Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-26 | CVE-2009-1796 | Cross-Site Scripting vulnerability in SUN Java System Portal Server 6.3.1/7.1/7.2 Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page. | 4.3 |
2009-05-26 | CVE-2008-3870 | Numeric Errors vulnerability in SUN Solaris 8.0/9.0 Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation. | 10.0 |
2009-05-26 | CVE-2008-3869 | Buffer Errors vulnerability in SUN Solaris 8.0/9.0 Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters. | 10.0 |
2009-05-26 | CVE-2009-1791 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. | 9.3 |
2009-05-26 | CVE-2009-1790 | Cross-Site Scripting vulnerability in CGI Rescue Cross-site scripting (XSS) vulnerability in CGI RESCUE Trees before 2.11 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
2009-05-26 | CVE-2009-1789 | Remote Denial Of Service vulnerability in Eggdrop 'ctcpbuf' mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. | 4.3 |
2009-05-26 | CVE-2009-1788 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value. | 9.3 |
2009-05-26 | CVE-2009-1787 | SQL Injection vulnerability in PHPdirsubmit PHP DIR Submit Multiple SQL injection vulnerabilities in PHP Dir Submit (aka WebsiteSubmitter and Submitter Script) allow remote attackers to bypass authentication and gain administrative access via the (1) username and (2) password parameters. | 7.5 |
2009-05-26 | CVE-2009-1786 | Race Condition vulnerability in IBM AIX 5.3/6.1 The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable. | 6.9 |
2009-05-26 | CVE-2009-1636 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command. | 10.0 |