file.
|
CWE-59
Link Following
|
CVE-2009-4193
|
2017-08-17 10:31 |
2009-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260298
|
- |
|
huawei
|
mt882_v100t002b020_arg-t
|
Multiple cross-site scripting (XSS) vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4196
|
2017-08-17 10:31 |
2009-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260299
|
- |
|
huawei
|
mt882_modem_firmware
mt882_modem
|
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local …
|
NVD-CWE-Other
|
CVE-2009-4197
|
2017-08-17 10:31 |
2009-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260300
|
- |
|
assistanttools
|
mp3_tag_assistance_professional
|
Multiple stack-based buffer overflows in Mp3 Tag Assistant Professional 2.92 build 300 allow remote attackers to execute arbitrary code via an MP3 file with a long string in the (1) ID3v1, (2) ID3v2,…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4201
|
2017-08-17 10:31 |
2009-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
