ID: MITRE:12240 |
Title: oval:org.mitre.oval:def:12240: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:12240 CVE-2010-3572 |
Severity: Critical |
Description: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12226 |
Title: oval:org.mitre.oval:def:12226: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:12226 CVE-2010-3569 |
Severity: Critical |
Description: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12225 |
Title: oval:org.mitre.oval:def:12225: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:12225 CVE-2010-3566 |
Severity: Critical |
Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12200 |
Title: oval:org.mitre.oval:def:12200: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:12200 CVE-2010-3561 |
Severity: Critical |
Description: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12189 |
Title: oval:org.mitre.oval:def:12189: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:12189 CVE-2010-3554 |
Severity: Critical |
Description: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12181 |
Title: oval:org.mitre.oval:def:12181: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12181 CVE-2010-3563 |
Severity: Critical |
Description: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12180 |
Title: oval:org.mitre.oval:def:12180: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:12180 CVE-2010-3565 |
Severity: Critical |
Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12177 |
Title: oval:org.mitre.oval:def:12177: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:12177 CVE-2010-3571 |
Severity: Critical |
Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12173 |
Title: oval:org.mitre.oval:def:12173: Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12173 CVE-2010-3570 |
Severity: Critical |
Description: Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12029 |
Title: oval:org.mitre.oval:def:12029: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:12029 CVE-2010-3568 |
Severity: Critical |
Description: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12005 |
Title: oval:org.mitre.oval:def:12005: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12005 CVE-2010-3560 |
Severity: Low |
Description: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12004 |
Title: oval:org.mitre.oval:def:12004: Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12004 CVE-2010-3552 |
Severity: Critical |
Description: Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11990 |
Title: oval:org.mitre.oval:def:11990: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:11990 CVE-2010-3573 |
Severity: Moderate |
Description: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11893 |
Title: oval:org.mitre.oval:def:11893: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11893 CVE-2010-3562 |
Severity: Critical |
Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11880 |
Title: oval:org.mitre.oval:def:11880: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11880 CVE-2010-3559 |
Severity: Critical |
Description: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11871 |
Title: oval:org.mitre.oval:def:11871: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:11871 CVE-2010-3558 |
Severity: Critical |
Description: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11815 |
Title: oval:org.mitre.oval:def:11815: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11815 CVE-2010-3556 |
Severity: Critical |
Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11798 |
Title: oval:org.mitre.oval:def:11798: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11798 CVE-2010-3553 |
Severity: Critical |
Description: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11714 |
Title: oval:org.mitre.oval:def:11714: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:11714 CVE-2010-3567 |
Severity: Critical |
Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11619 |
Title: oval:org.mitre.oval:def:11619: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:11619 CVE-2010-3550 |
Severity: Critical |
Description: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11330 |
Title: oval:org.mitre.oval:def:11330: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:11330 CVE-2010-3551 |
Severity: Moderate |
Description: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11320 |
Title: oval:org.mitre.oval:def:11320: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:11320 CVE-2010-3555 |
Severity: Critical |
Description: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that the ActiveX Plugin does not properly initialize an object field that is used as a window handle, which allows attackers to execute arbitrary code. | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:11268 |
Title: oval:org.mitre.oval:def:11268: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11268 CVE-2010-3557 |
Severity: Moderate |
Description: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static." | ||||
Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2021-04-03 |
ID: MITRE:12219 |
Title: oval:org.mitre.oval:def:12219: Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 |
Type: Software |
Bulletins:
MITRE:12219 CVE-2010-3142 |
Severity: Critical |
Description: Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file. | ||||
Applies to: Microsoft Office PowerPoint 2007 |
Created: 2010-12-20 |
Updated: 2021-04-03 |
ID: CVE-2010-4012 |
Title: Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button. |
Type: Mobile Devices |
Bulletins:
CVE-2010-4012 |
Severity: Moderate |
Description: Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button. | ||||
Applies to: |
Created: 2010-12-08 |
Updated: 2021-04-03 |
ID: MITRE:7360 |
Title: oval:org.mitre.oval:def:7360: Vulnerability in offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software |
Type: Software |
Bulletins:
MITRE:7360 CVE-2010-3741 |
Severity: Moderate |
Description: The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack. | ||||
Applies to: BlackBerry Desktop Software |
Created: 2010-12-06 |
Updated: 2021-04-03 |
ID: MITRE:6843 |
Title: oval:org.mitre.oval:def:6843: Untrusted search path vulnerability in BlackBerry Desktop Software version less than 6.0.0.47 |
Type: Software |
Bulletins:
MITRE:6843 CVE-2010-2600 |
Severity: Critical |
Description: Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry. | ||||
Applies to: BlackBerry Desktop Software |
Created: 2010-12-06 |
Updated: 2021-04-03 |
ID: MITRE:6653 |
Title: oval:org.mitre.oval:def:6653: Windows Media Player Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:6653 CVE-2010-2745 |
Severity: Critical |
Description: Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability." | ||||
Applies to: Windows Media Player |
Created: 2010-12-06 |
Updated: 2021-04-03 |
ID: CVE-2010-4354 |
Title: The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only... |
Type: Hardware |
Bulletins:
CVE-2010-4354 |
Severity: Moderate |
Description: The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device, which allows remote attackers to enumerate valid group names via a series of IKE negotiation attempts, aka Bug ID CSCtj96108, a different vulnerability than CVE-2005-2025. | ||||
Applies to: Cisco VPN 3015 Concentrator Cisco VPN 3030 Concentrator Cisco VPN 3060 Concentrator Cisco VPN 3080 Concentrator Cisco Vpn 3005 Concentrator |
Created: 2010-11-30 |
Updated: 2021-04-03 |
ID: MITRE:7291 |
Title: oval:org.mitre.oval:def:7291: Privilege-escalation vulnerability in PostgreSQL version less than or equal to 9.0 |
Type: Software |
Bulletins:
MITRE:7291 CVE-2010-3433 |
Severity: Moderate |
Description: The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447. | ||||
Applies to: PostgreSQL |
Created: 2010-11-29 |
Updated: 2021-04-03 |
ID: MITRE:6645 |
Title: oval:org.mitre.oval:def:6645: Vulnerability in pl\php ADD-ON in PostgreSQL version less than or equal to 9.0 |
Type: Software |
Bulletins:
MITRE:6645 CVE-2010-3781 |
Severity: Moderate |
Description: The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, a related issue to CVE-2010-3433. | ||||
Applies to: PostgreSQL |
Created: 2010-11-29 |
Updated: 2021-04-03 |
ID: CVE-2010-3829 |
Title: WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for... |
Type: Mobile Devices |
Bulletins:
CVE-2010-3829 |
Severity: Moderate |
Description: WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813. | ||||
Applies to: |
Created: 2010-11-26 |
Updated: 2021-04-03 |
ID: CVE-2010-3831 |
Title: Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a... |
Type: Mobile Devices |
Bulletins:
CVE-2010-3831 |
Severity: Moderate |
Description: Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a "Send to MobileMe" action. | ||||
Applies to: |
Created: 2010-11-26 |
Updated: 2021-04-03 |
ID: CVE-2010-3830 |
Title: Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-3830 |
Severity: Critical |
Description: Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors. | ||||
Applies to: |
Created: 2010-11-26 |
Updated: 2021-04-03 |
ID: CVE-2010-3828 |
Title: iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad. |
Type: Mobile Devices |
Bulletins:
CVE-2010-3828 |
Severity: Moderate |
Description: iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad. | ||||
Applies to: |
Created: 2010-11-26 |
Updated: 2021-04-03 |
ID: CVE-2010-3832 |
Title: Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary... |
Type: Mobile Devices |
Bulletins:
CVE-2010-3832 |
Severity: Moderate |
Description: Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field. | ||||
Applies to: |
Created: 2010-11-26 |
Updated: 2021-04-03 |
ID: CVE-2010-3827 |
Title: Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-3827 |
Severity: Moderate |
Description: Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors. | ||||
Applies to: |
Created: 2010-11-26 |
Updated: 2021-04-03 |
ID: CVE-2010-3039 |
Title: /usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the... |
Type: Hardware |
Bulletins:
CVE-2010-3039 SFBID44672 |
Severity: Moderate |
Description: /usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930. | ||||
Applies to: Unified Communications Manager |
Created: 2010-11-09 |
Updated: 2021-04-03 |
ID: MITRE:6778 |
Title: oval:org.mitre.oval:def:6778: Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 |
Type: Software |
Bulletins:
MITRE:6778 CVE-2010-3127 |
Severity: Critical |
Description: Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other file that is processed by PhotoShop. NOTE: some of these details are obtained from third party information. | ||||
Applies to: Adobe Photoshop |
Created: 2010-11-08 |
Updated: 2021-04-03 |
ID: MITRE:7604 |
Title: oval:org.mitre.oval:def:7604: Apple iTunes Log File Insecure File Operation Local Privilege Escalation Vulnerability |
Type: Software |
Bulletins:
MITRE:7604 CVE-2010-1768 |
Severity: Moderate |
Description: Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch. | ||||
Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2021-04-03 |
ID: MITRE:7221 |
Title: oval:org.mitre.oval:def:7221: Apple iTunes Webkit Unspecified Vulnerability |
Type: Software |
Bulletins:
MITRE:7221 CVE-2010-1763 |
Severity: Critical |
Description: Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769. | ||||
Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2021-04-03 |
ID: MITRE:7217 |
Title: oval:org.mitre.oval:def:7217: Apple iTunes DLL Loading Arbitrary Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:7217 CVE-2010-1795 |
Severity: Critical |
Description: Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. | ||||
Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2021-04-03 |
ID: MITRE:7178 |
Title: oval:org.mitre.oval:def:7178: Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:7178 CVE-2010-1769 |
Severity: Critical |
Description: WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763. | ||||
Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2021-04-03 |
ID: MITRE:7061 |
Title: oval:org.mitre.oval:def:7061: Apple iTunes JavaScriptCore Page Transitions Denial Of Service Vulnerability |
Type: Software |
Bulletins:
MITRE:7061 CVE-2010-1387 |
Severity: Critical |
Description: Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | ||||
Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2021-04-03 |
ID: MITRE:6988 |
Title: oval:org.mitre.oval:def:6988: Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6988 CVE-2010-1777 |
Severity: Critical |
Description: Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL. | ||||
Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2021-04-03 |
ID: CISEC:1127 |
Title: oval:org.cisecurity:def:1127: Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows |
Type: Web |
Bulletins:
CISEC:1127 CVE-2016-5157 |
Severity: Moderate |
Description: Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data. | ||||
Applies to: Google Chrome |
Created: 2010-10-07 |
Updated: 2021-04-03 |
ID: MITRE:12011 |
Title: oval:org.mitre.oval:def:12011: Movie Maker Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:12011 CVE-2010-2564 |
Severity: Critical |
Description: Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability." | ||||
Applies to: Movie Maker 2.1 Movie Maker 2.6 Movie Maker 6.0 |
Created: 2010-09-27 |
Updated: 2021-04-03 |
ID: CVE-2010-2831 |
Title: Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624. |
Type: Hardware |
Bulletins:
CVE-2010-2831 |
Severity: Critical |
Description: Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624. | ||||
Applies to: |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2832 |
Title: Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428. |
Type: Hardware |
Bulletins:
CVE-2010-2832 |
Severity: Critical |
Description: Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428. | ||||
Applies to: |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2833 |
Title: Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472. |
Type: Hardware |
Bulletins:
CVE-2010-2833 |
Severity: Critical |
Description: Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472. | ||||
Applies to: |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2829 |
Title: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via... |
Type: Hardware |
Bulletins:
CVE-2010-2829 |
Severity: Critical |
Description: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via crafted H.323 packets, aka Bug ID CSCtd33567. | ||||
Applies to: |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2828 |
Title: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323... |
Type: Hardware |
Bulletins:
CVE-2010-2828 |
Severity: Critical |
Description: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759. | ||||
Applies to: |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2830 |
Title: The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603. |
Type: Hardware |
Bulletins:
CVE-2010-2830 |
Severity: Critical |
Description: The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603. | ||||
Applies to: |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2836 |
Title: Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections... |
Type: Hardware |
Bulletins:
CVE-2010-2836 |
Severity: Critical |
Description: Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685. | ||||
Applies to: |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2834 |
Title: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote... |
Type: Hardware |
Bulletins:
CVE-2010-2834 |
Severity: Critical |
Description: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987. | ||||
Applies to: Unified Communications Manager |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-2835 |
Title: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before... |
Type: Hardware |
Bulletins:
CVE-2010-2835 |
Severity: Critical |
Description: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358. | ||||
Applies to: Unified Communications Manager |
Created: 2010-09-23 |
Updated: 2021-04-03 |
ID: CVE-2010-1807 |
Title: WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1807 SFBID43047 |
Severity: Critical |
Description: WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2841 |
Title: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2010-2841 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-0574 |
Title: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2010-0574 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-0575 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified... |
Type: Hardware |
Bulletins:
CVE-2010-0575 |
Severity: Moderate |
Description: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-3034 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified... |
Type: Hardware |
Bulletins:
CVE-2010-3034 |
Severity: Moderate |
Description: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2842 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a... |
Type: Hardware |
Bulletins:
CVE-2010-2842 |
Severity: Critical |
Description: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2843 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a... |
Type: Hardware |
Bulletins:
CVE-2010-2843 |
Severity: Critical |
Description: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-3033 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a... |
Type: Hardware |
Bulletins:
CVE-2010-3033 |
Severity: Critical |
Description: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843. | ||||
Applies to: |
Created: 2010-09-10 |
Updated: 2021-04-03 |
ID: CVE-2010-1814 |
Title: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1814 SFBID43083 |
Severity: Moderate |
Description: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1813 |
Title: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1813 |
Severity: Moderate |
Description: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1812 |
Title: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1812 SFBID43079 |
Severity: Moderate |
Description: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1815 |
Title: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1815 SFBID43081 |
Severity: Moderate |
Description: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1809 |
Title: The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1809 |
Severity: Critical |
Description: The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1811 |
Title: ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1811 |
Severity: Moderate |
Description: ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1810 |
Title: FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1810 |
Severity: Low |
Description: FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1781 |
Title: Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1781 SFBID43077 |
Severity: Moderate |
Description: Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1817 |
Title: Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1817 |
Severity: Moderate |
Description: Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | ||||
Applies to: |
Created: 2010-09-09 |
Updated: 2021-04-03 |
ID: CVE-2010-3035 |
Title: Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the... |
Type: Hardware |
Bulletins:
CVE-2010-3035 |
Severity: Moderate |
Description: Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211. | ||||
Applies to: |
Created: 2010-08-30 |
Updated: 2021-04-03 |
ID: CVE-2010-2837 |
Title: The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2010-2837 |
Severity: Critical |
Description: The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310. | ||||
Applies to: Unified Communications Manager |
Created: 2010-08-26 |
Updated: 2021-04-03 |
ID: CVE-2010-2838 |
Title: The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process... |
Type: Hardware |
Bulletins:
CVE-2010-2838 |
Severity: Critical |
Description: The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305. | ||||
Applies to: Unified Communications Manager |
Created: 2010-08-26 |
Updated: 2021-04-03 |
ID: CVE-2010-2825 |
Title: Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series... |
Type: Hardware |
Bulletins:
CVE-2010-2825 |
Severity: Critical |
Description: Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.4), allows remote attackers to cause a denial of service (device reload) via crafted SIP packets over (1) TCP or (2) UDP, aka Bug IDs CSCta65603 and CSCta71569. | ||||
Applies to: Cisco Ace 4710 |
Created: 2010-08-17 |
Updated: 2021-04-03 |
ID: CVE-2010-2822 |
Title: Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710... |
Type: Hardware |
Bulletins:
CVE-2010-2822 |
Severity: Critical |
Description: Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6), allows remote attackers to cause a denial of service (device reload) via crafted RTSP packets over TCP, aka Bug IDs CSCta85227 and CSCtg14858. | ||||
Applies to: Cisco Ace 4710 |
Created: 2010-08-17 |
Updated: 2021-04-03 |
ID: CVE-2010-2823 |
Title: Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets,... |
Type: Hardware |
Bulletins:
CVE-2010-2823 |
Severity: Critical |
Description: Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493. | ||||
Applies to: Cisco Ace 4710 |
Created: 2010-08-17 |
Updated: 2021-04-03 |
ID: CVE-2010-1797 |
Title: Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1797 SFBID42151 |
Severity: Critical |
Description: Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information. | ||||
Applies to: |
Created: 2010-08-16 |
Updated: 2021-04-03 |
ID: CVE-2010-2827 |
Title: Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193. |
Type: Hardware |
Bulletins:
CVE-2010-2827 SFBID42426 |
Severity: Critical |
Description: Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193. | ||||
Applies to: |
Created: 2010-08-16 |
Updated: 2021-04-03 |
ID: CVE-2010-2983 |
Title: The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an... |
Type: Hardware |
Bulletins:
CVE-2010-2983 |
Severity: Critical |
Description: The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2976 |
Title: The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4)... |
Type: Hardware |
Bulletins:
CVE-2010-2976 |
Severity: Critical |
Description: The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2988 |
Title: Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333. |
Type: Hardware |
Bulletins:
CVE-2010-2988 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2975 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. |
Type: Hardware |
Bulletins:
CVE-2010-2975 |
Severity: Low |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2980 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. |
Type: Hardware |
Bulletins:
CVE-2010-2980 |
Severity: Critical |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2979 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. |
Type: Hardware |
Bulletins:
CVE-2010-2979 |
Severity: Critical |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2984 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305. |
Type: Hardware |
Bulletins:
CVE-2010-2984 |
Severity: Critical |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2978 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions,... |
Type: Hardware |
Bulletins:
CVE-2010-2978 |
Severity: Critical |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2977 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. |
Type: Hardware |
Bulletins:
CVE-2010-2977 |
Severity: Critical |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2982 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. |
Type: Hardware |
Bulletins:
CVE-2010-2982 |
Severity: Critical |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2981 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370. |
Type: Hardware |
Bulletins:
CVE-2010-2981 |
Severity: Critical |
Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370. | ||||
Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2021-04-03 |
ID: CVE-2010-2707 |
Title: Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2010-2707 |
Severity: Critical |
Description: Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. | ||||
Applies to: Procurve Switch 2626 Procurve Switch 2626-pwr Procurve Switch 2650 Procurve Switch 2650-pwr |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2708 |
Title: Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2010-2708 |
Severity: Moderate |
Description: Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors. | ||||
