Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2009-08-28 CVE-2008-7109 Incorrect Authorization vulnerability in Kyoceramita Scanner File Utility 3.3.0.1
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.
network
low complexity
kyoceramita CWE-863
critical
9.8
2009-08-27 CVE-2009-2698 NULL Pointer Dereference vulnerability in multiple products
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
7.8
2009-08-19 CVE-2009-2857 Improper Locking vulnerability in Oracle Opensolaris and Solaris
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file.
local
low complexity
oracle CWE-667
5.5
2009-08-14 CVE-2009-2768 NULL Pointer Dereference vulnerability in Linux Kernel
The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer."
local
low complexity
linux CWE-476
7.8
2009-08-14 CVE-2009-2692 Use of Uninitialized Resource vulnerability in multiple products
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
local
low complexity
linux debian suse redhat CWE-908
7.8
2009-08-14 CVE-2009-1048 Authentication Bypass by Spoofing vulnerability in Snom products
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header.
network
low complexity
snom CWE-290
critical
9.8
2009-08-11 CVE-2009-2416 Use After Free vulnerability in multiple products
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
6.5
2009-07-30 CVE-2009-2408 Improper Certificate Validation vulnerability in multiple products
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
network
high complexity
mozilla suse opensuse debian canonical CWE-295
5.9
2009-07-23 CVE-2009-1862 Out-of-bounds Write vulnerability in Adobe Acrobat, Acrobat Reader and Flash Player
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
local
low complexity
adobe CWE-787
7.8
2009-07-15 CVE-2009-0231 Incorrect Conversion between Numeric Types vulnerability in Microsoft products
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation and a heap-based buffer overflow, aka "Embedded OpenType Font Heap Overflow Vulnerability."
network
low complexity
microsoft CWE-681
8.8