CVE-2008-1764
Vulnerability description:
Unspecified vulnerability in Opera for Windows before 9.27 has unknown impact and attack vectors related to”keyboard handling of password inputs.”
Patch available: No
References:
http://www.opera.com/docs/changelogs/windows/927/
CiscoCisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability
A remote, unauthenticated user could exploit this vulnerability to execute arbitrary commands that m …
04 april, 2008
Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability
Two vulnerabilities exist in the virtual private dial-up network (VPDN) solution when Point-to-Point …
27 march, 2008
Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers
A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be subje …
27 march, 2008
Microsoft(MS08-025) Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)
A local attacker who successfully exploited this vulnerability could take complete control of an aff …
08 april, 2008
(MS08-024) Cumulative Security Update for Internet Explorer (947864)
The vulnerability could allow remote code execution if a user viewed a specially crafted Web page us …
08 april, 2008
(MS08-023) Security Update of ActiveX Kill Bits (948881)
The vulnerability could allow remote code execution if a user viewed a specially crafted Web page us …
08 april, 2008
Vulnerability Database
CVE-2007-6712
Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired.
National Vulnerability Database 12 april, 2008 CVE-2008-1766
Multiple unspecified vulnerabilities in phpBB before 3.0.1 have unknown impact and attack vectors, related to”two minor security-related bugs.”
National Vulnerability Database 12 april, 2008 CVE-2008-1764
Unspecified vulnerability in Opera for Windows before 9.27 has unknown impact and attack vectors related to”keyboard handling of password inputs.”
National Vulnerability Database 12 april, 2008 CVE-2008-1763
SQL injection vulnerability in _blogadata/include/sond_result.php in Blogator-script 0.95 allows remote attackers to execute arbitrary SQL commands via the id_art parameter.
National Vulnerability Database 12 april, 2008 CVE-2008-1762
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted scaled image pattern in an HTML CANVAS element, which triggers a memory corruption.
National Vulnerability Database 12 april, 2008 CVE-2008-1761
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.
National Vulnerability Database 12 april, 2008 CVE-2008-1760
Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.
National Vulnerability Database 12 april, 2008 CVE-2008-1759
SQL injection vulnerability in the jeuxflash module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php, a different vector than CVE-2007-4922.
National Vulnerability Database 12 april, 2008 CVE-2008-1758
SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php.
National Vulnerability Database 12 april, 2008 CVE-2008-1757
Cross-site scripting (XSS) vulnerability in index.php in the ConcoursPhoto module for KwsPHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the VIEW parameter.
National Vulnerability Database 12 april, 2008 CVE-2008-1756
Unspecified vulnerability in the Qmaster daemon in Sun N1 Grid Engine 6.1 allows local users to cause a denial of service (daemon crash) via unspecified vectors.
National Vulnerability Database 11 april, 2008 CVE-2008-1755
Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter.
National Vulnerability Database 11 april, 2008 CVE-2008-1754
Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.
National Vulnerability Database 11 april, 2008 CVE-2008-1753
Cross-site scripting (XSS) vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510.
National Vulnerability Database 11 april, 2008 CVE-2008-1752
ezRADIUS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials via a direct request for (1) config.ini or (2) database.ini. NOTE: some of these details are obtained from third party information.
National Vulnerability Database 11 april, 2008 SearchSUN Microsysytem A Security Vulnerability in the Handling of Self Encapsulated IP Packets may Lead to a Denial of Service (DOS) Condition.
A Security vulnerability in Solaris, related to the handling of self encapsulated IP packets, may a …
14 april, 2008
A Security Vulnerability in The N1 Grid Engine 6.1 Qmaster Daemon May Lead to a Denial of Service (DoS)
A security vulnerability in the Qmaster daemon shipped with N1 Grid Engine 6.1, may allow a local un …
14 april, 2008
Security Vulnerabilities in the GNU Zebra and Quagga BGP Routing Daemon May Allow for Denial of Service
Multiple security vulnerabilities in the Quagga and GNU Zebra routing software shipped with Solaris …
11 april, 2008
Red Hat[RHSA-2007:1177-4] Important: autofs5 security update
Updated autofs5 technology preview packages that fix a security issue are now available for Red Ha …
24 december, 2007
[RHSA-2007:1176-7] Important: autofs security update
Updated autofs packages that fix a security issue are now available for Red Hat Enterprise Linux 5 …
24 december, 2007
[RHSA-2007:1155-01] Important: mysql security update
MySQL is a multi-user, multi-threaded SQL database server.
18 december, 2007
РоСMS Windows GDI Image Parsing Stack Overflow Exploit (MS08-021)
Target: MS Windows GDI
Impact: Code execution
Mumbo Jumbo Media OP4 Remote Blind SQL Injection Exploit
Target: Mumbo Jumbo Media OP4
Impact: SQL injection
XM Easy Personal FTP Server 5.4.0 (XCWD) Denial of Service Exploit
Target: XM Easy Personal FTP Server 5.4.0
Impact: Denial of service
Объявления по теме:
Продам компьютер
Видеокарта Agp 512МБ Sapphire Radeon X1950 Pro (Radeon X1950 Pro, Ddr3, 2xDVI, Москва
Nokia E50