Applies to: Procurve Switch 2610-24 Procurve Switch 2610-24-pwr Procurve Switch 2610-24/12pwr Procurve Switch 2610-48 Procurve Switch 2610-48-pwr |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2705 |
Title: Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via... |
Type: Hardware |
Bulletins:
CVE-2010-2705 |
Severity: Moderate |
Description: Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors. | ||||
Applies to: Procurve Switch 1800-24g Procurve Switch 1800-8g |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1581 |
Title: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3... |
Type: Hardware |
Bulletins:
CVE-2010-1581 SFBID42187 |
Severity: Critical |
Description: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627. | ||||
Applies to: |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2814 |
Title: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3... |
Type: Hardware |
Bulletins:
CVE-2010-2814 SFBID42196 |
Severity: Critical |
Description: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506. | ||||
Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2815 |
Title: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3... |
Type: Hardware |
Bulletins:
CVE-2010-2815 SFBID42198 |
Severity: Critical |
Description: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259. | ||||
Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1578 |
Title: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security... |
Type: Hardware |
Bulletins:
CVE-2010-1578 |
Severity: Critical |
Description: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567. | ||||
Applies to: |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1579 |
Title: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security... |
Type: Hardware |
Bulletins:
CVE-2010-1579 |
Severity: Critical |
Description: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922. | ||||
Applies to: |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-1580 |
Title: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security... |
Type: Hardware |
Bulletins:
CVE-2010-1580 |
Severity: Critical |
Description: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753. | ||||
Applies to: |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2816 |
Title: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2010-2816 SFBID42189 |
Severity: Critical |
Description: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106. | ||||
Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2706 |
Title: Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2010-2706 |
Severity: Moderate |
Description: Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors. | ||||
Applies to: Procurve Switch 2610-24 Procurve Switch 2610-24-pwr Procurve Switch 2610-24/12pwr Procurve Switch 2610-48 Procurve Switch 2610-48-pwr |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2817 |
Title: Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and... |
Type: Hardware |
Bulletins:
CVE-2010-2817 SFBID42190 |
Severity: Critical |
Description: Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507. | ||||
Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2973 |
Title: Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe. |
Type: Mobile Devices |
Bulletins:
CVE-2010-2973 SFBID42151 |
Severity: Moderate |
Description: Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe. | ||||
Applies to: |
Created: 2010-08-05 |
Updated: 2021-04-03 |
ID: CVE-2010-1574 |
Title: IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the... |
Type: Hardware |
Bulletins:
CVE-2010-1574 SFBID41436 |
Severity: Critical |
Description: IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589. | ||||
Applies to: |
Created: 2010-07-08 |
Updated: 2021-04-03 |
ID: CVE-2010-1576 |
Title: The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence... |
Type: Hardware |
Bulletins:
CVE-2010-1576 SFBID41315 |
Severity: Critical |
Description: The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885. | ||||
Applies to: Cisco Ace 4710 Content Services Switch 11500 |
Created: 2010-07-06 |
Updated: 2021-04-03 |
ID: CVE-2010-2629 |
Title: The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which... |
Type: Hardware |
Bulletins:
CVE-2010-2629 SFBID41315 |
Severity: Critical |
Description: The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576. | ||||
Applies to: Cisco Ace 4710 Content Services Switch 11500 |
Created: 2010-07-06 |
Updated: 2021-04-03 |
ID: CVE-2010-1575 |
Title: The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via... |
Type: Hardware |
Bulletins:
CVE-2010-1575 SFBID41315 |
Severity: Critical |
Description: The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690. | ||||
Applies to: Content Services Switch 11500 |
Created: 2010-07-06 |
Updated: 2021-04-03 |
ID: CVE-2009-4922 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (traceback) by establishing many IPsec L2L tunnels from remote peer... |
Type: Hardware |
Bulletins:
CVE-2009-4922 |
Severity: Moderate |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (traceback) by establishing many IPsec L2L tunnels from remote peer IP addresses, aka Bug ID CSCso15583. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4916 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka... |
Type: Hardware |
Bulletins:
CVE-2009-4916 |
Severity: Moderate |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka Bug ID CSCsq80095. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4915 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection... |
Type: Hardware |
Bulletins:
CVE-2009-4915 |
Severity: Critical |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection stress test," aka Bug ID CSCsq68451. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4917 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901. |
Type: Hardware |
Bulletins:
CVE-2009-4917 |
Severity: Critical |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4911 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug... |
Type: Hardware |
Bulletins:
CVE-2009-4911 |
Severity: Critical |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4923 |
Title: Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162. |
Type: Hardware |
Bulletins:
CVE-2009-4923 |
Severity: Critical |
Description: Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4920 |
Title: Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412. |
Type: Hardware |
Bulletins:
CVE-2009-4920 |
Severity: Critical |
Description: Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4913 |
Title: The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6... |
Type: Hardware |
Bulletins:
CVE-2009-4913 |
Severity: Moderate |
Description: The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4914 |
Title: Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID... |
Type: Hardware |
Bulletins:
CVE-2009-4914 |
Severity: Critical |
Description: Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4910 |
Title: Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug... |
Type: Hardware |
Bulletins:
CVE-2009-4910 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2008-7257 |
Title: CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack... |
Type: Hardware |
Bulletins:
CVE-2008-7257 SFBID41159 |
Severity: Moderate |
Description: CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4912 |
Title: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions... |
Type: Hardware |
Bulletins:
CVE-2009-4912 |
Severity: Critical |
Description: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4921 |
Title: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110. |
Type: Hardware |
Bulletins:
CVE-2009-4921 |
Severity: Critical |
Description: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4918 |
Title: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439. |
Type: Hardware |
Bulletins:
CVE-2009-4918 |
Severity: Critical |
Description: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2009-4919 |
Title: Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121. |
Type: Hardware |
Bulletins:
CVE-2009-4919 |
Severity: Critical |
Description: Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121. | ||||
Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2021-04-03 |
ID: CVE-2010-2506 |
Title: Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter. |
Type: Hardware |
Bulletins:
CVE-2010-2506 |
Severity: Low |
Description: Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter. | ||||
Applies to: WAP54G |
Created: 2010-06-28 |
Updated: 2021-04-03 |
ID: CVE-2010-1407 |
Title: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1407 SFBID41016 |
Severity: Moderate |
Description: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1757 |
Title: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1757 SFBID41016 |
Severity: Moderate |
Description: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1756 |
Title: The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1756 SFBID41016 |
Severity: Moderate |
Description: The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1752 |
Title: Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1752 SFBID41016 |
Severity: Moderate |
Description: Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1755 |
Title: Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1755 SFBID41016 |
Severity: Moderate |
Description: Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1775 |
Title: Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data,... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1775 SFBID41016 |
Severity: Low |
Description: Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1754 |
Title: Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1754 SFBID41016 |
Severity: Moderate |
Description: Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1753 |
Title: ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1753 SFBID41016 |
Severity: Moderate |
Description: ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1751 |
Title: Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1751 SFBID41016 |
Severity: Moderate |
Description: Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. | ||||
Applies to: |
Created: 2010-06-22 |
Updated: 2021-04-03 |
ID: CVE-2010-1387 |
Title: Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1387 SFBID41016 |
Severity: Critical |
Description: Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | ||||
Applies to: |
Created: 2010-06-18 |
Updated: 2021-04-03 |
ID: CVE-2010-2293 |
Title: The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size. |
Type: Hardware |
Bulletins:
CVE-2010-2293 SFBID40691 |
Severity: Moderate |
Description: The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size. | ||||
Applies to: DI-604 |
Created: 2010-06-15 |
Updated: 2021-04-03 |
ID: CVE-2010-2292 |
Title: Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field. |
Type: Hardware |
Bulletins:
CVE-2010-2292 SFBID40691 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field. | ||||
Applies to: DI-604 |
Created: 2010-06-15 |
Updated: 2021-04-03 |
ID: CVE-2010-1573 |
Title: Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3)... |
Type: Hardware |
Bulletins:
CVE-2010-1573 SFBID40648 |
Severity: Critical |
Description: Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. | ||||
Applies to: wap54g |
Created: 2010-06-09 |
Updated: 2021-04-03 |
ID: CVE-2010-2261 |
Title: Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. |
Type: Hardware |
Bulletins:
CVE-2010-2261 |
Severity: Critical |
Description: Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. | ||||
Applies to: wap54g |
Created: 2010-06-09 |
Updated: 2021-04-03 |
ID: MITRE:7561 |
Title: oval:org.mitre.oval:def:7561: Apple Safari TIFF Image Uninitialized Memory Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:7561 CVE-2010-0042 |
Severity: Moderate |
Description: ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image. | ||||
Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:7427 |
Title: oval:org.mitre.oval:def:7427: Apple iTunes MP4 File Processing Denial of Service Vulnerability |
Type: Software |
Bulletins:
MITRE:7427 CVE-2010-0531 |
Severity: Moderate |
Description: Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. | ||||
Applies to: Apple iTunes |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:7170 |
Title: oval:org.mitre.oval:def:7170: VBScript Help Keypress Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:7170 CVE-2010-0483 |
Severity: Critical |
Description: vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability." | ||||
Applies to: VBScript 5.1 VBScript 5.6 VBScript 5.7 VBScript 5.8 |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:7110 |
Title: oval:org.mitre.oval:def:7110: Apple iTunes Install or Update Privilege Escalation Vulnerability |
Type: Software |
Bulletins:
MITRE:7110 CVE-2010-0532 |
Severity: Moderate |
Description: Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse. | ||||
Applies to: Apple iTunes |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:7049 |
Title: oval:org.mitre.oval:def:7049: LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability |
Type: Software |
Bulletins:
MITRE:7049 CVE-2009-2285 |
Severity: Moderate |
Description: Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. | ||||
Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:6901 |
Title: oval:org.mitre.oval:def:6901: Apple Safari ImageIO TIFF Image Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:6901 CVE-2010-0043 |
Severity: Critical |
Description: ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image. | ||||
Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:6885 |
Title: oval:org.mitre.oval:def:6885: Apple Safari BMP Image Uninitialized Memory Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:6885 CVE-2010-0041 |
Severity: Moderate |
Description: ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image. | ||||
Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:6741 |
Title: oval:org.mitre.oval:def:6741: Apple Safari Prior to 4.0.5 Integer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6741 CVE-2010-0040 |
Severity: Critical |
Description: Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow. | ||||
Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2021-04-03 |
ID: MITRE:8595 |
Title: oval:org.mitre.oval:def:8595: Movie Maker and Producer Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:8595 CVE-2010-0265 |
Severity: Critical |
Description: Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." | ||||
Applies to: Microsoft Producer 2003 Movie Maker 2.1 Movie Maker 2.6 Movie Maker 6.0 |
Created: 2010-05-24 |
Updated: 2021-04-03 |
ID: MITRE:7709 |
Title: oval:org.mitre.oval:def:7709: libpng buffer overflow |
Type: Software |
Bulletins:
MITRE:7709 CVE-2004-0597 |
Severity: Critical |
Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. | ||||
Applies to: Adobe Acrobat Reader MSN Messenger 4.7 MSN Messenger 6.1 MSN Messenger 6.2 |
Created: 2010-05-17 |
Updated: 2021-04-03 |
ID: CVE-2009-4821 |
Title: The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi... |
Type: Hardware |
Bulletins:
CVE-2009-4821 SFBID37415 |
Severity: Moderate |
Description: The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors. | ||||
Applies to: DIR-615 |
Created: 2010-04-27 |
Updated: 2021-04-03 |
ID: CVE-2010-1226 |
Title: The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1226 SFBID38758 |
Severity: Moderate |
Description: The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed character" issue. | ||||
Applies to: |
Created: 2010-04-01 |
Updated: 2021-04-03 |
ID: CVE-2010-1181 |
Title: Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1181 |
Severity: Moderate |
Description: Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element. | ||||
Applies to: |
Created: 2010-03-29 |
Updated: 2021-04-03 |
ID: CVE-2010-1119 |
Title: Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1119 SFBID40620 |
Severity: Critical |
Description: Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010. | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0581 |
Title: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." |
Type: Hardware |
Bulletins:
CVE-2010-0581 |
Severity: Critical |
Description: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0580 |
Title: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability." |
Type: Hardware |
Bulletins:
CVE-2010-0580 |
Severity: Critical |
Description: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability." | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0584 |
Title: Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250. |
Type: Hardware |
Bulletins:
CVE-2010-0584 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250. | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0576 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers... |
Type: Hardware |
Bulletins:
CVE-2010-0576 SFBID38938 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893. | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0579 |
Title: The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability." |
Type: Hardware |
Bulletins:
CVE-2010-0579 |
Severity: Critical |
Description: The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability." | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0578 |
Title: The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491. |
Type: Hardware |
Bulletins:
CVE-2010-0578 SFBID38932 |
Severity: Critical |
Description: The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491. | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0583 |
Title: Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855. |
Type: Hardware |
Bulletins:
CVE-2010-0583 SFBID38934 |
Severity: Critical |
Description: Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855. | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0577 |
Title: Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. |
Type: Hardware |
Bulletins:
CVE-2010-0577 SFBID38930 |
Severity: Critical |
Description: Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0585 |
Title: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny... |
Type: Hardware |
Bulletins:
CVE-2010-0585 |
Severity: Critical |
Description: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability." | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0586 |
Title: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny... |
Type: Hardware |
Bulletins:
CVE-2010-0586 |
Severity: Critical |
Description: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability." | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0582 |
Title: Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. |
Type: Hardware |
Bulletins:
CVE-2010-0582 |
Severity: Critical |
Description: Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. | ||||
Applies to: |
Created: 2010-03-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0936 |
Title: Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter. |
Type: Hardware |
Bulletins:
CVE-2010-0936 SFBID37646 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter. | ||||
Applies to: DKVM-IP8 |
Created: 2010-03-08 |
Updated: 2021-04-03 |
ID: CVE-2010-0592 |
Title: The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2010-0592 SFBID38497 |
Severity: Critical |
Description: The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800. | ||||
Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2021-04-03 |
ID: CVE-2010-0590 |
Title: The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register... |
Type: Hardware |
Bulletins:
CVE-2010-0590 SFBID38495 |
Severity: Critical |
Description: The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188. | ||||
Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2021-04-03 |
ID: CVE-2010-0591 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to... |
Type: Hardware |
Bulletins:
CVE-2010-0591 SFBID38498 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362. | ||||
Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2021-04-03 |
ID: CVE-2010-0588 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines... |
Type: Hardware |
Bulletins:
CVE-2010-0588 SFBID38501 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines or (2) FwdStatReq message with an invalid Line number, aka Bug ID CSCtc47823. | ||||
Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2021-04-03 |
ID: CVE-2010-0587 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP... |
Type: Hardware |
Bulletins:
CVE-2010-0587 SFBID38496 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. | ||||
Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2021-04-03 |
ID: MITRE:7995 |
Title: oval:org.mitre.oval:def:7995: Apple iTunes Filetype Remote Off-By-One Stack Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:7995 CVE-2008-4116 |
Severity: Critical |
Description: Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow. | ||||
Applies to: Apple QuickTime Apple iTunes |
Created: 2010-02-22 |
Updated: 2021-04-03 |
ID: MITRE:7573 |
Title: oval:org.mitre.oval:def:7573: ATL Null String Vulnerability |
Type: |
Bulletins:
MITRE:7573 CVE-2009-2495 |
Severity: Critical |
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability." | ||||
Applies to: Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 |
Created: 2010-02-22 |
Updated: 2021-04-03 |
ID: CVE-2010-0149 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2010-0149 SFBID38275 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability." | ||||
Applies to: |
Created: 2010-02-19 |
Updated: 2021-04-03 |
ID: CVE-2010-0565 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device... |
Type: Hardware |
Bulletins:
CVE-2010-0565 SFBID38280 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device reload) via a malformed DTLS message, aka Bug ID CSCtb64913 and "WebVPN DTLS Denial of Service Vulnerability." | ||||
Applies to: |
Created: 2010-02-19 |
Updated: 2021-04-03 |
ID: CVE-2010-0568 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote... |
Type: Hardware |
Bulletins:
CVE-2010-0568 SFBID38279 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953. | ||||
Applies to: |
Created: 2010-02-19 |
Updated: 2021-04-03 |
ID: CVE-2010-0150 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows... |
Type: Hardware |
Bulletins:
CVE-2010-0150 SFBID38277 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCsy91157. | ||||
Applies to: |
Created: 2010-02-19 |
Updated: 2021-04-03 |
ID: CVE-2010-0569 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows... |
Type: Hardware |
Bulletins:
CVE-2010-0569 SFBID38281 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018. | ||||
Applies to: |
Created: 2010-02-19 |
Updated: 2021-04-03 |
ID: CVE-2010-0567 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows... |
Type: Hardware |
Bulletins:
CVE-2010-0567 SFBID38279 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782. | ||||
Applies to: |
Created: 2010-02-19 |
Updated: 2021-04-03 |
ID: CVE-2010-0566 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2010-0566 SFBID38278 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219. | ||||
Applies to: |
Created: 2010-02-19 |
Updated: 2021-04-03 |
ID: MITRE:7581 |
Title: oval:org.mitre.oval:def:7581: ATL Uninitialized Object Vulnerability |
Type: |
Bulletins:
MITRE:7581 CVE-2009-0901 |
Severity: Critical |
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability." | ||||
Applies to: Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 |
Created: 2010-02-08 |
Updated: 2021-04-03 |
ID: MITRE:6716 |
Title: oval:org.mitre.oval:def:6716: ATL COM Initialization Vulnerability |
Type: |
Bulletins:
MITRE:6716 CVE-2009-2493 |
Severity: Critical |
Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability." | ||||
Applies to: Microsoft Internet Explorer 5 Microsoft Internet Explorer 6 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 |
Created: 2010-02-08 |
Updated: 2021-04-03 |
ID: CVE-2010-0038 |
Title: Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that... |
Type: Mobile Devices |
Bulletins:
CVE-2010-0038 SFBID38040 |
Severity: Moderate |
Description: Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption. | ||||
Applies to: |
Created: 2010-02-03 |
Updated: 2021-04-03 |
ID: MITRE:5846 |
Title: oval:org.mitre.oval:def:5846: WordPad and Office Text converter Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:5846 CVE-2009-2506 |
Severity: Critical |
Description: Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow. | ||||
