|
312431
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.4.0-beta2 does not properly enforce the move_into permission setting for a queue, which allows remote authenticated users to bypass intended access restrict…
|
CWE-20
Improper Input Validation
|
CVE-2009-5056
|
2024-11-21 10:11 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312432
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.4.4 grants ticket access on the basis of single-digit substrings of the CustomerID value, which allows remote authenticated users to bypass intended access …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5055
|
2024-11-21 10:11 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312433
|
- |
|
smarty
|
smarty
|
Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operatio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5054
|
2024-11-21 10:11 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312434
|
- |
|
smarty
|
smarty
|
Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file.
|
NVD-CWE-noinfo
|
CVE-2009-5053
|
2024-11-21 10:11 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312435
|
- |
|
smarty
|
smarty
|
Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-5052
|
2024-11-21 10:11 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312436
|
- |
|
symantec
|
antivirus
system_center
antivirus_central_quarantine_server
|
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x b…
|
CWE-20
Improper Input Validation
|
CVE-2010-0111
|
2024-11-21 10:11 |
2011-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312437
|
- |
|
symantec
|
antivirus
system_center
antivirus_central_quarantine_server
|
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 1…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0110
|
2024-11-21 10:11 |
2011-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312438
|
- |
|
hastymail
|
hastymail2
|
Hastymail2 before RC 8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission with…
|
CWE-16
Configuration
|
CVE-2009-5051
|
2024-11-21 10:11 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312439
|
- |
|
symantec
|
web_gateway
|
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME paramete…
|
CWE-89
SQL Injection
|
CVE-2010-0115
|
2024-11-21 10:11 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312440
|
- |
|
catb
|
gif2png
|
Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI prog…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5018
|
2024-11-21 10:11 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