Applies to: Microsoft Office Converter Pack Microsoft Word 2002 Microsoft Word 2003 Microsoft Works 8.5 |
Created: 2010-01-25 |
Updated: 2021-04-03 |
ID: CVE-2010-0137 |
Title: Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574. |
Type: Hardware |
Bulletins:
CVE-2010-0137 SFBID37878 |
Severity: Critical |
Description: Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574. | ||||
Applies to: |
Created: 2010-01-21 |
Updated: 2021-04-03 |
ID: CVE-2009-4455 |
Title: The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended... |
Type: Hardware |
Bulletins:
CVE-2009-4455 |
Severity: Moderate |
Description: The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web sites via a crafted URL obfuscated with ROT13 and a certain encoding. NOTE: this issue was originally reported as a vulnerability related to lack of restrictions to URLs listed in the Cisco WebVPN bookmark component, but the vendor states that "The bookmark feature is not a security feature." | ||||
Applies to: |
Created: 2009-12-29 |
Updated: 2021-04-03 |
ID: MITRE:6484 |
Title: oval:org.mitre.oval:def:6484: Windows Media Runtime Heap Corruption Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6484 CVE-2009-2525 |
Severity: Critical |
Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability." | ||||
Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-12-07 |
Updated: 2021-04-03 |
ID: MITRE:6407 |
Title: oval:org.mitre.oval:def:6407: Windows Media Runtime Voice Sample Rate Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6407 CVE-2009-0555 |
Severity: Critical |
Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability." | ||||
Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-12-07 |
Updated: 2021-04-03 |
ID: CVE-2009-2631 |
Title: Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix... |
Type: Hardware |
Bulletins:
CVE-2009-2631 SFBID37152 |
Severity: Moderate |
Description: Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design. | ||||
Applies to: SonicWall SSL-VPN SonicWall SSL-VPN E Class |
Created: 2009-12-04 |
Updated: 2021-04-03 |
ID: MITRE:6491 |
Title: oval:org.mitre.oval:def:6491: GDI+ TIFF Buffer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:6491 CVE-2009-2503 |
Severity: Critical |
Description: GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability." | ||||
Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2021-04-03 |
ID: MITRE:6290 |
Title: oval:org.mitre.oval:def:6290: Apple iTunes '.pls' File Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6290 CVE-2009-2817 |
Severity: Critical |
Description: Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. | ||||
Applies to: Apple iTunes |
Created: 2009-11-30 |
Updated: 2021-04-03 |
ID: MITRE:6282 |
Title: oval:org.mitre.oval:def:6282: GDI+ .NET API Vulnerability |
Type: Software |
Bulletins:
MITRE:6282 CVE-2009-2504 |
Severity: Critical |
Description: Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability." | ||||
Applies to: Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2021-04-03 |
ID: MITRE:6134 |
Title: oval:org.mitre.oval:def:6134: GDI+ PNG Integer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6134 CVE-2009-3126 |
Severity: Critical |
Description: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability." | ||||
Applies to: Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2021-04-03 |
ID: MITRE:5967 |
Title: oval:org.mitre.oval:def:5967: GDI+ WMF Integer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:5967 CVE-2009-2500 |
Severity: Critical |
Description: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability." | ||||
Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2021-04-03 |
ID: MITRE:5898 |
Title: oval:org.mitre.oval:def:5898: GDI+ TIFF Buffer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:5898 CVE-2009-2502 |
Severity: Critical |
Description: Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability." | ||||
Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2021-04-03 |
ID: MITRE:6316 |
Title: oval:org.mitre.oval:def:6316: JScript Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:6316 CVE-2009-1920 |
Severity: Critical |
Description: The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability." | ||||
Applies to: JScript Scripting Engine |
Created: 2009-10-19 |
Updated: 2021-04-03 |
ID: MITRE:6257 |
Title: oval:org.mitre.oval:def:6257: Windows Media Header Parsing Invalid Free Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6257 CVE-2009-2498 |
Severity: Critical |
Description: Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability." | ||||
Applies to: Microsoft Media Services 9 Microsoft Media Services 9.1 Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-10-19 |
Updated: 2021-04-03 |
ID: CVE-2009-2999 |
Title: The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2999 |
Severity: Moderate |
Description: The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656. | ||||
Applies to: |
Created: 2009-10-14 |
Updated: 2021-04-03 |
ID: CVE-2009-3698 |
Title: An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3698 SFBID36590 |
Severity: Moderate |
Description: An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. | ||||
Applies to: |
Created: 2009-10-14 |
Updated: 2021-04-03 |
ID: CVE-2009-3486 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the... |
Type: Hardware |
Bulletins:
CVE-2009-3486 SFBID36537 |
Severity: Low |
Description: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the diagnose program; or (2) the traceroute program, reachable through the diagnose program; or (3) the probe-limit parameter to the configuration program; the (4) wizard-ids or (5) pager-new-identifier parameter in a firewall-filters action to the configuration program; (6) the cos-physical-interface-name parameter in a cos-physical-interfaces-edit action to the configuration program; the (7) wizard-args or (8) wizard-ids parameter in an snmp action to the configuration program; the (9) username or (10) fullname parameter in a users action to the configuration program; or the (11) certname or (12) certbody parameter in a local-cert (aka https) action to the configuration program. | ||||
Applies to: |
Created: 2009-09-30 |
Updated: 2021-04-03 |
ID: CVE-2009-3487 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the... |
Type: Hardware |
Bulletins:
CVE-2009-3487 SFBID36537 |
Severity: Low |
Description: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3) refresh-time, or (4) ifid parameter to scripter.php; (5) the revision parameter in a rollback action to the configuration program; the m[] parameter to the (6) monitor, (7) manage, (8) events, (9) configuration, or (10) alarms program; (11) the m[] parameter to the default URI; (12) the m[] parameter in a browse action to the default URI; (13) the wizard-next parameter in an https action to the configuration program; or the (14) Contact Information, (15) System Description, (16) Local Engine ID, (17) System Location, or (18) System Name Override SNMP parameter, related to the configuration program. | ||||
Applies to: |
Created: 2009-09-30 |
Updated: 2021-04-03 |
ID: CVE-2009-3485 |
Title: Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI. |
Type: Hardware |
Bulletins:
CVE-2009-3485 SFBID36537 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI. | ||||
Applies to: |
Created: 2009-09-30 |
Updated: 2021-04-03 |
ID: CVE-2009-2867 |
Title: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP... |
Type: Hardware |
Bulletins:
CVE-2009-2867 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2869 |
Title: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. |
Type: Hardware |
Bulletins:
CVE-2009-2869 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2870 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. |
Type: Hardware |
Bulletins:
CVE-2009-2870 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2868 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997. |
Type: Hardware |
Bulletins:
CVE-2009-2868 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2866 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. |
Type: Hardware |
Bulletins:
CVE-2009-2866 SFBID36494 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2871 |
Title: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. |
Type: Hardware |
Bulletins:
CVE-2009-2871 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2862 |
Title: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114,... |
Type: Hardware |
Bulletins:
CVE-2009-2862 SFBID36495 |
Severity: Moderate |
Description: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2863 |
Title: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. |
Type: Hardware |
Bulletins:
CVE-2009-2863 SFBID36491 |
Severity: Critical |
Description: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2864 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP... |
Type: Hardware |
Bulletins:
CVE-2009-2864 SFBID36496 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2873 |
Title: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. |
Type: Hardware |
Bulletins:
CVE-2009-2873 |
Severity: Critical |
Description: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2872 |
Title: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from... |
Type: Hardware |
Bulletins:
CVE-2009-2872 |
Severity: Moderate |
Description: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-2865 |
Title: Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a... |
Type: Hardware |
Bulletins:
CVE-2009-2865 SFBID36498 |
Severity: Critical |
Description: Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779. | ||||
Applies to: |
Created: 2009-09-28 |
Updated: 2021-04-03 |
ID: CVE-2009-3341 |
Title: Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this... |
Type: Hardware |
Bulletins:
CVE-2009-3341 |
Severity: Critical |
Description: Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: wrt54gl |
Created: 2009-09-24 |
Updated: 2021-04-03 |
ID: CVE-2009-3347 |
Title: Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this... |
Type: Hardware |
Bulletins:
CVE-2009-3347 SFBID36237 |
Severity: Critical |
Description: Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: DIR-400 |
Created: 2009-09-24 |
Updated: 2021-04-03 |
ID: CVE-2009-3273 |
Title: iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3273 SFBID36370 |
Severity: Critical |
Description: iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. | ||||
Applies to: |
Created: 2009-09-21 |
Updated: 2021-04-03 |
ID: CVE-2009-3271 |
Title: Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3271 SFBID36386 |
Severity: Moderate |
Description: Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element. | ||||
Applies to: |
Created: 2009-09-21 |
Updated: 2021-04-03 |
ID: CVE-2009-2797 |
Title: The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2797 SFBID36339 |
Severity: Moderate |
Description: The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server. | ||||
Applies to: |
Created: 2009-09-10 |
Updated: 2021-04-03 |
ID: CVE-2009-2796 |
Title: The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password. |
Type: Mobile Devices |
Bulletins:
CVE-2009-2796 SFBID36335 |
Severity: Low |
Description: The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password. | ||||
Applies to: |
Created: 2009-09-10 |
Updated: 2021-04-03 |
ID: CVE-2009-2815 |
Title: The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2815 |
Severity: Critical |
Description: The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. | ||||
Applies to: |
Created: 2009-09-10 |
Updated: 2021-04-03 |
ID: CVE-2009-2207 |
Title: The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2207 SFBID36337 |
Severity: Low |
Description: The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages. | ||||
Applies to: |
Created: 2009-09-10 |
Updated: 2021-04-03 |
ID: CVE-2009-2794 |
Title: The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2794 SFBID36342 |
Severity: Moderate |
Description: The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value. | ||||
Applies to: |
Created: 2009-09-10 |
Updated: 2021-04-03 |
ID: CVE-2009-2206 |
Title: Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2206 SFBID36338 |
Severity: Moderate |
Description: Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. | ||||
Applies to: |
Created: 2009-09-10 |
Updated: 2021-04-03 |
ID: CVE-2009-2795 |
Title: Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2795 SFBID36341 |
Severity: Critical |
Description: Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing." | ||||
Applies to: |
Created: 2009-09-10 |
Updated: 2021-04-03 |
ID: CVE-2009-0627 |
Title: Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation,"... |
Type: Hardware |
Bulletins:
CVE-2009-0627 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609. | ||||
Applies to: Cisco Nexus 5000 Series Cisco Nexus 7000 |
Created: 2009-09-08 |
Updated: 2021-04-03 |
ID: CVE-2009-2861 |
Title: The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-2861 SFBID36145 |
Severity: Critical |
Description: The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | ||||
Applies to: Cisco Aironet Ap1100 Cisco Aironet Ap1200 |
Created: 2009-08-27 |
Updated: 2021-04-03 |
ID: CVE-2009-2050 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. |
Type: Hardware |
Bulletins:
CVE-2009-2050 SFBID36152 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. | ||||
Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2021-04-03 |
ID: CVE-2009-2054 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and... |
Type: Hardware |
Bulletins:
CVE-2009-2054 SFBID36152 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689. | ||||
Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2021-04-03 |
ID: CVE-2009-2053 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP... |
Type: Hardware |
Bulletins:
CVE-2009-2053 SFBID36152 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236. | ||||
Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2021-04-03 |
ID: CVE-2009-2052 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-2052 SFBID36152 |
Severity: Critical |
Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote attackers to cause a denial of service (TCP services outage) via a large number of TCP connections, related to "tracking of network connections," aka Bug IDs CSCsq22534 and CSCsw52371. | ||||
Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2021-04-03 |
ID: CVE-2009-2051 |
Title: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote... |
Type: Hardware |
Bulletins:
CVE-2009-2051 SFBID36152 |
Severity: Critical |
Description: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987. | ||||
Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2021-04-03 |
ID: CVE-2009-2976 |
Title: Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by... |
Type: Hardware |
Bulletins:
CVE-2009-2976 |
Severity: Critical |
Description: Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network. | ||||
Applies to: Cisco Aironet Ap1100 Cisco Aironet Ap1200 |
Created: 2009-08-27 |
Updated: 2021-04-03 |
ID: CVE-2009-2056 |
Title: Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path. |
Type: Hardware |
Bulletins:
CVE-2009-2056 |
Severity: Low |
Description: Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path. | ||||
Applies to: |
Created: 2009-08-21 |
Updated: 2021-04-03 |
ID: CVE-2009-1154 |
Title: Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. |
Type: Hardware |
Bulletins:
CVE-2009-1154 |
Severity: Low |
Description: Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. | ||||
Applies to: |
Created: 2009-08-21 |
Updated: 2021-04-03 |
ID: CVE-2009-2055 |
Title: Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009. |
Type: Hardware |
Bulletins:
CVE-2009-2055 |
Severity: Moderate |
Description: Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009. | ||||
Applies to: |
Created: 2009-08-19 |
Updated: 2021-04-03 |
ID: CVE-2009-2199 |
Title: Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2199 SFBID36026 |
Severity: Moderate |
Description: Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs. | ||||
Applies to: |
Created: 2009-08-12 |
Updated: 2021-04-03 |
ID: CVE-2009-2204 |
Title: Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2204 SFBID35569 |
Severity: Critical |
Description: Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. | ||||
Applies to: |
Created: 2009-08-03 |
Updated: 2021-04-03 |
ID: CVE-2009-2656 |
Title: Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2656 SFBID35886 |
Severity: Moderate |
Description: Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009. | ||||
Applies to: |
Created: 2009-08-03 |
Updated: 2021-04-03 |
ID: CVE-2009-1168 |
Title: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through... |
Type: Hardware |
Bulletins:
CVE-2009-1168 SFBID35862 |
Severity: Critical |
Description: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. | ||||
Applies to: |
Created: 2009-07-30 |
Updated: 2021-04-03 |
ID: CVE-2009-2049 |
Title: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t... |
Type: Hardware |
Bulletins:
CVE-2009-2049 SFBID35860 |
Severity: Moderate |
Description: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973. | ||||
Applies to: |
Created: 2009-07-30 |
Updated: 2021-04-03 |
ID: CVE-2009-1167 |
Title: Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules... |
Type: Hardware |
Bulletins:
CVE-2009-1167 |
Severity: Critical |
Description: Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672. | ||||
Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2021-04-03 |
ID: CVE-2009-1166 |
Title: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services... |
Type: Hardware |
Bulletins:
CVE-2009-1166 |
Severity: Critical |
Description: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708. | ||||
Applies to: Cisco Catalyst 3750G |
Created: 2009-07-29 |
Updated: 2021-04-03 |
ID: CVE-2009-1164 |
Title: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services... |
Type: Hardware |
Bulletins:
CVE-2009-1164 |
Severity: Critical |
Description: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a malformed response to a (1) HTTP or (2) HTTPS authentication request, aka Bug ID CSCsx03715. | ||||
Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2021-04-03 |
ID: CVE-2009-1165 |
Title: Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless... |
Type: Hardware |
Bulletins:
CVE-2009-1165 SFBID35817 |
Severity: Critical |
Description: Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789. | ||||
Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2021-04-03 |
ID: CVE-2009-2348 |
Title: Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2348 SFBID35717 |
Severity: Moderate |
Description: Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone. | ||||
Applies to: |
Created: 2009-07-17 |
Updated: 2021-04-03 |
ID: CVE-2009-1725 |
Title: WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1725 SFBID35607 |
Severity: Critical |
Description: WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
Applies to: |
Created: 2009-07-09 |
Updated: 2021-04-03 |
ID: CVE-2009-1724 |
Title: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1724 SFBID35441 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects. | ||||
Applies to: |
Created: 2009-07-09 |
Updated: 2021-04-03 |
ID: CVE-2009-1203 |
Title: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it... |
Type: Hardware |
Bulletins:
CVE-2009-1203 SFBID35475 |
Severity: Moderate |
Description: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709. | ||||
Applies to: |
Created: 2009-06-25 |
Updated: 2021-04-03 |
ID: CVE-2009-1202 |
Title: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS)... |
Type: Hardware |
Bulletins:
CVE-2009-1202 SFBID35480 |
Severity: Moderate |
Description: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705. | ||||
Applies to: |
Created: 2009-06-25 |
Updated: 2021-04-03 |
ID: CVE-2009-1201 |
Title: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct... |
Type: Hardware |
Bulletins:
CVE-2009-1201 SFBID35476 |
Severity: Moderate |
Description: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694. | ||||
Applies to: |
Created: 2009-06-25 |
Updated: 2021-04-03 |
ID: CVE-2009-1692 |
Title: WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1692 SFBID35414 |
Severity: Critical |
Description: WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object. | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-1683 |
Title: The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1683 SFBID35414 |
Severity: Critical |
Description: The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue." | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-1679 |
Title: The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1679 SFBID35414 |
Severity: Low |
Description: The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy. | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-0959 |
Title: The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0959 SFBID35414 |
Severity: Critical |
Description: The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue." | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-0960 |
Title: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0960 SFBID35414 |
Severity: Moderate |
Description: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an e-mail is read via an HTML email containing an image URL. | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-0961 |
Title: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0961 SFBID35414 |
Severity: Moderate |
Description: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert. | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-1680 |
Title: Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1680 SFBID35414 |
Severity: Low |
Description: Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history. | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-0958 |
Title: Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0958 SFBID35414 |
Severity: Moderate |
Description: Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials. | ||||
Applies to: |
Created: 2009-06-19 |
Updated: 2021-04-03 |
ID: CVE-2009-1698 |
Title: WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1698 SFBID35260 |
Severity: Critical |
Description: WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
Applies to: |
Created: 2009-06-10 |
Updated: 2021-04-03 |
ID: CVE-2009-1690 |
Title: Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1690 SFBID35260 |
Severity: Critical |
Description: Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." | ||||
Applies to: |
Created: 2009-06-10 |
Updated: 2021-04-03 |
ID: CVE-2009-1701 |
Title: Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1701 SFBID35260 |
Severity: Critical |
Description: Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute. | ||||
Applies to: |
Created: 2009-06-10 |
Updated: 2021-04-03 |
ID: CVE-2009-1700 |
Title: The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1700 SFBID35260 |
Severity: Moderate |
Description: The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document. | ||||
Applies to: |
Created: 2009-06-10 |
Updated: 2021-04-03 |
ID: CVE-2009-1699 |
Title: The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1699 SFBID35260 |
Severity: Critical |
Description: The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack." | ||||
Applies to: |
Created: 2009-06-10 |
Updated: 2021-04-03 |
ID: CVE-2009-1702 |
Title: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1702 SFBID35260 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects. | ||||
Applies to: |
Created: 2009-06-10 |
Updated: 2021-04-03 |
ID: CVE-2009-1754 |
Title: The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1754 SFBID35090 |
Severity: Moderate |
Description: The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application. | ||||
Applies to: |
Created: 2009-05-26 |
Updated: 2021-04-03 |
ID: CVE-2009-1561 |
Title: Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator... |
Type: Hardware |
Bulletins:
CVE-2009-1561 SFBID34616 |
Severity: Moderate |
Description: Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters. | ||||
Applies to: wrt54gc |
Created: 2009-05-06 |
Updated: 2021-04-03 |
ID: MITRE:6001 |
Title: oval:org.mitre.oval:def:6001: Apple iTunes Denial of Service Vulnerability |
Type: Software |
Bulletins:
MITRE:6001 CVE-2009-0016 |
Severity: Moderate |
Description: Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header. | ||||
Applies to: Apple iTunes |
Created: 2009-05-04 |
Updated: 2021-04-03 |
ID: MITRE:5868 |
Title: oval:org.mitre.oval:def:5868: Microsoft Malformed BMP Filter Vulnerability |
Type: Software |
Bulletins:
MITRE:5868 CVE-2008-3020 |
Severity: Critical |
Description: Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability." | ||||
Applies to: Microsoft Office 2000 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2009-05-04 |
Updated: 2021-04-03 |
ID: MITRE:5336 |
Title: oval:org.mitre.oval:def:5336: Apple iTunes Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:5336 CVE-2009-0143 |
Severity: Moderate |
Description: Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast. | ||||
Applies to: Apple iTunes |
Created: 2009-05-04 |
Updated: 2021-04-03 |
ID: CVE-2009-1156 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload)... |
Type: Hardware |
Bulletins:
CVE-2009-1156 SFBID34429 |
Severity: Moderate |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | ||||
Applies to: |
Created: 2009-04-09 |
Updated: 2021-04-03 |
ID: CVE-2009-1158 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-1158 SFBID34429 |
Severity: Critical |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. | ||||
Applies to: |
Created: 2009-04-09 |
Updated: 2021-04-03 |
ID: CVE-2009-1159 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2009-1159 SFBID34429 |
Severity: Critical |
Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets. | ||||
Applies to: |
Created: 2009-04-09 |
Updated: 2021-04-03 |
ID: CVE-2009-1157 |
Title: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-1157 SFBID34429 |
Severity: Critical |
Description: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet. | ||||
Applies to: |
Created: 2009-04-09 |
Updated: 2021-04-03 |
ID: CVE-2009-1155 |
Title: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field,... |
Type: Hardware |
Bulletins:
CVE-2009-1155 SFBID34429 |
Severity: Critical |
Description: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors. | ||||
Applies to: |
Created: 2009-04-09 |
Updated: 2021-04-03 |
ID: CVE-2009-1160 |
Title: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote... |
Type: Hardware |
Bulletins:
CVE-2009-1160 SFBID34429 |
Severity: Moderate |
Description: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. | ||||
Applies to: |
Created: 2009-04-09 |
Updated: 2021-04-03 |
ID: CVE-2008-6576 |
Title: Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion... |
Type: Hardware |
Bulletins:
CVE-2008-6576 SFBID28691 |
Severity: Critical |
Description: Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions. | ||||
Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2021-04-03 |
ID: CVE-2008-6577 |
Title: Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges. |
Type: Hardware |
Bulletins:
CVE-2008-6577 SFBID28691 |
Severity: Critical |
Description: Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges. | ||||
Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2021-04-03 |
ID: CVE-2008-6579 |
Title: Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." |
Type: Hardware |
Bulletins:
CVE-2008-6579 SFBID28691 |
Severity: Moderate |
Description: Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." | ||||
Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2021-04-03 |
ID: CVE-2008-6578 |
Title: Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2008-6578 SFBID28691 |
Severity: Critical |
Description: Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. | ||||
Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2021-04-03 |
ID: CVE-2009-0636 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. |
Type: Hardware |
Bulletins:
CVE-2009-0636 SFBID34243 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0631 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol... |
Type: Hardware |
Bulletins:
CVE-2009-0631 SFBID34245 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0626 |
Title: The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. |
Type: Hardware |
Bulletins:
CVE-2009-0626 SFBID34239 |
Severity: Critical |
Description: The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0637 |
Title: The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite... |
Type: Hardware |
Bulletins:
CVE-2009-0637 SFBID34247 |
Severity: Critical |
Description: The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0630 |
Title: The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission... |
Type: Hardware |
Bulletins:
CVE-2009-0630 SFBID34242 |
Severity: Critical |
Description: The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0629 |
Title: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging... |
Type: Hardware |
Bulletins:
CVE-2009-0629 SFBID34238 |
Severity: Moderate |
Description: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0634 |
Title: Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge... |
Type: Hardware |
Bulletins:
CVE-2009-0634 SFBID34241 |
Severity: Critical |
Description: Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0633 |
Title: Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6... |
Type: Hardware |
Bulletins:
CVE-2009-0633 SFBID34241 |
Severity: Critical |
Description: Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0628 |
Title: Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control... |
Type: Hardware |
Bulletins:
CVE-2009-0628 SFBID34239 |
Severity: Critical |
Description: Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0635 |
Title: Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a... |
Type: Hardware |
Bulletins:
CVE-2009-0635 SFBID34246 |
Severity: Critical |
Description: Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets. | ||||
Applies to: |
Created: 2009-03-27 |
Updated: 2021-04-03 |
ID: CVE-2009-0632 |
Title: The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2)... |
Type: Hardware |
Bulletins:
CVE-2009-0632 SFBID34082 |
Severity: Critical |
Description: The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x. | ||||
Applies to: Unified Communications Manager |
Created: 2009-03-12 |
Updated: 2021-04-03 |
ID: CVE-2009-0624 |
Title: Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-0624 SFBID33900 |
Severity: Moderate |
Description: Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet. | ||||
Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2021-04-03 |
ID: CVE-2009-0623 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-0623 SFBID33900 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. | ||||
Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2021-04-03 |
ID: CVE-2009-0622 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute... |
Type: Hardware |
Bulletins:
CVE-2009-0622 SFBID33900 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI). | ||||
Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2021-04-03 |
ID: CVE-2009-0625 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-0625 SFBID33900 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. | ||||
Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2021-04-03 |
ID: CVE-2009-0742 |
Title: The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers... |
Type: Hardware |
Bulletins:
CVE-2009-0742 |
Severity: Critical |
Description: The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information. | ||||
Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2021-04-03 |
ID: CVE-2009-0621 |
Title: Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform... |
Type: Hardware |
Bulletins:
CVE-2009-0621 SFBID33900 |
Severity: Critical |
Description: Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access. | ||||
Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2021-04-03 |
ID: CVE-2008-6096 |
Title: Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet... |
Type: Hardware |
Bulletins:
CVE-2008-6096 SFBID31528 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page. | ||||
Applies to: |
Created: 2009-02-09 |
Updated: 2021-04-03 |
ID: CVE-2009-0470 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different... |
Type: Hardware |
Bulletins:
CVE-2009-0470 SFBID33625 |
Severity: Moderate |
Description: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821. | ||||
Applies to: |
Created: 2009-02-06 |
Updated: 2021-04-03 |
ID: CVE-2009-0471 |
Title: Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. |
Type: Hardware |
Bulletins:
CVE-2009-0471 |
Severity: Moderate |
Description: Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. | ||||
Applies to: |
Created: 2009-02-06 |
Updated: 2021-04-03 |
ID: CVE-2009-0061 |
Title: Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before... |
Type: Hardware |
Bulletins:
CVE-2009-0061 SFBID33608 |
Severity: Critical |
Description: Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets. | ||||
Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2021-04-03 |
ID: CVE-2009-0062 |
Title: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain... |
Type: Hardware |
Bulletins:
CVE-2009-0062 SFBID33608 |
Severity: Critical |
Description: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels. | ||||
Applies to: |
Created: 2009-02-04 |
Updated: 2021-04-03 |
ID: CVE-2009-0058 |
Title: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial... |
Type: Hardware |
Bulletins:
CVE-2009-0058 SFBID33608 |
Severity: Moderate |
Description: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner. | ||||
Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2021-04-03 |
ID: CVE-2009-0059 |
Title: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2009-0059 SFBID33608 |
Severity: Critical |
Description: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html. | ||||
Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2021-04-03 |
ID: CVE-2009-0057 |
Title: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a... |
Type: Hardware |
Bulletins:
CVE-2009-0057 SFBID33379 |
Severity: Moderate |
Description: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely." | ||||
Applies to: Unified Communications Manager |
Created: 2009-01-22 |
Updated: 2021-04-03 |
ID: CVE-2008-3821 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. |
Type: Hardware |
Bulletins:
CVE-2008-3821 SFBID33260 |
Severity: Moderate |
Description: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. | ||||
Applies to: |
Created: 2009-01-16 |
Updated: 2021-04-03 |
ID: CVE-2008-3818 |
Title: Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. |
Type: Hardware |
Bulletins:
CVE-2008-3818 SFBID33261 |
Severity: Critical |
Description: Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. | ||||
Applies to: |
Created: 2009-01-16 |
Updated: 2021-04-03 |
ID: MITRE:6075 |
Title: oval:org.mitre.oval:def:6075: HIS Command Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:6075 CVE-2008-3466 |
Severity: Critical |
Description: Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability." | ||||
Applies to: Microsoft Host Integration Server 2000 Microsoft Host Integration Server 2004 Microsoft Host Integration Server 2004 Client Microsoft Host Integration Server 2006 |
Created: 2008-12-08 |
Updated: 2021-04-03 |
ID: CVE-2008-5230 |
Title: The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which... |
Type: Hardware |
Bulletins:
CVE-2008-5230 SFBID32164 |
Severity: Moderate |
Description: The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-4230 |
Title: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4230 SFBID32394 |
Severity: Low |
Description: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a duplicate of CVE-2008-4593. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-4228 |
Title: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4228 SFBID32394 |
Severity: Low |
Description: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-4232 |
Title: Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4232 SFBID32394 |
Severity: Moderate |
Description: Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-4231 |
Title: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4231 SFBID32394 |
Severity: Critical |
Description: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-4233 |
Title: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4233 SFBID32394 |
Severity: Low |
Description: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-4229 |
Title: Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4229 SFBID32394 |
Severity: Low |
Description: Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-1586 |
Title: ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. |
Type: Mobile Devices |
Bulletins:
CVE-2008-1586 SFBID32394 |
Severity: Critical |
Description: ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: CVE-2008-4227 |
Title: Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4227 SFBID32394 |
Severity: Critical |
Description: Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. | ||||
Applies to: |
Created: 2008-11-25 |
Updated: 2021-04-03 |
ID: REF000667 |
Title: USB devices installed over time |
Type: Information |
Bulletins: | Severity: Information |
Description: This check generates a list of all USB devices that have been connected to the scanned computer. | ||||
Applies to: |
Created: 2008-11-17 |
Updated: 2010-08-21 |
ID: CVE-2008-4963 |
Title: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP... |
Type: Hardware |
Bulletins:
CVE-2008-4963 SFBID32120 |
Severity: Critical |
Description: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port. | ||||
Applies to: |
Created: 2008-11-06 |
Updated: 2021-04-03 |
ID: CVE-2008-4918 |
Title: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that... |
Type: Hardware |
Bulletins:
CVE-2008-4918 SFBID31998 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking." | ||||
Applies to: |
Created: 2008-11-04 |
Updated: 2021-04-03 |
ID: MITRE:6035 |
Title: oval:org.mitre.oval:def:6035: Apple iTunes Local Privilege Escalation Vulnerability |
Type: Software |
Bulletins:
MITRE:6035 CVE-2008-3636 |
Severity: Critical |
Description: Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server 2003, and Vista allows context-dependent attackers to gain privileges. NOTE: this issue was originally reported for GEARAspiWDM.sys 2.0.7.5 in Gear Software CD DVD Filter driver before 4.001.7, as used in other products including Apple iTunes and multiple Symantec and Norton products, which allows local users to gain privileges via repeated IoAttachDevice IOCTL calls to \\.\GEARAspiWDMDevice in this GEARAspiWDM.sys. However, the root cause is the integer overflow in the API call itself. | ||||
Applies to: Apple iTunes |
Created: 2008-11-03 |
Updated: 2021-04-03 |
ID: CVE-2008-3816 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. |
Type: Hardware |
Bulletins:
CVE-2008-3816 SFBID31863 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. | ||||
Applies to: Cisco ASA 5500 Adaptive Security Appliance Cisco PIX 500 Firewall Series |
Created: 2008-10-23 |
Updated: 2021-04-03 |
ID: CVE-2008-3815 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using... |
Type: Hardware |
Bulletins:
CVE-2008-3815 SFBID31864 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors. | ||||
Applies to: |
Created: 2008-10-23 |
Updated: 2021-04-03 |
ID: CVE-2008-3817 |
Title: Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets,... |
Type: Hardware |
Bulletins:
CVE-2008-3817 SFBID31865 |
Severity: Critical |
Description: Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator." | ||||
Applies to: Cisco ASA 5500 Adaptive Security Appliance Cisco PIX 500 Firewall Series |
Created: 2008-10-23 |
Updated: 2021-04-03 |
ID: CVE-2008-4609 |
Title: The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple... |
Type: Hardware |
Bulletins:
CVE-2008-4609 |
Severity: Critical |
Description: The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | ||||
Applies to: |
Created: 2008-10-20 |
Updated: 2021-04-03 |
ID: CVE-2008-4594 |
Title: Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. |
Type: Hardware |
Bulletins:
CVE-2008-4594 |
Severity: Critical |
Description: Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | ||||
Applies to: wap400n |
Created: 2008-10-17 |
Updated: 2021-04-03 |
ID: CVE-2008-4441 |
Title: The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-4441 SFBID31742 |
Severity: Critical |
Description: The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197. | ||||
Applies to: wap400n |
Created: 2008-10-14 |
Updated: 2021-04-03 |
ID: CVE-2008-4211 |
Title: Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4211 SFBID31681 |
Severity: Critical |
Description: Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns." | ||||
Applies to: |
Created: 2008-10-10 |
Updated: 2021-04-03 |
ID: MITRE:5995 |
Title: oval:org.mitre.oval:def:5995: Windows Messenger Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:5995 CVE-2008-0082 |
Severity: Critical |
Description: An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors. | ||||
Applies to: MSN Messenger 4.7 MSN Messenger 5.1 |
Created: 2008-10-06 |
Updated: 2021-04-03 |
ID: CVE-2008-4383 |
Title: Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01,... |
Type: Hardware |
Bulletins:
CVE-2008-4383 SFBID30652 |
Severity: Critical |
Description: Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie. | ||||
Applies to: |
Created: 2008-10-03 |
Updated: 2021-04-03 |
ID: CVE-2008-4296 |
Title: The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. |
Type: Hardware |
Bulletins:
CVE-2008-4296 |
Severity: Critical |
Description: The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | ||||
Applies to: wrt350n |
Created: 2008-09-27 |
Updated: 2021-04-03 |
ID: CVE-2008-3802 |
Title: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka... |
Type: Hardware |
Bulletins:
CVE-2008-3802 |
Severity: Critical |
Description: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3800 |
Title: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2008-3800 SFBID31367 |
Severity: Critical |
Description: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3801 |
Title: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2008-3801 SFBID31367 |
Severity: Critical |
Description: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3804 |
Title: Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software... |
Type: Hardware |
Bulletins:
CVE-2008-3804 |
Severity: Critical |
Description: Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3813 |
Title: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. |
Type: Hardware |
Bulletins:
CVE-2008-3813 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3808 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. |
Type: Hardware |
Bulletins:
CVE-2008-3808 SFBID31356 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-2739 |
Title: The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a... |
Type: Hardware |
Bulletins:
CVE-2008-2739 |
Severity: Critical |
Description: The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3799 |
Title: Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP... |
Type: Hardware |
Bulletins:
CVE-2008-3799 |
Severity: Critical |
Description: Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3812 |
Title: Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. |
Type: Hardware |
Bulletins:
CVE-2008-3812 SFBID31354 |
Severity: Critical |
Description: Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3798 |
Title: Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. |
Type: Hardware |
Bulletins:
CVE-2008-3798 |
Severity: Critical |
Description: Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3810 |
Title: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than... |
Type: Hardware |
Bulletins:
CVE-2008-3810 SFBID31359 |
Severity: Critical |
Description: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3811 |
Title: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different... |
Type: Hardware |
Bulletins:
CVE-2008-3811 SFBID31359 |
Severity: Critical |
Description: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3807 |
Title: Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this... |
Type: Hardware |
Bulletins:
CVE-2008-3807 |
Severity: Critical |
Description: Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3809 |
Title: Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. |
Type: Hardware |
Bulletins:
CVE-2008-3809 SFBID31356 |
Severity: Critical |
Description: Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3805 |
Title: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-3805 |
Severity: Critical |
Description: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3806 |
Title: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-3806 |
Severity: Critical |
Description: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: CVE-2008-3803 |
Title: A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from... |
Type: Hardware |
Bulletins:
CVE-2008-3803 SFBID31366 |
Severity: Moderate |
Description: A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances. | ||||
Applies to: |
Created: 2008-09-26 |
Updated: 2021-04-03 |
ID: MITRE:6122 |
Title: oval:org.mitre.oval:def:6122: Microsoft Malformed EPS Filter Vulnerability |
Type: Software |
Bulletins:
MITRE:6122 CVE-2008-3019 |
Severity: Critical |
Description: Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability." | ||||
Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2008-09-22 |
Updated: 2021-04-03 |
ID: MITRE:6019 |
Title: oval:org.mitre.oval:def:6019: Microsoft Office WPG Image File Heap Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:6019 CVE-2008-3460 |
Severity: Critical |
Description: WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability." | ||||
Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2008-09-22 |
Updated: 2021-04-03 |
ID: MITRE:5997 |
Title: oval:org.mitre.oval:def:5997: Microsoft PICT Filter Parsing Vulnerability |
Type: Software |
Bulletins:
MITRE:5997 CVE-2008-3021 |
Severity: Critical |
Description: Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a different vulnerability than CVE-2008-3018. | ||||
Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works 8 |
Created: 2008-09-22 |
Updated: 2021-04-03 |
ID: MITRE:5879 |
Title: oval:org.mitre.oval:def:5879: Microsoft Malformed PICT Filter Vulnerability |
Type: Software |
Bulletins:
MITRE:5879 CVE-2008-3018 |
Severity: Critical |
Description: Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021. | ||||
Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2008-09-22 |
Updated: 2021-04-03 |
ID: CVE-2008-4133 |
Title: The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters. |
Type: Hardware |
Bulletins:
CVE-2008-4133 SFBID31050 |
Severity: Moderate |
Description: The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters. | ||||
Applies to: DIR-100 |
Created: 2008-09-19 |
Updated: 2021-04-03 |
ID: CVE-2008-4128 |
Title: Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command... |
Type: Hardware |
Bulletins:
CVE-2008-4128 SFBID31218 |
Severity: Critical |
Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. | ||||
Applies to: |
Created: 2008-09-18 |
Updated: 2021-04-03 |
ID: CVE-2008-1197 |
Title: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a... |
Type: Hardware |
Bulletins:
CVE-2008-1197 SFBID30976 |
Severity: Moderate |
Description: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID." | ||||
Applies to: WPN802 Access Point |
Created: 2008-09-05 |
Updated: 2021-04-03 |
ID: CVE-2008-1144 |
Title: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or... |
Type: Hardware |
Bulletins:
CVE-2008-1144 SFBID31013 |
Severity: Moderate |
Description: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length." | ||||
Applies to: WPN802 Access Point |
Created: 2008-09-05 |
Updated: 2021-04-03 |
ID: CVE-2007-5474 |
Title: The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users... |
Type: Hardware |
Bulletins:
CVE-2007-5474 SFBID31012 |
Severity: Moderate |
Description: The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long. | ||||
Applies to: wrt350n |
Created: 2008-09-05 |
Updated: 2021-04-03 |
ID: CVE-2008-2736 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown... |
Type: Hardware |
Bulletins:
CVE-2008-2736 SFBID30998 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636. | ||||
Applies to: |
Created: 2008-09-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2735 |
Title: The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-2735 SFBID30998 |
Severity: Critical |
Description: The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of service (device reload) via a URI in a crafted SSL or HTTP packet, aka Bug ID CSCsq19369. | ||||
Applies to: |
Created: 2008-09-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2732 |
Title: Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow... |
Type: Hardware |
Bulletins:
CVE-2008-2732 SFBID30998 |
Severity: Critical |
Description: Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315. | ||||
Applies to: |
Created: 2008-09-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2734 |
Title: Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2008-2734 SFBID30998 |
Severity: Critical |
Description: Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a denial of service (memory consumption and VPN hang) via a crafted SSL or HTTP packet, aka Bug ID CSCso66472. | ||||
Applies to: |
Created: 2008-09-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2733 |
Title: Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote... |
Type: Hardware |
Bulletins:
CVE-2008-2733 SFBID30998 |
Severity: Critical |
Description: Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942. | ||||
Applies to: |
Created: 2008-09-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2062 |
Title: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information... |
Type: Hardware |
Bulletins:
CVE-2008-2062 SFBID29935 |
Severity: Moderate |
Description: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151. | ||||
Applies to: Unified Communications Manager |
Created: 2008-06-26 |
Updated: 2021-04-03 |
ID: CVE-2008-2730 |
Title: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and... |
Type: Hardware |
Bulletins:
CVE-2008-2730 SFBID29935 |
Severity: Moderate |
Description: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843. | ||||
Applies to: Unified Communications Manager |
Created: 2008-06-26 |
Updated: 2021-04-03 |
ID: CVE-2008-2061 |
Title: The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP... |
Type: Hardware |
Bulletins:
CVE-2008-2061 SFBID29933 |
Severity: Critical |
Description: The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748. | ||||
Applies to: Unified Communications Manager |
Created: 2008-06-26 |
Updated: 2021-04-03 |
ID: MITRE:5578 |
Title: oval:org.mitre.oval:def:5578: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability |
Type: Services |
Bulletins:
MITRE:5578 CVE-2007-6026 |
Severity: Critical |
Description: Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. | ||||
Applies to: Microsoft Jet 4.0 Database Engine |
Created: 2008-06-23 |
Updated: 2021-04-03 |
ID: CVE-2008-2636 |
Title: The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many... |
Type: Hardware |
Bulletins:
CVE-2008-2636 |
Severity: Critical |
Description: The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many instances of a "front_page" sequence, and ends with a ".asp" sequence. | ||||
Applies to: wrh54g |
Created: 2008-06-09 |
Updated: 2021-04-03 |
ID: CVE-2008-2057 |
Title: The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a... |
Type: Hardware |
Bulletins:
CVE-2008-2057 |
Severity: Moderate |
Description: The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet. | ||||
Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2056 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the... |
Type: Hardware |
Bulletins:
CVE-2008-2056 |
Severity: Critical |
Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface. | ||||
Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2059 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2008-2059 |
Severity: Critical |
Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors. | ||||
Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2058 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. |
Type: Hardware |
Bulletins:
CVE-2008-2058 |
Severity: Critical |
Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. | ||||
Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2021-04-03 |
ID: CVE-2008-2055 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface. |
Type: Hardware |
Bulletins:
CVE-2008-2055 |
Severity: Critical |
Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface. | ||||
Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2021-04-03 |
ID: CVE-2008-1159 |
Title: Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293. |
Type: Hardware |
Bulletins:
CVE-2008-1159 SFBID29314 |
Severity: Critical |
Description: Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293. | ||||
Applies to: |
Created: 2008-05-22 |
Updated: 2021-04-03 |
ID: CVE-2008-1747 |
Title: Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via... |
Type: Hardware |
Bulletins:
CVE-2008-1747 SFBID29221 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944. | ||||
Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2021-04-03 |
ID: CVE-2008-1746 |
Title: The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and... |
Type: Hardware |
Bulletins:
CVE-2008-1746 SFBID29221 |
Severity: Critical |
Description: The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113. | ||||
Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2021-04-03 |
ID: CVE-2008-1744 |
Title: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via... |
Type: Hardware |
Bulletins:
CVE-2008-1744 SFBID29221 |
Severity: Critical |
Description: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2021-04-03 |
ID: CVE-2008-1743 |
Title: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service... |
Type: Hardware |
Bulletins:
CVE-2008-1743 SFBID29221 |
Severity: Critical |
Description: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433. | ||||
Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2021-04-03 |
ID: CVE-2008-1742 |
Title: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of... |
Type: Hardware |
Bulletins:
CVE-2008-1742 SFBID29221 |
Severity: Critical |
Description: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609. | ||||
Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2021-04-03 |
ID: CVE-2008-1748 |
Title: Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service... |
Type: Hardware |
Bulletins:
CVE-2008-1748 SFBID29221 |
Severity: Critical |
Description: Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355. | ||||
Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2021-04-03 |
ID: CVE-2008-1745 |
Title: Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115. |
Type: Hardware |
Bulletins:
CVE-2008-1745 SFBID29221 |
Severity: Critical |
Description: Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115. | ||||
Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2021-04-03 |
ID: CVE-2008-1154 |
Title: The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not... |
Type: Hardware |
Bulletins:
CVE-2008-1154 SFBID28591 |
Severity: Critical |
Description: The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
Applies to: Unified Communications Manager |
Created: 2008-04-04 |
Updated: 2021-04-03 |
ID: CVE-2008-1156 |
Title: Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree... |
Type: Hardware |
Bulletins:
CVE-2008-1156 SFBID28464 |
Severity: Moderate |
Description: Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message. | ||||
Applies to: |
Created: 2008-03-27 |
Updated: 2021-04-03 |
ID: CVE-2008-1150 |
Title: The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB)... |
Type: Hardware |
Bulletins:
CVE-2008-1150 SFBID28460 |
Severity: Critical |
Description: The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309. | ||||
Applies to: |
Created: 2008-03-27 |
Updated: 2021-04-03 |
ID: CVE-2008-1152 |
Title: The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. |
Type: Hardware |
Bulletins:
CVE-2008-1152 SFBID28465 |
Severity: Critical |
Description: The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. | ||||
Applies to: |
Created: 2008-03-27 |
Updated: 2021-04-03 |
ID: CVE-2008-1151 |
Title: Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated... |
Type: Hardware |
Bulletins:
CVE-2008-1151 SFBID28460 |
Severity: Critical |
Description: Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566. | ||||
Applies to: |
Created: 2008-03-27 |
Updated: 2021-04-03 |
ID: CVE-2008-1153 |
Title: Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. |
Type: Hardware |
Bulletins:
CVE-2008-1153 SFBID28461 |
Severity: Critical |
Description: Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. | ||||
Applies to: |
Created: 2008-03-27 |
Updated: 2021-04-03 |
ID: CVE-2007-6709 |
Title: The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. |
Type: Hardware |
Bulletins:
CVE-2007-6709 |
Severity: Critical |
Description: The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | ||||
Applies to: wag54gs |
Created: 2008-03-13 |
Updated: 2021-04-03 |
ID: CVE-2007-6707 |
Title: Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than... |
Type: Hardware |
Bulletins:
CVE-2007-6707 |
Severity: Moderate |
Description: Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574. | ||||
Applies to: wag54gs |
Created: 2008-03-13 |
Updated: 2021-04-03 |
ID: CVE-2007-6708 |
Title: Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an... |
Type: Hardware |
Bulletins:
CVE-2007-6708 |
Severity: Moderate |
Description: Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi. | ||||
Applies to: wag54gs |
Created: 2008-03-13 |
Updated: 2021-04-03 |
ID: CVE-2008-1247 |
Title: The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2)... |
Type: Hardware |
Bulletins:
CVE-2008-1247 SFBID28381 |
Severity: Critical |
Description: The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202. | ||||
Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1263 |
Title: The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. |
Type: Hardware |
Bulletins:
CVE-2008-1263 |
Severity: Moderate |
Description: The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. | ||||
Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1264 |
Title: The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. |
Type: Hardware |
Bulletins:
CVE-2008-1264 |
Severity: Critical |
Description: The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. | ||||
Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1265 |
Title: The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. |
Type: Hardware |
Bulletins:
CVE-2008-1265 |
Severity: Critical |
Description: The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. | ||||
Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1268 |
Title: The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password. |
Type: Hardware |
Bulletins:
CVE-2008-1268 |
Severity: Critical |
Description: The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password. | ||||
Applies to: wrt54g 7 |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1266 |
Title: Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact via (1) a long username or (2) an HTTP header with a large name... |
Type: Hardware |
Bulletins:
CVE-2008-1266 SFBID28439 |
Severity: Critical |
Description: Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact via (1) a long username or (2) an HTTP header with a large name and an empty value. | ||||
Applies to: DI-524 |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1243 |
Title: Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. |
Type: Hardware |
Bulletins:
CVE-2008-1243 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. | ||||
Applies to: wrt300n |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1258 |
Title: Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter. |
Type: Hardware |
Bulletins:
CVE-2008-1258 SFBID28439 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter. | ||||
Applies to: DI-604 |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-1253 |
Title: Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the... |
Type: Hardware |
Bulletins:
CVE-2008-1253 SFBID28439 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page. | ||||
Applies to: DSL-G604T |
Created: 2008-03-10 |
Updated: 2021-04-03 |
ID: CVE-2008-0026 |
Title: SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and... |
Type: Hardware |
Bulletins:
CVE-2008-0026 SFBID27775 |
Severity: Moderate |
Description: SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-02-14 |
Updated: 2021-04-03 |
ID: MITRE:3622 |
Title: oval:org.mitre.oval:def:3622: Windows Media Format Remote Code Execution Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:3622 CVE-2007-0064 |
Severity: Critical |
Description: Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | ||||
Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 7.1 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2008-02-04 |
Updated: 2021-04-03 |
ID: CVE-2008-0028 |
Title: Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-0028 SFBID27418 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet. | ||||
Applies to: Cisco ASA 5500 Adaptive Security Appliance |
Created: 2008-01-23 |
Updated: 2021-04-03 |
ID: REF000657 |
Title: IM installed: Yahoo! Messenger |
Type: Software |
Bulletins: | Severity: Low |
Description: Yahoo Messenger instant messaging client is installed. | ||||
Applies to: Yahoo Messenger |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: REF000661 |
Title: IM installed: Windows Live Messenger |
Type: Software |
Bulletins: | Severity: Low |
Description: Windows Live Messenger instant messaging client is installed. | ||||
Applies to: Windows Live Messenger |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: REF000658 |
Title: IM installed: Trillian |
Type: Software |
Bulletins: | Severity: Low |
Description: Trillian instant messaging client is installed. | ||||
Applies to: Trillian |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: REF000659 |
Title: IM installed: Skype |
Type: Software |
Bulletins: | Severity: Low |
Description: Skype instant messaging client is installed. | ||||
Applies to: Skype |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: REF000662 |
Title: IM installed: Pidgin |
Type: Software |
Bulletins: | Severity: Low |
Description: Pidgin instant messaging client is installed. | ||||
Applies to: Pidgin |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: REF000656 |
Title: IM installed: ICQ |
Type: Software |
Bulletins: | Severity: Low |
Description: ICQ instant messaging client is installed. | ||||
Applies to: ICQ |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: REF000655 |
Title: IM installed: Google Talk |
Type: Software |
Bulletins: | Severity: Low |
Description: Google Talk instant messaging client is installed. | ||||
Applies to: Google Talk |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: REF000660 |
Title: IM installed: Gizmo |
Type: Software |
Bulletins: | Severity: Low |
Description: Gizmo instant messaging client is installed. | ||||
Applies to: Gizmo |
Created: 2008-01-17 |
Updated: 2010-08-21 |
ID: CVE-2008-0027 |
Title: Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows... |
Type: Hardware |
Bulletins:
CVE-2008-0027 SFBID27313 |
Severity: Critical |
Description: Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-01-16 |
Updated: 2021-04-03 |
ID: CVE-2007-0588 |
Title: SANS07C4:Apple QuickDraw on Mac OSX 10.4.8 and earlier allows remote denial of service |
Type: Software |
Bulletins:
CVE-2007-0588 SFBID22228 |
Severity: Critical |
Description: The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. | ||||
Applies to: Apple QuickDraw |
Created: 2008-01-11 |
Updated: 2021-04-03 |
ID: CVE-2007-0466 |
Title: SANS07C4: Telestream Flip4Mac WMV for Quicktime 2.1.0.33 remote code execution vulnerability |
Type: Software |
Bulletins:
CVE-2007-0466 SFBID22286 |
Severity: Critical |
Description: Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 allows remote attackers to execute arbitrary code via a crafted ASF_File_Properties_Object size field in a WMV file, which triggers memory corruption. | ||||
Applies to: Telestream Flip4Mac WMV |
Created: 2008-01-11 |
Updated: 2021-04-03 |
ID: CVE-2007-0731 |
Title: SANS07S3: Samba module in Apple Mac OS X buffer overflow |
Type: Services |
Bulletins:
CVE-2007-0731 SFBID22948 |
Severity: Critical |
Description: Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.3.9 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. | ||||
Applies to: Apple Mac OS X |
Created: 2008-01-10 |
Updated: 2021-04-03 |
ID: CVE-2006-6652 |
Title: SANS07S3: Buffer overflow in libc used in FTP daemon and tnftpd in Apple Mac OS X |
Type: Services |
Bulletins:
CVE-2006-6652 SFBID21377 |
Severity: Critical |
Description: Buffer overflow in the glob implementation (glob.c) in libc in Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. | ||||
Applies to: FTP |
Created: 2008-01-10 |
Updated: 2021-04-03 |
ID: CVE-2007-0776 |
Title: SANS07C1: Multiple Vulnerabilities in Mozilla Firefox earlier than 2.0.0.8 |
Type: Web |
Bulletins:
CVE-2007-0776 CVE-2007-0777 CVE-2007-0779 CVE-2007-0981 CVE-2007-1092 CVE-2007-2292 CVE-2007-2867 CVE-2007-3734 CVE-2007-3735 CVE-2007-3737 CVE-2007-3738 CVE-2007-3845 CVE-2007-4841 CVE-2007-5338 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 SFBID26132 SFBID20957 SFBID20042 SFBID25543 SFBID22679 SFBID24946 SFBID24242 SFBID22694 SFBID23668 SFBID22566 SFBID21668 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Mozilla Firefox versions earlier than 2.0.0.8. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements. | ||||
Applies to: Mozilla Firefox |
Created: 2008-01-10 |
Updated: 2021-04-03 |
ID: CVE-2008-0228 |
Title: Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators. |
Type: Hardware |
Bulletins:
CVE-2008-0228 |
Severity: Critical |
Description: Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators. | ||||
Applies to: wrt54gl |
Created: 2008-01-10 |
Updated: 2021-04-03 |
ID: CVE-2006-0994 |
Title: SANS07S5: Sophos Anti-Virus products allow remote code execution via crafted CAB |
Type: Software |
Bulletins:
CVE-2006-0994 SFBID17876 |
Severity: Critical |
Description: Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption. | ||||
Applies to: Sophos Anti-Virus |
Created: 2008-01-08 |
Updated: 2021-04-03 |
ID: CVE-2006-6335 |
Title: SANS07S5: Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 |
Type: Software |
Bulletins:
CVE-2006-6335 SFBID21563 |
Severity: Critical |
Description: Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll. | ||||
Applies to: Sophos Anti-Virus |
Created: 2008-01-08 |
Updated: 2021-04-03 |
ID: CVE-2007-3509 |
Title: SANS07S4: Buffer overflow in Symantec/Veritas Backup Exec |
Type: Software |
Bulletins:
CVE-2007-3509 SFBID23897 |
Severity: Critical |
Description: Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests. | ||||
Applies to: Symantec/Veritas Backup Exec |
Created: 2008-01-07 |
Updated: 2021-04-03 |
ID: REF000618 |
Title: IM installed: xchat installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Xchat instant messaging client installed. | ||||
Applies to: |
Created: 2008-01-07 |
Updated: 2010-08-21 |
ID: REF000617 |
Title: IM installed: konversation installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Koversation instant messaging client installed. | ||||
Applies to: |
Created: 2008-01-07 |
Updated: 2010-08-21 |
ID: CVE-2007-2974 |
Title: SANS07S5: Multiple Vulnerabilities in Avira AntiVir |
Type: Software |
Bulletins:
CVE-2007-2974 CVE-2007-2973 CVE-2007-2972 CVE-2007-1671 SFBID23823 SFBID24187 SFBID24239 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Avira AntiVir antivirus engine prior to 7.04.00.24 and avpack prior to 7.03.00.09. | ||||
Applies to: Avira AntiVir |
Created: 2008-01-03 |
Updated: 2021-04-03 |
ID: CVE-2007-3509 |
Title: SANS07S4: Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers |
Type: Services |
Bulletins:
CVE-2007-3509 SFBID23897 |
Severity: Critical |
Description: Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests. | ||||
Applies to: Symantec Backup Exec for Windows Servers |
Created: 2008-01-03 |
Updated: 2021-04-03 |
ID: REF000584 |
Title: Config pam: no bruteforce protection configured |
Type: Services |
Bulletins: | Severity: Low |
Description: No PAM brute-force protection modules detected. Modules pam_abl and pam_al missing. | ||||
Applies to: |
Created: 2008-01-03 |
Updated: 2010-08-21 |
ID: CVE-2007-2139 |
Title: SANS07S4: Multiple unspecified vulnerabilities in mediasvr and caloggerd in CA BrightStor ARCServe Backup |
Type: Services |
Bulletins:
CVE-2007-2139 SFBID23635 |
Severity: Critical |
Description: Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings. | ||||
Applies to: CA BrightStor ARCServe Backup |
Created: 2007-12-21 |
Updated: 2021-04-03 |
ID: REF000653 |
Title: MP installed: VLC browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
Description: VLC Media Plugin for internet browsers is installed. | ||||
Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
ID: REF000651 |
Title: MP installed: MPlayer browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
Description: MPlayer Media Plugin for internet browsers is installed. | ||||
Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
ID: REF000652 |
Title: MP installed: HelixPlayer browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
Description: HelixPlayer Media Plugin for internet browsers is installed. | ||||
Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
ID: REF000654 |
Title: MP installed: GCJ java browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Java Media Plugin for internet browsers is installed. | ||||
Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
ID: REF000650 |
Title: MP installed: Flash browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Flash Media Plugin for internet browsers is installed. | ||||
Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
ID: CVE-2006-5339 |
Title: SANS07S7: Multiple vulnerabilities in Oracle 8.1.7.4 |
Type: Services |
Bulletins:
CVE-2006-5339 CVE-2006-5340 CVE-2006-5344 CVE-2007-0272 SFBID20588 SFBID22083 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Oracle 8.1.7.4, including buffer overflows, and multiple unspecified vulnerabilities. | ||||
Applies to: Oracle Database 8i |
Created: 2007-12-17 |
Updated: 2021-04-03 |
ID: CVE-2007-1086 |
Title: SANS07S7: Multiple vulnerabilities in IBM DB2 |
Type: Services |
Bulletins:
CVE-2007-1086 CVE-2007-1087 CVE-2007-1088 CVE-2007-1089 CVE-2007-2582 CVE-2007-5652 SFBID22677 SFBID26010 SFBID23890 SFBID26450 |
Severity: Critical |
Description: Multiple vulnerabilities exist in IBM DB2 before version 9.1 FixPack4. These include execution of arbitrary code, creation and modification of arbitrary files, and execution of unauthorized SQL commands. | ||||
Applies to: IBM DB2 |
Created: 2007-12-17 |
Updated: 2021-04-03 |
ID: CVE-2007-6372 |
Title: Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping. |
Type: Hardware |
Bulletins:
CVE-2007-6372 SFBID26869 |
Severity: Critical |
Description: Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping. | ||||
Applies to: |
Created: 2007-12-14 |
Updated: 2021-04-03 |
ID: CVE-2006-5332 |
Title: SANS07S7: Multiple vulnerabilities in Oracle Database 9i |
Type: Services |
Bulletins:
CVE-2006-5332 CVE-2006-5334 CVE-2006-5336 CVE-2006-5339 CVE-2006-5340 CVE-2006-5341 CVE-2006-5342 CVE-2006-5344 CVE-2006-5345 CVE-2007-0272 CVE-2007-2118 CVE-2007-5506 SFBID20588 SFBID22083 SFBID23532 |
Severity: Critical |
Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 9i. It is recommended to update to the latest versions or apply the latest patches. | ||||
Applies to: Oracle Database 9i |
Created: 2007-12-14 |
Updated: 2021-04-03 |
ID: CVE-2006-5332 |
Title: SANS07S7: Multiple vulnerabilities in Oracle Database 10g |
Type: Services |
Bulletins:
CVE-2006-5332 CVE-2006-5333 CVE-2006-5334 CVE-2006-5335 CVE-2006-5336 CVE-2006-5339 CVE-2006-5340 CVE-2006-5341 CVE-2006-5342 CVE-2006-5343 CVE-2006-5344 CVE-2006-5345 CVE-2007-0272 CVE-2007-1442 CVE-2007-2113 CVE-2007-5506 SFBID20588 SFBID22083 SFBID23532 SFBID22905 |
Severity: Critical |
Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 10g. It is recommended to update to the latest versions or apply the latest patches. | ||||
Applies to: Oracle Database 10g |
Created: 2007-12-14 |
Updated: 2021-04-03 |
ID: CVE-2007-1680 |
Title: SANS07A1: Stack-based buffer overflow in Yahoo! Messenger before 20070313 |
Type: Software |
Bulletins:
CVE-2007-1680 SFBID23291 |
Severity: Critical |
Description: Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before March 13, 2007, allows remote attackers to execute arbitrary code via long socksHostname and hostname properties. | ||||
Applies to: |
Created: 2007-12-14 |
Updated: 2021-04-03 |
ID: CVE-2007-2418 |
Title: SANS07A1: Multiple buffer overflow vulnerabilities in Trillian earlier than 3.1.7.0 |
Type: Software |
Bulletins:
CVE-2007-2418 CVE-2007-2478 CVE-2007-3832 CVE-2007-3305 SFBID23781 SFBID23730 SFBID24927 SFBID24523 |
Severity: Critical |
Description: Multiple buffer overflow vulnerabilities exist in Cerulean Studios Trillian 3.x before 3.1.7.0, allowing remote attackers to execute arbitrary code. | ||||
Applies to: Cerulean Studios Trillian |
Created: 2007-12-14 |
Updated: 2021-04-03 |
ID: CVE-2007-0711 |
Title: SANS07C4: Multiple vulnerabilities in Apple Quicktime 7.2 and earlier |
Type: Software |
Bulletins:
CVE-2007-0711 CVE-2007-0712 CVE-2007-0714 CVE-2007-2295 CVE-2007-2296 CVE-2007-0754 CVE-2007-2389 CVE-2007-2393 CVE-2007-2394 CVE-2007-5045 CVE-2007-4673 SFBID24873 SFBID22827 SFBID22844 SFBID25913 SFBID23652 SFBID23923 SFBID23650 SFBID24222 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Apple Quicktime version 7.2 and earlier. These include possibility of information disclosure and code execution. | ||||
Applies to: Apple QuickTime |
Created: 2007-12-11 |
Updated: 2021-04-03 |
ID: CVE-2007-3457 |
Title: SANS07C4: Adobe Flash Player 8.0.34.0 and earlier vulnerable to CSRF attack |
Type: Software |
Bulletins:
CVE-2007-3457 |
Severity: Moderate |
Description: Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which potentially allows remote attackers to conduct a CSRF attack via a crafted SWF file. | ||||
Applies to: Adobe Flash Player |
Created: 2007-12-11 |
Updated: 2021-04-03 |
ID: CVE-2007-2497 |
Title: SANS07C4: Multiple Vulnerabilities in RealPlayer 10, 10.5 and 11 Beta |
Type: Software |
Bulletins:
CVE-2007-2497 CVE-2007-3410 CVE-2007-5601 SFBID23712 SFBID26130 |
Severity: Critical |
Description: Multiple vulnerabilities exist in RealPlayer versions 10.0, 10.5 and 11 Beta. These include remote execution of arbitrary code, and denial of service. | ||||
Applies to: RealPlayer |
Created: 2007-12-10 |
Updated: 2021-04-03 |
ID: CVE-2007-3752 |
Title: SANS07C4: Buffer overflow in Apple iTunes before 7.4 |
Type: Software |
Bulletins:
CVE-2007-3752 |
Severity: Critical |
Description: Buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a music file with crafted album cover art. | ||||
Applies to: Apple iTunes |
Created: 2007-12-10 |
Updated: 2021-04-03 |
ID: REF000642 |
Title: P2P installed: mldonkey installed |
Type: Software |
Bulletins: | Severity: Low |
Description: mlDonkey P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-10 |
Updated: 2010-08-21 |
ID: CVE-2007-0044 |
Title: SANS07C1: Multiple vulnerabilities in Adobe Reader earlier than 8.0.0 |
Type: Software |
Bulletins:
CVE-2007-0044 CVE-2007-0046 CVE-2007-0103 CVE-2007-0045 SFBID21858 SFBID21910 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Adobe Reader earlier than 8.0.0, some of which have unknown impact. Known vulnerabilities include denial of service and remote execution of arbitrary code. | ||||
Applies to: Adobe Reader |
Created: 2007-12-07 |
Updated: 2021-04-03 |
ID: REF000638 |
Title: P2P installed: xmule installed |
Type: Software |
Bulletins: | Severity: Low |
Description: xMule P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000636 |
Title: P2P installed: transmission installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Transmission P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000635 |
Title: P2P installed: rtorrent installed |
Type: Software |
Bulletins: | Severity: Low |
Description: rTorrent P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000634 |
Title: P2P installed: qtella installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Qtella P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000643 |
Title: P2P installed: napster installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Napster P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000646 |
Title: P2P installed: nap installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Nap P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000640 |
Title: P2P installed: mutella installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Mutella P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000645 |
Title: P2P installed: lopster instaled |
Type: Software |
Bulletins: | Severity: Low |
Description: Lopster P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000632 |
Title: P2P installed: ktorrent installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Ktorrent P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000633 |
Title: P2P installed: kommute installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Komute P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000641 |
Title: P2P installed: knapster installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Knapster P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000647 |
Title: P2P installed: gtk-gnutella installed |
Type: Software |
Bulletins: | Severity: Low |
Description: GTK-Gnutella P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000644 |
Title: P2P installed: gnut installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Gnut P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000631 |
Title: P2P installed: gnunet installed |
Type: Software |
Bulletins: | Severity: Low |
Description: GnuNet P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000630 |
Title: P2P installed: deluge installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Deluge P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000637 |
Title: P2P installed: dctc installed |
Type: Software |
Bulletins: | Severity: Low |
Description: DCtc P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000629 |
Title: P2P installed: ctorrent installed |
Type: Software |
Bulletins: | Severity: Low |
Description: cTorrent P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000628 |
Title: P2P installed: bittorrent installed |
Type: Software |
Bulletins: | Severity: Low |
Description: BitTorrent P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000627 |
Title: P2P installed: bittornado installed |
Type: Software |
Bulletins: | Severity: Low |
Description: BitTornado P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000649 |
Title: P2P installed: bitstormlite installed |
Type: Software |
Bulletins: | Severity: Low |
Description: BitStormLite P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000626 |
Title: P2P installed: azureus installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Azureus P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000639 |
Title: P2P installed: apollon installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Apollon P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000648 |
Title: P2P installed: amule installed |
Type: Software |
Bulletins: | Severity: Low |
Description: aMule P2P file sharing client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000624 |
Title: IM installed: ytalk installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Ytalk instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000621 |
Title: IM installed: yahoo messenger installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Yahoo Messenger instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000622 |
Title: IM installed: trebuchet installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Trebuchet instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000623 |
Title: IM installed: talk installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Talk instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000601 |
Title: IM installed: skype installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Skype instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000615 |
Title: IM installed: sircd installed |
Type: Software |
Bulletins: | Severity: Low |
Description: sIRCd instant messaging server installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000614 |
Title: IM installed: sim installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Sim instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000613 |
Title: IM installed: psi installed |
Type: Software |
Bulletins: | Severity: Low |
Description: PSI instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000612 |
Title: IM installed: pidgin installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Pidgin instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000611 |
Title: IM installed: micq installed |
Type: Software |
Bulletins: | Severity: Low |
Description: mICQ instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000610 |
Title: IM installed: lostirc installed |
Type: Software |
Bulletins: | Severity: Low |
Description: LostIRC instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000609 |
Title: IM installed: licq installed |
Type: Software |
Bulletins: | Severity: Low |
Description: LICQ instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000608 |
Title: IM installed: kxicq installed |
Type: Software |
Bulletins: | Severity: Low |
Description: KxICQ instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000620 |
Title: IM installed: kopete installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Kopete instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000616 |
Title: IM installed: kicq installed |
Type: Software |
Bulletins: | Severity: Low |
Description: KICQ instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000607 |
Title: IM installed: kadu installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Kadu instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000606 |
Title: IM installed: jabbin installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Jabin instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000605 |
Title: IM installed: jabber installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Jabber instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000604 |
Title: IM installed: gossip installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Gossip instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000603 |
Title: IM installed: gnu gadu installed |
Type: Software |
Bulletins: | Severity: Low |
Description: GNU Gadu instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000619 |
Title: IM installed: gaim installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Gaim instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000625 |
Title: IM installed: gabber installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Gabber instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000602 |
Title: IM installed: epic installed |
Type: Software |
Bulletins: | Severity: Low |
Description: Epic instant messaging client installed. | ||||
Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
ID: REF000663 |
Title: Config laptop: swap partition not encrypted |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: Computer was identified as a laptop. No encryption was detected on the swap partition. | ||||
Applies to: |
Created: 2007-12-05 |
Updated: 2010-08-21 |
ID: REF000665 |
Title: Config laptop: root partition not encypted |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: Computer was identified as a laptop. No encryption was detected on the root partition. | ||||
Applies to: |
Created: 2007-12-05 |
Updated: 2010-08-21 |
ID: REF000664 |
Title: Config laptop: home partition not encrypted |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: Computer was identified as a laptop. No encryption was detected on the home partition. | ||||
Applies to: |
Created: 2007-12-05 |
Updated: 2010-08-21 |
ID: CVE-2007-2867 |
Title: SANS07C3: Multiple Vulnerabilities in Mozilla Thunderbird 2.x earlier than 2.0.0.6 |
Type: |
Bulletins:
CVE-2007-2867 CVE-2007-3734 CVE-2007-3735 CVE-2007-3845 SFBID24242 SFBID24946 |
Severity: Critical |
Description: Mozilla Thunderbird 2.x versions earlier than 2.0.0.6 are vulnerable to remote denial of service attacks and remote execution of arbitrary commands. | ||||
Applies to: Mozilla Thunderbird |
Created: 2007-12-04 |
Updated: 2021-04-03 |
ID: CVE-2007-0777 |
Title: SANS07C3: Multiple Vulnerabilities in Mozilla Thunderbird 1.5.x earlier than 1.5.0.13 |
Type: |
Bulletins:
CVE-2007-0777 CVE-2007-2867 CVE-2007-3845 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 CVE-2006-6502 CVE-2007-1282 SFBID22694 SFBID24242 SFBID21668 SFBID20042 SFBID20957 SFBID22845 |
Severity: Critical |
Description: Mozilla Thunderbird 1.5.x versions earlier than 1.5.0.13 are vulnerable to remote denial of service attacks and remote execution of arbitrary commands. | ||||
Applies to: Mozilla Thunderbird |
Created: 2007-12-04 |
Updated: 2021-04-03 |
ID: CVE-2007-0981 |
Title: SANS07C1: Multiple Vulnerabilities in SeaMonkey earlier than 1.1.5 |
Type: Web |
Bulletins:
CVE-2007-0981 CVE-2007-1092 CVE-2007-5338 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 CVE-2006-6502 CVE-2006-6504 CVE-2007-0777 CVE-2007-0779 CVE-2007-1282 CVE-2007-2867 CVE-2007-3845 SFBID22694 SFBID22566 SFBID22679 SFBID24242 SFBID26132 SFBID24242 SFBID21668 SFBID22845 SFBID20957 SFBID20042 |
Severity: Critical |
Description: Multiple vulnerabilities exist in SeaMonkey versions earlier than 1.1.5. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements. | ||||
Applies to: SeaMonkey |
Created: 2007-12-04 |
Updated: 2021-04-03 |
ID: CVE-2007-0776 |
Title: SANS07C1: Multiple Vulnerabilities in Mozilla Firefox earlier than 2.0.0.8 |
Type: Web |
Bulletins:
CVE-2007-0776 CVE-2007-0777 CVE-2007-0779 CVE-2007-0981 CVE-2007-1092 CVE-2007-2292 CVE-2007-2867 CVE-2007-3734 CVE-2007-3735 CVE-2007-3737 CVE-2007-3738 CVE-2007-3845 CVE-2007-4841 CVE-2007-5338 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 SFBID26132 SFBID20957 SFBID20042 SFBID25543 SFBID22679 SFBID24946 SFBID24242 SFBID22694 SFBID23668 SFBID22566 SFBID21668 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Mozilla Firefox versions earlier than 2.0.0.8. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements. | ||||
Applies to: Mozilla Firefox |
Created: 2007-12-04 |
Updated: 2021-04-03 |
ID: REF000578 |
Title: Config yum-updatesd: auto-updating disabled |
Type: Services |
Bulletins: | Severity: Low |
Description: yum-updatesd auto-update is disabled. See /etc/yum/yum-updatesd.conf for details. | ||||
Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
ID: REF000580 |
Title: Config yum-updatesd: auto-resolving dependencies disabled |
Type: Services |
Bulletins: | Severity: Low |
Description: yum-updatesd auto-resolving of update dependencies is disabled. See /etc/yum/yum-updatesd.conf for details. | ||||
Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
ID: REF000579 |
Title: Config yum-updatesd: auto-downloading disabled |
Type: Services |
Bulletins: | Severity: Low |
Description: yum-updatesd update auto-downloading is disabled. See /etc/yum/yum-updatesd.conf for details. | ||||
Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
ID: REF000583 |
Title: Config apt: update notification disabled |
Type: Services |
Bulletins: | Severity: Low |
Description: apt-update notification is disabled. | ||||
Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
ID: REF000582 |
Title: Config apt: daily job disabled |
Type: Services |
Bulletins: | Severity: Low |
Description: apt daily update job is disabled, /etc/cron.daily/apt is missing. | ||||
Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
ID: REF000581 |
Title: Config apt: auto-updating package lists disabled |
Type: Services |
Bulletins: | Severity: Low |
Description: apt auto-updating package lists is disabled. See /etc/apt/apt.conf.d/10periodic and /etc/apt/apt.conf.d/15adept-periodic-update for details. | ||||
Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
ID: REF000577 |
Title: Config yum-updatesd: start on boot disabled |
Type: Services |
Bulletins: | Severity: Low |
Description: yum-updatesd is installed but not activated during init3 or init5 startup. See 'chkconfig --list' output for details. | ||||
Applies to: |
Created: 2007-12-03 |
Updated: 2010-08-21 |
ID: CVE-2007-5020 |
Title: APSB07-18: Adobe Acrobat mailto: vulnerability |
Type: Software |
Bulletins:
CVE-2007-5020 SFBID25748 |
Severity: Critical |
Description: Critical vulnerabilities have been identified in Adobe Reader and Acrobat that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. This issue only affects customers on Windows XP or Windows 2003 with Internet Explorer 7 installed. A malicious file must be loaded in Adobe Reader or Acrobat by the end user for an attacker to exploit these vulnerabilities. It is recommended that affected users update to Adobe Reader 8.1.1 or Acrobat 8.1.1. | ||||
Applies to: |
Created: 2007-10-30 |
Updated: 2021-04-03 |
ID: CVE-2007-5651 |
Title: Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and... |
Type: Hardware |
Bulletins:
CVE-2007-5651 SFBID26139 |
Severity: Critical |
Description: Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. | ||||
Applies to: |
Created: 2007-10-23 |
Updated: 2021-04-03 |
ID: CVE-2007-5549 |
Title: Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as... |
Type: Hardware |
Bulletins:
CVE-2007-5549 |
Severity: Low |
Description: Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: |
Created: 2007-10-18 |
Updated: 2021-04-03 |
ID: CVE-2007-5550 |
Title: Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no... |
Type: Hardware |
Bulletins:
CVE-2007-5550 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: |
Created: 2007-10-18 |
Updated: 2021-04-03 |
ID: CVE-2007-5551 |
Title: Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information.... |
Type: Hardware |
Bulletins:
CVE-2007-5551 |
Severity: Critical |
Description: Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: |
Created: 2007-10-18 |
Updated: 2021-04-03 |
ID: CVE-2007-5548 |
Title: Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory... |
Type: Hardware |
Bulletins:
CVE-2007-5548 |
Severity: Moderate |
Description: Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: |
Created: 2007-10-18 |
Updated: 2021-04-03 |
ID: CVE-2007-5552 |
Title: Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known... |
Type: Hardware |
Bulletins:
CVE-2007-5552 |
Severity: Critical |
Description: Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: |
Created: 2007-10-18 |
Updated: 2021-04-03 |
ID: CVE-2007-5547 |
Title: Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague... |
Type: Hardware |
Bulletins:
CVE-2007-5547 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
Applies to: |
Created: 2007-10-18 |
Updated: 2021-04-03 |
ID: CVE-2007-5569 |
Title: Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120. |
Type: Hardware |
Bulletins:
CVE-2007-5569 SFBID26104 |
Severity: Critical |
Description: Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120. | ||||
Applies to: |
Created: 2007-10-18 |
Updated: 2021-04-03 |
ID: CVE-2007-5537 |
Title: Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers... |
Type: Hardware |
Bulletins:
CVE-2007-5537 SFBID26105 |
Severity: Critical |
Description: Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-10-17 |
Updated: 2021-04-03 |
ID: CVE-2007-5538 |
Title: Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2007-5538 SFBID26105 |
Severity: Critical |
Description: Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-10-17 |
Updated: 2021-04-03 |
ID: CVE-2007-5468 |
Title: Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof... |
Type: Hardware |
Bulletins:
CVE-2007-5468 SFBID26057 |
Severity: Moderate |
Description: Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack"). | ||||
Applies to: Cisco Call Manager |
Created: 2007-10-15 |
Updated: 2021-04-03 |
ID: CVE-2007-5381 |
Title: Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message... |
Type: Hardware |
Bulletins:
CVE-2007-5381 SFBID26001 |
Severity: Critical |
Description: Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515. | ||||
Applies to: |
Created: 2007-10-11 |
Updated: 2021-04-03 |
ID: CVE-2007-4634 |
Title: Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands... |
Type: Hardware |
Bulletins:
CVE-2007-4634 SFBID25480 |
Severity: Critical |
Description: Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. | ||||
Applies to: Cisco Call Manager Unified Communications Manager |
Created: 2007-08-31 |
Updated: 2021-04-03 |
ID: CVE-2007-4633 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web... |
Type: Hardware |
Bulletins:
CVE-2007-4633 SFBID25480 |
Severity: Moderate |
Description: Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728. | ||||
Applies to: Cisco Call Manager Unified Communications Manager |
Created: 2007-08-31 |
Updated: 2021-04-03 |
ID: CVE-2007-4632 |
Title: Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass... |
Type: Hardware |
Bulletins:
CVE-2007-4632 SFBID25482 |
Severity: Moderate |
Description: Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105. | ||||
Applies to: |
Created: 2007-08-31 |
Updated: 2021-04-03 |
ID: CVE-2007-4430 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE:... |
Type: Hardware |
Bulletins:
CVE-2007-4430 SFBID25352 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. | ||||
Applies to: |
Created: 2007-08-20 |
Updated: 2021-04-03 |
ID: CVE-2007-4294 |
Title: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. |
Type: Hardware |
Bulletins:
CVE-2007-4294 SFBID25239 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. | ||||
Applies to: Unified Communications Manager |
Created: 2007-08-09 |
Updated: 2021-04-03 |
ID: CVE-2007-4285 |
Title: Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or... |
Type: Hardware |
Bulletins:
CVE-2007-4285 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. | ||||
Applies to: |
Created: 2007-08-09 |
Updated: 2021-04-03 |
ID: CVE-2007-4295 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. |
Type: Hardware |
Bulletins:
CVE-2007-4295 SFBID25239 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. | ||||
Applies to: |
Created: 2007-08-09 |
Updated: 2021-04-03 |
ID: CVE-2007-4292 |
Title: Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007,... |
Type: Hardware |
Bulletins:
CVE-2007-4292 SFBID25239 |
Severity: Critical |
Description: Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249. | ||||
Applies to: |
Created: 2007-08-09 |
Updated: 2021-04-03 |
ID: CVE-2007-4291 |
Title: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with... |
Type: Hardware |
Bulletins:
CVE-2007-4291 SFBID25239 |
Severity: Critical |
Description: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. | ||||
Applies to: |
Created: 2007-08-09 |
Updated: 2021-04-03 |
ID: CVE-2007-4293 |
Title: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. |
Type: Hardware |
Bulletins:
CVE-2007-4293 SFBID25239 |
Severity: Critical |
Description: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. | ||||
Applies to: |
Created: 2007-08-09 |
Updated: 2021-04-03 |
ID: CVE-2007-4286 |
Title: Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. |
Type: Hardware |
Bulletins:
CVE-2007-4286 SFBID25238 |
Severity: Critical |
Description: Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. | ||||
Applies to: |
Created: 2007-08-09 |
Updated: 2021-04-03 |
ID: CVE-2007-4263 |
Title: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2007-4263 SFBID25240 |
Severity: Critical |
Description: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. | ||||
Applies to: |
Created: 2007-08-08 |
Updated: 2021-04-03 |
ID: CVE-2007-4011 |
Title: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or... |
Type: Hardware |
Bulletins:
CVE-2007-4011 SFBID25043 |
Severity: Critical |
Description: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841. | ||||
Applies to: |
Created: 2007-07-25 |
Updated: 2021-04-03 |
ID: CVE-2007-4012 |
Title: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a... |
Type: Hardware |
Bulletins:
CVE-2007-4012 SFBID25043 |
Severity: Critical |
Description: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client context", aka CSCsj50374. | ||||
Applies to: |
Created: 2007-07-25 |
Updated: 2021-04-03 |
ID: CVE-2007-3944 |
Title: Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute... |
Type: Mobile Devices |
Bulletins:
CVE-2007-3944 SFBID25002 |
Severity: Critical |
Description: Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier. | ||||
Applies to: |
Created: 2007-07-23 |
Updated: 2021-04-03 |
ID: CVE-2007-3775 |
Title: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1)... |
Type: Hardware |
Bulletins:
CVE-2007-3775 SFBID24867 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985. | ||||
Applies to: Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2021-04-03 |
ID: CVE-2006-5277 |
Title: Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that... |
Type: Hardware |
Bulletins:
CVE-2006-5277 SFBID24868 |
Severity: Critical |
Description: Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2021-04-03 |
ID: CVE-2006-5278 |
Title: Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets,... |
Type: Hardware |
Bulletins:
CVE-2006-5278 SFBID24868 |
Severity: Critical |
Description: Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. | ||||
Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2021-04-03 |
ID: CVE-2007-3776 |
Title: Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings,... |
Type: Hardware |
Bulletins:
CVE-2007-3776 SFBID24867 |
Severity: Moderate |
Description: Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962. | ||||
Applies to: Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2021-04-03 |
ID: MITRE:1670 |
Title: oval:org.mitre.oval:def:1670: CAPICOM.Certificates Vulnerability |
Type: Software |
Bulletins:
MITRE:1670 CVE-2007-0940 |
Severity: Critical |
Description: Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability." | ||||
Applies to: Microsoft Capicom |
Created: 2007-07-10 |
Updated: 2021-04-03 |
ID: CVE-2007-3574 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3)... |
Type: Hardware |
Bulletins:
CVE-2007-3574 SFBID24682 |
Severity: Moderate |
Description: Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter. | ||||
Applies to: wag54gs |
Created: 2007-07-05 |
Updated: 2021-04-03 |
ID: CVE-2007-3348 |
Title: The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message. |
Type: Hardware |
Bulletins:
CVE-2007-3348 SFBID24538 |
Severity: Critical |
Description: The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message. | ||||
Applies to: DPH-540 DPH-541 |
Created: 2007-06-22 |
Updated: 2021-04-03 |
ID: CVE-2007-3347 |
Title: The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID. |
Type: Hardware |
Bulletins:
CVE-2007-3347 SFBID24560 |
Severity: Critical |
Description: The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID. | ||||
Applies to: DPH-540 DPH-541 |
Created: 2007-06-22 |
Updated: 2021-04-03 |
ID: MITRE:2001 |
Title: oval:org.mitre.oval:def:2001: CMS Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:2001 CVE-2007-0938 |
Severity: Critical |
Description: Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability." | ||||
Applies to: Microsoft Content Management Server 2001 Microsoft Content Management Server 2002 |
Created: 2007-05-23 |
Updated: 2021-04-03 |
ID: MITRE:1575 |
Title: oval:org.mitre.oval:def:1575: CMS Cross-Site Scripting and Spoofing Vulnerability |
Type: Software |
Bulletins:
MITRE:1575 CVE-2007-0939 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability." | ||||
Applies to: Microsoft Content Management Server 2001 Microsoft Content Management Server 2002 |
Created: 2007-05-23 |
Updated: 2021-04-03 |
ID: CVE-2007-2832 |
Title: Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via... |
Type: Hardware |
Bulletins:
CVE-2007-2832 SFBID24119 |
Severity: Moderate |
Description: Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors. | ||||
Applies to: Cisco Call Manager |
Created: 2007-05-23 |
Updated: 2021-04-03 |
ID: CVE-2007-2813 |
Title: Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. |
Type: Hardware |
Bulletins:
CVE-2007-2813 SFBID24097 |
Severity: Critical |
Description: Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. | ||||
Applies to: |
Created: 2007-05-22 |
Updated: 2021-04-03 |
ID: CVE-2007-2734 |
Title: The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. |
Type: Hardware |
Bulletins:
CVE-2007-2734 |
Severity: Critical |
Description: The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. | ||||
Applies to: TippingPoint 200 TippingPoint 2000E TippingPoint 2400E TippingPoint 50 TippingPoint 5000E TippingPoint 600E |
Created: 2007-05-16 |
Updated: 2021-04-03 |
ID: CVE-2007-2688 |
Title: The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. |
Type: Hardware |
Bulletins:
CVE-2007-2688 SFBID23980 |
Severity: Critical |
Description: The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. | ||||
Applies to: |
Created: 2007-05-15 |
Updated: 2021-04-03 |
ID: REF000467 |
Title: AutoRun is enabled |
Type: Miscellaneous |
Bulletins: | Severity: High |
Description: Microsoft Windows supports automatic execution in CD/DVD drives and other removable media. This poses a security risk in the case where a CD or removable disk containing malware that automatically installs itself once the disc is inserted. It is recommended to disable AutoRun both for CD/DVD drives and also for other removable drives. | ||||
Applies to: |
Created: 2007-05-10 |
Updated: 2010-09-20 |
ID: CVE-2007-2587 |
Title: The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). |
Type: Hardware |
Bulletins:
CVE-2007-2587 SFBID23885 |
Severity: Moderate |
Description: The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). | ||||
Applies to: |
Created: 2007-05-09 |
Updated: 2021-04-03 |
ID: CVE-2007-2586 |
Title: The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that... |
Type: Hardware |
Bulletins:
CVE-2007-2586 SFBID23885 |
Severity: Critical |
Description: The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. | ||||
Applies to: |
Created: 2007-05-09 |
Updated: 2021-04-03 |
ID: CVE-2007-2502 |
Title: Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015. |
Type: Hardware |
Bulletins:
CVE-2007-2502 SFBID23791 |
Severity: Critical |
Description: Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015. | ||||
Applies to: Procurve Switch 9300m |
Created: 2007-05-03 |
Updated: 2021-04-03 |
ID: CVE-2007-2462 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via... |
Type: Hardware |
Bulletins:
CVE-2007-2462 SFBID23768 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. | ||||
Applies to: |
Created: 2007-05-02 |
Updated: 2021-04-03 |
ID: CVE-2007-2463 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination... |
Type: Hardware |
Bulletins:
CVE-2007-2463 SFBID23768 |
Severity: Critical |
Description: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. | ||||
Applies to: |
Created: 2007-05-02 |
Updated: 2021-04-03 |
ID: CVE-2007-2461 |
Title: The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP... |
Type: Hardware |
Bulletins:
CVE-2007-2461 SFBID23763 |
Severity: Critical |
Description: The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used. | ||||
Applies to: |
Created: 2007-05-02 |
Updated: 2021-04-03 |
ID: CVE-2007-2464 |
Title: Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." |
Type: Hardware |
Bulletins:
CVE-2007-2464 SFBID23768 |
Severity: Critical |
Description: Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." | ||||
Applies to: |
Created: 2007-05-02 |
Updated: 2021-04-03 |
ID: CVE-2007-2332 |
Title: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store. |
Type: Hardware |
Bulletins:
CVE-2007-2332 SFBID23562 |
Severity: Critical |
Description: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store. | ||||
Applies to: Contivity 1740 VPN Router Contivity1010 Contivity1050 Contivity1100 Contivity1700 Contivity1750 Contivity2700 Contivity5000 |
Created: 2007-04-27 |
Updated: 2021-04-03 |
ID: CVE-2007-2333 |
Title: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow... |
Type: Hardware |
Bulletins:
CVE-2007-2333 SFBID23562 |
Severity: Critical |
Description: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network. | ||||
Applies to: Contivity1000 Contivity2000 Contivity4000 Contivity5000 |
Created: 2007-04-27 |
Updated: 2021-04-03 |
ID: CVE-2007-2334 |
Title: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration... |
Type: Hardware |
Bulletins:
CVE-2007-2334 SFBID23562 |
Severity: Critical |
Description: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests. | ||||
Applies to: Contivity1000 Contivity2000 Contivity4000 Contivity5000 |
Created: 2007-04-27 |
Updated: 2021-04-03 |
ID: CVE-2007-2036 |
Title: The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID... |
Type: Hardware |
Bulletins:
CVE-2007-2036 SFBID23461 |
Severity: Critical |
Description: The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384. | ||||
Applies to: |
Created: 2007-04-16 |
Updated: 2021-04-03 |
ID: CVE-2007-2038 |
Title: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1)... |
Type: Hardware |
Bulletins:
CVE-2007-2038 SFBID23461 |
Severity: Moderate |
Description: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug ID CSCsg36361. | ||||
Applies to: Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 Cisco WLC 4400 |
Created: 2007-04-16 |
Updated: 2021-04-03 |
ID: CVE-2007-2039 |
Title: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1)... |
Type: Hardware |
Bulletins:
CVE-2007-2039 SFBID23461 |
Severity: Moderate |
Description: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841. | ||||
Applies to: |
Created: 2007-04-16 |
Updated: 2021-04-03 |
ID: CVE-2007-2041 |
Title: Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug... |
Type: Hardware |
Bulletins:
CVE-2007-2041 SFBID23461 |
Severity: Moderate |
Description: Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195. | ||||
Applies to: Cisco WLC 2100 Cisco WLC 4400 |
Created: 2007-04-16 |
Updated: 2021-04-03 |
ID: CVE-2007-2037 |
Title: Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic. |
Type: Hardware |
Bulletins:
CVE-2007-2037 SFBID23461 |
Severity: Low |
Description: Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic. | ||||
Applies to: |
Created: 2007-04-16 |
Updated: 2021-04-03 |
ID: CVE-2007-2040 |
Title: Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192. |
Type: Hardware |
Bulletins:
CVE-2007-2040 SFBID23461 |
Severity: Moderate |
Description: Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192. | ||||
Applies to: |
Created: 2007-04-16 |
Updated: 2021-04-03 |
ID: MITRE:746 |
Title: oval:org.mitre.oval:def:746: Word Malformed Data Structures Vulnerability |
Type: Software |
Bulletins:
MITRE:746 CVE-2006-6456 |
Severity: Critical |
Description: Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994. | ||||
Applies to: Microsoft Word |
Created: 2007-04-10 |
Updated: 2021-04-03 |
ID: MITRE:257 |
Title: oval:org.mitre.oval:def:257: COM Object Instantiation Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:257 CVE-2007-0219 |
Severity: Critical |
Description: Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697. | ||||
Applies to: Microsoft Internet Explorer 5 Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 |
Created: 2007-04-10 |
Updated: 2021-04-03 |
ID: MITRE:1141 |
Title: oval:org.mitre.oval:def:1141: FTP Server Response Parsing Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:1141 CVE-2007-0217 |
Severity: Critical |
Description: The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2007-04-10 |
Updated: 2021-04-03 |
ID: MITRE:1120 |
Title: oval:org.mitre.oval:def:1120: COM Object Instantiation Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:1120 CVE-2006-4697 |
Severity: Critical |
Description: Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2007-04-10 |
Updated: 2021-04-03 |
ID: CVE-2007-1826 |
Title: Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster... |
Type: Hardware |
Bulletins:
CVE-2007-1826 SFBID23181 |
Severity: Critical |
Description: Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949. | ||||
Applies to: Unified Callmanager |
Created: 2007-04-02 |
Updated: 2021-04-03 |
ID: CVE-2007-1833 |
Title: The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of... |
Type: Hardware |
Bulletins:
CVE-2007-1833 SFBID23181 |
Severity: Moderate |
Description: The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port. | ||||
Applies to: Unified Callmanager |
Created: 2007-04-02 |
Updated: 2021-04-03 |
ID: CVE-2007-1834 |
Title: Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698. |
Type: Hardware |
Bulletins:
CVE-2007-1834 SFBID23181 |
Severity: Critical |
Description: Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698. | ||||
Applies to: Unified Callmanager |
Created: 2007-04-02 |
Updated: 2021-04-03 |
ID: CVE-2007-1585 |
Title: The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE:... |
Type: Hardware |
Bulletins:
CVE-2007-1585 SFBID23063 |
Severity: Moderate |
Description: The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE: some of these details are obtained from third party information. | ||||
Applies to: wag200g wrt54gc |
Created: 2007-03-21 |
Updated: 2021-04-03 |
ID: CVE-2007-1467 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace... |
Type: Hardware |
Bulletins:
CVE-2007-1467 SFBID22982 |
Severity: Low |
Description: Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form. | ||||
Applies to: Cisco Call Manager |
Created: 2007-03-16 |
Updated: 2021-04-03 |
ID: CVE-2007-1258 |
Title: Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a... |
Type: Hardware |
Bulletins:
CVE-2007-1258 |
Severity: Moderate |
Description: Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. | ||||
Applies to: Cisco Catalyst 6000 Cisco Catalyst 6500 Series Switches Cisco Catalyst 7600 |
Created: 2007-03-03 |
Updated: 2021-04-03 |
ID: REF000466 |
Title: P2P Software: SoulSeek Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: SoulSeek |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: REF000465 |
Title: P2P Software: Shareaza Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: Shareaza |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: REF000464 |
Title: P2P Software: Kazaa Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: Kazaa |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: REF000463 |
Title: P2P Software: IMESH Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: IMesh |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: REF000462 |
Title: P2P Software: eMule Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: REF000461 |
Title: P2P Software: eDonkey 2000 Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: eDonkey 2000 |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: REF000460 |
Title: P2P Software: DC++ Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: DC++ |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: REF000459 |
Title: P2P Software: BitTorrent Installed |
Type: Software |
Bulletins: | Severity: Low |
Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
Applies to: BitTorrent |
Created: 2007-03-02 |
Updated: 2010-08-21 |
ID: MITRE:761 |
Title: oval:org.mitre.oval:def:761: Script Error Handling Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:761 CVE-2006-5579 |
Severity: Critical |
Description: Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability." | ||||
Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2021-04-03 |
ID: MITRE:669 |
Title: oval:org.mitre.oval:def:669: Windows Media Format ASX Parsing Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:669 CVE-2006-6134 |
Severity: Critical |
Description: Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file. | ||||
Applies to: Windows Media Format Runtime 7.1 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2007-02-20 |
Updated: 2021-04-03 |
ID: MITRE:536 |
Title: oval:org.mitre.oval:def:536: Windows Media Format ASF Parsing Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:536 CVE-2006-4702 |
Severity: Moderate |
Description: Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | ||||
Applies to: Windows Media Format Runtime 7.1 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Player 6.4 |
Created: 2007-02-20 |
Updated: 2021-04-03 |
ID: MITRE:337 |
Title: oval:org.mitre.oval:def:337: TIF Folder Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:337 CVE-2006-5578 |
Severity: Low |
Description: Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2021-04-03 |
ID: MITRE:313 |
Title: oval:org.mitre.oval:def:313: TIF Folder Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:313 CVE-2006-5577 |
Severity: Moderate |
Description: Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2021-04-03 |
ID: MITRE:116 |
Title: oval:org.mitre.oval:def:116: DHTML Script Function Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:116 CVE-2006-5581 |
Severity: Critical |
Description: Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability." | ||||
Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2021-04-03 |
ID: REF000454 |
Title: Config shadow: incorrect file premissions |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: the shadow file has incorrect permissions. Consider setting the permissions to '400' or '-r--------' and owner/group to '0:0'. | ||||
Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
ID: REF000458 |
Title: Config passwd: incorrect file permissions |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: the passwd file has incorrect permissions. Consider setting the permissions to '644' or '-rw-r--r--' and owner/group to '0:0'. | ||||
Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
ID: REF000456 |
Title: Config LILO: no password configured |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: lilo boot manager has no password set. Consider configuring a password to avoid overriding the boot settings. | ||||
Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
ID: REF000457 |
Title: Config INIT: pasword-less single user mode |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: | ||||
Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
ID: REF000455 |
Title: Config GRUB: no password configured |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: grub boot manager has no password set. Consider configuring a password to avoid overriding the boot settings. | ||||
Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
ID: REF000451 |
Title: Config PAM: password strenght checking not configured |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: pluggable authentication modules pam_cracklib.so password strenght checking not configured. | ||||
Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
ID: REF000450 |
Title: Config PAM: minimum password lenght less than 6 |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: pluggable authentication modules pam_unix.so or pam_cracklib.so minimum password lenght is less than 6. Consider increasing the minimum password lenght. | ||||
Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
ID: REF000452 |
Title: Config PAM: empty passwords enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: pluggable authentication modules pam_unix.so empty passwords enabled. Consider removing 'nullok' form the pam_unix.so config line in /etc/pam.d/common-password. | ||||
Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
ID: REF000453 |
Title: Config PAM: difference between paswords less than 6 |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: pluggable authentication modules pam_cracklib.so minimum required difference between passwords is less than 6 characters. Consider increasing this value. | ||||
Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
ID: REF000431 |
Title: Config GDM: remote root login enabled |
Type: Services |
Bulletins: | Severity: Low |
Description: GDM login manager remote root login enabled. If you don't need this feature, set 'AllowRemoteRoot=false'. | ||||
Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
ID: REF000449 |
Title: Config GDM: remote logins enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: GDM login manager remote logins enabled. If you don't need this feature, set 'Enable=false' in /etc/X11/gdm/gfm.conf. | ||||
Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
ID: REF000448 |
Title: Config GDM: remote autologin enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: GDM login manager remote autologin enabled. If you don't need this feature, set 'AllowRemoteAutoLogin=false'. | ||||
Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
ID: REF000403 |
Title: Config VSFTPd: upload enabled |
Type: FTP |
Bulletins: | Severity: Low |
Description: VSFTPd upload enabled. If you don't need this feature, set 'write_enable=NO'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000404 |
Title: Config VSFTPd: anonymous upload enabled |
Type: FTP |
Bulletins: | Severity: Low |
Description: VSFTPd anonymous upload enabled. If you don't need this feature, set 'anon_upload_enable=NO'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000402 |
Title: Config VSFTPd: anonymous login enabled |
Type: FTP |
Bulletins: | Severity: Low |
Description: VSFTPd anonymous login enabled. If you don't need this feature, set 'anonymous_enable=NO'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000428 |
Title: Config SSHd: using default port |
Type: Services |
Bulletins: | Severity: Low |
Description: SSH service is running on the default port 22. Consider changing the port to avoid automated attacks. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000429 |
Title: Config SSHd: protocol 1 enabled |
Type: Services |
Bulletins: | Severity: Low |
Description: SSH protocol 1 enabled. If you don't need this functionality, set 'Protocol 2'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000427 |
Title: Config SSHd: .rhosts and .shosts enabled |
Type: Services |
Bulletins: | Severity: Low |
Description: use of .rhost and .shost files is enabled. If you don't need this functionality, set 'IgnoreRhosts yes'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000430 |
Title: Config SSH: protocol 1 enabled |
Type: Services |
Bulletins: | Severity: Low |
Description: SSH protocol 1 enabled. If you don't need this functionality, set 'Protocol 2'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000437 |
Title: Config shadow: weak encryption detected |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: Some or all of the passwords in /etc/shadow are not encrypted using SHA-256/512 or stronger encryption Algorithms | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2016-07-21 |
ID: REF000447 |
Title: Config passwd: no shadow file detected |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: shadow file not found. Consider configuring a shadow file for password storage. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000446 |
Title: Config passwd: multiple root accounts |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: file /etc/passwd contains user with ID:0 other than root. Make sure this is a legal account. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000442 |
Title: Config KDM: shutdown by everybody enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: KDM login manager allows shutdown to everybody. If you don't need this functionality, set 'AllowShutdown=None'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000441 |
Title: Config KDM: root login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: KDM login manager root login enabled. If you don't need this functionality, set 'AllowRootLogin=false'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000439 |
Title: Config KDM: password-less login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: KDM login manager password-less login enabled. If you don't need this functionality, set 'NoPassEnabled=false'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000440 |
Title: Config KDM: empty password login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: KDM login manager empty password login enabled. If you don't need this functionality, set 'AllowNullPasswd=false'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000438 |
Title: Config KDM: autologin enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: KDM login manager autologin enabled. If you don't need this functionality, set 'AutoLoginEnabled=false'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000445 |
Title: Config GDM: shutdown by everbody enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: GDM login manager allows shutdown to everybody. If you don't need this feature, set 'SystemMenu=false'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000444 |
Title: Config GDM: root login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: GDM login manager root login enabled. If you don't need this feature, set 'AllowRoot=false'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: REF000443 |
Title: Config GDM: autologin enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: GDM login manager autologin enabled. If you don't need this feature, set 'AutomaticLoginEnable=false'. | ||||
Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
ID: CVE-2007-0917 |
Title: The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. |
Type: Hardware |
Bulletins:
CVE-2007-0917 SFBID22549 |
Severity: Moderate |
Description: The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. | ||||
Applies to: |
Created: 2007-02-13 |
Updated: 2021-04-03 |
ID: CVE-2007-0918 |
Title: The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations... |
Type: Hardware |
Bulletins:
CVE-2007-0918 SFBID22549 |
Severity: Critical |
Description: The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. | ||||
Applies to: |
Created: 2007-02-13 |
Updated: 2021-04-03 |
ID: REF000383 |
Title: GFI EndPointSecurity Report |
Type: Services |
Bulletins: | Severity: High |
Description: This check generates a report regarding the status of GFI EndPointSecurity and EndPointSecurity Agent. This report is created on the GFI LANguard Network Security Scanner directory on Data\Reports\ESEC-Network-Report.csv. EndPointSecurity controls entry and exit of data via USB sticks, iPods, PDAs and other devices. For more information, visit http://www.gfi.com/endpointsecurity | ||||
Applies to: GFI EndPointSecurity |
Created: 2007-02-13 |
Updated: 2010-08-21 |
ID: REF000382 |
Title: GFI EndPointSecurity agent missing |
Type: Services |
Bulletins: | Severity: High |
Description: The GFI EndPointSecurity agent is not installed on this machine. EndPointSecurity controls entry and exit of data via USB sticks, iPods, PDAs and other devices. For more information, visit http://www.gfi.com/endpointsecurity | ||||
Applies to: GFI EndPointSecurity |
Created: 2007-02-13 |
Updated: 2010-08-21 |
ID: CVE-2006-1249 |
Title: SANS06C5: Multiple iTunes and QuickTime for Mac Vulnerabilities |
Type: Software |
Bulletins:
CVE-2006-1249 CVE-2005-4092 CVE-2005-3713 CVE-2006-2238 CVE-2006-1456 CVE-2005-3711 CVE-2005-3710 CVE-2005-3709 CVE-2005-3708 CVE-2005-3707 CVE-2005-2340 CVE-2005-2743 SFBID17074 SFBID15732 SFBID17953 SFBID16202 |
Severity: Critical |
Description: Multiple vulnerabilities exist in QuickTime Player versions before 7.0.4, and in iTunes 6.0.2 and earlier. These include integer overflow, and heap-based buffer overflows. It is recommended to update to the latest versions of these products. | ||||
Applies to: iTunes and QuickTime |
Created: 2007-02-12 |
Updated: 2021-04-03 |
ID: CVE-2006-5084 |
Title: SANS06C4: Skype for Mac 1.5.*.79 and earlier vulnerable to DoS or remote code execution. |
Type: Software |
Bulletins:
CVE-2006-5084 SFBID20218 |
Severity: Critical |
Description: In some circumstances, a Skype URL can be crafted that, if followed, could cause the execution of arbitrary code on the platform on which Skype is running. It is recommended to update to Skype version 1.5.*.80 or later. | ||||
Applies to: Skype |
Created: 2007-02-12 |
Updated: 2021-04-03 |
ID: CVE-2006-3505 |
Title: SANS06M1: WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
Type: Web |
Bulletins:
CVE-2006-3505 SFBID19289 |
Severity: Critical |
Description: A maliciously-crafted HTML document could cause a previously deallocated object to be accessed. This may lead to an application crash or arbitrary code execution. It is recommended to install Apple Security Update 2006-004 or update to the latest Mac OS X version. More information regarding this update may be obtained from http://docs.info.apple.com/article.html?artnum=304063 | ||||
Applies to: WebKit |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-3946 |
Title: SANS06M1: WebCore in Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to cause a denial of service |
Type: Web |
Bulletins:
CVE-2006-3946 SFBID19250 |
Severity: Critical |
Description: A memory management error in WebKit's handling of certain HTML could allow a malicious web site to cause a crash or potentially execute arbitrary code as the user viewing the site. It is recommended to update to Mac OS X version 10.4.8 or later. | ||||
Applies to: WebCore |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-3946 |
Title: SANS06M1: WebCore in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
Type: Web |
Bulletins:
CVE-2006-3946 SFBID19250 |
Severity: Critical |
Description: A memory management error in WebKit's handling of certain HTML could allow a malicious web site to cause a crash or potentially execute arbitrary code as the user viewing the site. It is recommended to install Apple Security Update 2006-006. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=304460 | ||||
Applies to: WebCore |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-0848 |
Title: SANS06M1: Vulnerability in Safari and LaunchServices can lead to remote code exencution. |
Type: Web |
Bulletins:
CVE-2006-0848 |
Severity: Moderate |
Description: It is possible to construct a file which appears to be a safe file type, such as an image or movie, but is actually an application. When the "Open `safe' files after downloading" option is enabled in Safari's General preferences, visiting a malicious web site may result in the automatic download and execution of such a file. A proof-of-concept has been detected on public web sites that demonstrates the automatic execution of shell scripts. It is recommended to install Apple Security Update 2006-001 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=303382 | ||||
Applies to: LaunchServices |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-4394 |
Title: SANS06M1: Vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIDs to bypass service access controls. |
Type: Software |
Bulletins:
CVE-2006-4394 SFBID20271 |
Severity: Critical |
Description: Service access controls can be used to restrict which users are allowed to log in to a system via loginwindow. A logic error in loginwindow allows network accounts without GUIDs to bypass service access controls. This issue only affects systems that have been configured to use service access controls for loginwindow and to allow network accounts to authenticate users without a GUID. It is recommended to update to Mac OS X version 10.4.8 or later. | ||||
Applies to: LoginWindow |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-0397 |
Title: SANS06M1: Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 |
Type: Web |
Bulletins:
CVE-2006-0397 CVE-2006-0398 CVE-2006-0399 |
Severity: Critical |
Description: Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. It is recommended to install Apple Security Update 2006-002 or update to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=303453 | ||||
Applies to: Safari |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2005-2516 |
Title: SANS06M1: Safari in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary commands. |
Type: Web |
Bulletins:
CVE-2005-2516 |
Severity: Critical |
Description: Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands. It is recommended to install Apple Security Update 2005-007 or update to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=302163 | ||||
Applies to: Safari |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-1450 |
Title: SANS06M1: Multiple vulnerabilities in Mail in Apple Mac OS X 10.3.9 and 10.4.6 |
Type: |
Bulletins:
CVE-2006-1450 CVE-2006-1449 SFBID17951 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Mail in Apple Mac OS X 10.3.9 and 10.4.6 which can allow execution of arbitrary code. It is recommended to install Security Update 2006-003 or the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=303737. | ||||
Applies to: |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2005-3705 |
Title: SANS06M1: Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, allows remote attackers to execute arbitrary code. |
Type: Web |
Bulletins:
CVE-2005-3705 SFBID15647 |
Severity: Critical |
Description: WebKit contains a heap overflow that may lead to the execution of arbitrary code. This may be triggered by content downloaded from malicious web sites in applications that use WebKit such as Safari. It is recommended to install Apple Security Update 2005-009 or update to the latest Mac OS X version. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=302847 | ||||
Applies to: Safari |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-3498 |
Title: SANS06M1: Buffer overflow in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 and earlier |
Type: Services |
Bulletins:
CVE-2006-3498 SFBID19289 |
Severity: Critical |
Description: Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 and earlier allows remote attackers to execute arbitrary code via a crafted BOOTP request. It is recommended to install Apple Security Update 2006-004 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=304063 | ||||
Applies to: Mac OS X |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2005-2518 |
Title: SANS06M1: Buffer overflow in servermgrd in Mac OS X Server 10.4.2 and earlier |
Type: Software |
Bulletins:
CVE-2005-2518 |
Severity: Critical |
Description: A buffer overflow in the handling of authentication can lead to arbitrary code execution by a remote attacker. This vulnerability is present in Mac OS X Server 10.4 to 10.4.2. It is recommended to install Apple Security Update 2005-007 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=302163 | ||||
Applies to: servermgrd |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-1987 |
Title: SANS06M1: Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag. |
Type: Web |
Bulletins:
CVE-2006-1987 SFBID17634 |
Severity: Critical |
Description: Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. It is recommended to update Safari by installing Apple Security Update 2006-004 or updating to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=304063 | ||||
Applies to: Safari |
Created: 2007-02-09 |
Updated: 2021-04-03 |
ID: CVE-2006-1469 |
Title: SANS06M1: Multiple Vulnerabilities in ImageIO |
Type: Software |
Bulletins:
CVE-2006-1469 CVE-2006-1982 CVE-2005-2747 SFBID18731 SFBID17634 SFBID17951 SFBID14914 |
Severity: Critical |
Description: Multiple vulnerabilities exist in ImageIO in Mac OS X versions 10.4 to 10.4.6. It is recommended to update to version 10.4.7 or later immediately. | ||||
Applies to: Mac OS X |
Created: 2007-02-08 |
Updated: 2021-04-03 |
ID: CVE-2006-0384 |
Title: SANS06M1: automount in Mac OS X 10.4.5 and earlier vulnerable to denial of service or execution of arbitrary code. |
Type: Software |
Bulletins:
CVE-2006-0384 SFBID16907 |
Severity: Critical |
Description: File servers on the local network may be able to cause Mac OS X systems to mount file systems with reserved names. This could cause the systems to become unresponsive, or possibly allow arbitrary code delivered from the file servers to run on the target system. It is recommended to install Security Update 2006-001 or update to the latest Mac OS X version. | ||||
Applies to: automount |
Created: 2007-02-08 |
Updated: 2021-04-03 |
ID: CVE-2006-3507 |
Title: SANS06M1: Multiple vulnerabilities in AirPort wireless driver |
Type: Software |
Bulletins:
CVE-2006-3507 CVE-2006-3508 CVE-2006-3509 SFBID20144 |
Severity: Critical |
Description: Multiple vulnerabilities exist in AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 and earlier. It is recommended to install AirPort Update 2006-001 and Security Update 2006-005 on this machine or update to the latest Mac OS X version. More information about these updates can be obtained from http://docs.info.apple.com/article.html?artnum=304420 | ||||
Applies to: Mac OS X |
Created: 2007-02-07 |
Updated: 2021-04-03 |
ID: REF000409 |
Title: Config SSHd: X11 forwarding enabled |
Type: Services |
Bulletins: | Severity: Low |
Description: X11 forwarding over ssh is enabled. If you don't need this functionality, set 'X11Forwarding no'. | ||||
Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
ID: REF000408 |
Title: Config SSHd: root login permited |
Type: Services |
Bulletins: | Severity: Low |
Description: root SSH logins are permitted. If you don't need this functionality, set 'PermitRootLogin no'. | ||||
Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
ID: REF000410 |
Title: Config SSHd: empty passwords permited |
Type: Services |
Bulletins: | Severity: Low |
Description: SSH logins with empty passwords are permitted. If you don't need this functionality, set 'PermitEmptyPasswords no'. | ||||
Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
ID: REF000436 |
Title: Config shadow: empty password detected |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: password file /etc/shadow contains an empty password | ||||
Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
ID: REF000412 |
Title: Config SElinux: not in strict mode |
Type: Services |
Bulletins: | Severity: Low |
Description: SElinux is in targeted mode. Consider switching to strict mode. | ||||
Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
ID: REF000411 |
Title: Config SElinux: not in enforcing mode |
Type: Services |
Bulletins: | Severity: Low |
Description: SElinux is disabled or in permissive mode. Consider switching to enforcing mode. | ||||
Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
ID: REF000407 |
Title: Service running: SSH |
Type: Services |
Bulletins: | Severity: Low |
Description: If this computer is not administered via secure shell, the SSH service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-02-06 |
Updated: 2010-08-21 |
ID: REF000433 |
Title: Config BIND: allow-update not specified |
Type: DNS |
Bulletins: | Severity: Low |
Description: allow-update keyword specifies who can do zone updates on this dns server. | ||||
Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
ID: REF000434 |
Title: Config BIND: allow-transfer not specified |
Type: DNS |
Bulletins: | Severity: Low |
Description: allow-transfer keyword specifies who can do zone transfers from this dns server. | ||||
Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
ID: REF000435 |
Title: Config BIND: allow-recursion not specified |
Type: DNS |
Bulletins: | Severity: Low |
Description: allow-recursion keyword specifies who can do recursive queries on this dns server. The dns recursive queries are available to everyone by default. It's recomended to restrict access if this is not a public dns server. | ||||
Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
ID: REF000432 |
Title: Config BIND: allow-query not specified |
Type: DNS |
Bulletins: | Severity: Low |
Description: allow-recursion keyword specifies who can do queries on this dns server. The dns service is available to everyone by default. It's recomended to restrict access if this is not an authoritative dns server. | ||||
Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
ID: REF000415 |
Title: Service running: Telnet |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a Telnet server, this service is most likely unnecessary. Telnet is an obsolete and insecure service, use SSH instead. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000422 |
Title: Service running: SWAT |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a SAMBA file server, this service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000416 |
Title: Service running: SMTP |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a SMTP mail server, the SMTP service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000425 |
Title: Service running: SAMBA SMB |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a SAMBA file server, the SMB service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000426 |
Title: Service running: SAMBA NMB |
Type: Services |
Bulletins: | Severity: Low |
Description: | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000424 |
Title: Service running: PostgeSQL |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a database server, the PostgreSQL service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000420 |
Title: Service running: POP3 |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a POP mail server, the POP3 service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000423 |
Title: Service running: MySQL |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a database server, the MySQL service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000421 |
Title: Service running: IMAP4 |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not an IMAP mail server, the IMAP4 service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000419 |
Title: Service running: HTTPS |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a secure web server, the HTTPS service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000406 |
Title: Service running: HTTP |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not an web server, the HTTP service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000414 |
Title: Service running: FTP |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a FTP server, the FTP service is most likely unnecessary. FTP is very problematic and insecure service, use HTTP, HTTPS or SFTP instead. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000413 |
Title: Service running: Finger |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not an Finger server, this service is most likely unnecessary. Finger is an obsolete and insecure service, use LDAP directory services instead. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000417 |
Title: Service running: DNS |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a internet domain name server, the DNS service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: REF000418 |
Title: Service running: CUPS |
Type: Services |
Bulletins: | Severity: Low |
Description: If this is not a CUPS print server, the CUPS server service is most likely unnecessary. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
ID: CVE-2007-0648 |
Title: Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. |
Type: Hardware |
Bulletins:
CVE-2007-0648 SFBID22330 |
Severity: Critical |
Description: Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. | ||||
Applies to: |
Created: 2007-01-31 |
Updated: 2021-04-03 |
ID: CVE-2007-0199 |
Title: The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." |
Type: Hardware |
Bulletins:
CVE-2007-0199 SFBID21990 |
Severity: Moderate |
Description: The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." | ||||
Applies to: |
Created: 2007-01-11 |
Updated: 2021-04-03 |
ID: CVE-2006-2313 |
Title: SANS06C2: PostgreSQL 8.1 SQL injection vulnerability |
Type: Services |
Bulletins:
CVE-2006-2313 CVE-2006-2313 SFBID18092 |
Severity: Critical |
Description: PostgreSQL 8.1.x before 8.1.4 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection." | ||||
Applies to: |
Created: 2006-12-20 |
Updated: 2021-04-03 |
ID: CVE-2006-6538 |
Title: D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the... |
Type: Hardware |
Bulletins:
CVE-2006-6538 |
Severity: Critical |
Description: D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link. | ||||
Applies to: DWL-2000AP |
Created: 2006-12-13 |
Updated: 2021-04-03 |
ID: CVE-2006-2753 |
Title: SANS06C2: SQL Injection vulnerability in MySQL 5.0.x |
Type: Services |
Bulletins:
CVE-2006-2753 SFBID18219 |
Severity: Critical |
Description: SQL injection vulnerability in MySQL 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. | ||||
Applies to: MySQL 5 |
Created: 2006-12-12 |
Updated: 2021-04-03 |
ID: CVE-2006-2753 |
Title: SANS06C2: SQL Injection vulnerability in MySQL 4.1.x |
Type: Services |
Bulletins:
CVE-2006-2753 SFBID18219 |
Severity: Critical |
Description: SQL injection vulnerability in MySQL 4.1.x before 4.1.20 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. | ||||
Applies to: MySQL 4.1 |
Created: 2006-12-12 |
Updated: 2021-04-03 |
ID: CVE-2006-2313 |
Title: SANS06C2: PostgreSQL 8.0 SQL injection vulnerability |
Type: Services |
Bulletins:
CVE-2006-2313 CVE-2006-2313 SFBID18092 |
Severity: Critical |
Description: PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection." | ||||
Applies to: |
Created: 2006-12-12 |
Updated: 2021-04-03 |
ID: CVE-2006-2313 |
Title: SANC06C2: PostgreSQL 8.0 SQL injection vulnerability |
Type: Services |
Bulletins:
CVE-2006-2313 CVE-2006-2313 SFBID18092 |
Severity: Critical |
Description: PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection." | ||||
Applies to: |
Created: 2006-12-12 |
Updated: 2021-04-03 |
ID: CVE-2005-3641 |
Title: SANS06C2: Multiple vulnerabilities in Oracle Database 9i |
Type: Services |
Bulletins:
CVE-2005-3641 CVE-2006-0256 CVE-2006-0257 CVE-2006-0258 CVE-2006-0260 CVE-2006-0261 CVE-2006-0262 CVE-2006-0263 CVE-2006-0265 CVE-2006-0266 CVE-2006-0267 CVE-2006-0268 CVE-2006-0271 CVE-2006-0272 CVE-2006-0282 CVE-2006-0290 CVE-2006-0286 CVE-2006-0285 SFBID15450 SFBID16287 SFBID17590 |
Severity: Critical |
Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 9i. It is recommended to update to the latest versions or apply the latest patches. | ||||
Applies to: Oracle Database 9 |
Created: 2006-12-11 |
Updated: 2021-04-03 |
ID: CVE-2005-3641 |
Title: SANS06C2: Multiple vulnerabilities in Oracle Database 10g |
Type: Services |
Bulletins:
CVE-2005-3641 CVE-2005-3641 CVE-2006-0257 CVE-2006-0259 CVE-2006-0259 CVE-2006-0261 CVE-2006-0262 CVE-2006-0263 CVE-2006-0265 CVE-2006-0266 CVE-2006-0267 CVE-2006-0268 CVE-2006-0269 CVE-2006-0270 CVE-2006-0271 CVE-2006-0271 CVE-2006-0272 CVE-2006-0282 SFBID15450 SFBID16287 SFBID16384 SFBID17590 SFBID16294 SFBID19054 |
Severity: Critical |
Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 10g. It is recommended to update to the latest versions or apply the latest patches. | ||||
Applies to: Oracle Database 10 |
Created: 2006-12-06 |
Updated: 2021-04-03 |
ID: CVE-2006-5478 |
Title: SANS07S6: Multiple vulnerabilities in Novell eDirectory 8.x |
Type: Software |
Bulletins:
CVE-2006-5478 CVE-2006-4509 CVE-2006-4510 CVE-2006-4177 CVE-2006-2496 SFBID20655 SFBID20853 SFBID20663 SFBID20664 SFBID18026 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8. These include overflow attacks that allow remote code execution and denial of service. | ||||
Applies to: |
Created: 2006-12-04 |
Updated: 2021-04-03 |
ID: CVE-2006-0992 |
Title: SANS07S6: Stack-based buffer overflow in Novell GroupWise Messenger |
Type: Software |
Bulletins:
CVE-2006-0992 SFBID17503 |
Severity: Critical |
Description: Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. | ||||
Applies to: |
Created: 2006-12-01 |
Updated: 2021-04-03 |
ID: CVE-2005-1928 |
Title: SANS07C6: Multiple vulnerabilities in Trend Micro ServerProtect EarthAgent 5.58 and earlier |
Type: Software |
Bulletins:
CVE-2005-1928 CVE-2005-1929 SFBID15865 SFBID15866 SFBID15868 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Trend Micro ServerProtect EarthAgent versions 5.58 and earlier. These include multiple heap-based buffer overflows and denial of service. | ||||
Applies to: Trend Micro ServerProtect |
Created: 2006-11-30 |
Updated: 2021-04-03 |
ID: CVE-2006-0323 |
Title: SANS06C5: Buffer overflow in swfformat.dll in Real Rhapsody 3 |
Type: Software |
Bulletins:
CVE-2006-0323 SFBID17202 |
Severity: Critical |
Description: Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including Rhapsody 3 allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a a size value that is less than the actual size, or (2) other unspecified manipulations. | ||||
Applies to: RealNetworks Rhapsody |
Created: 2006-11-30 |
Updated: 2021-04-03 |
ID: CVE-2005-2628 |
Title: SANS06C5: Multiple vulnerabilities in Macromedia Flash |
Type: Software |
Bulletins:
CVE-2005-2628 CVE-2005-3591 SFBID15332 SFBID15334 |
Severity: Critical |
Description: Multiple vulnerabilities exist in Macromedia Flash versions 7.0.19.0 and earlier. These include denial of service and remote execution. | ||||
Applies to: |
Created: 2006-11-28 |
Updated: 2021-04-03 |
ID: CVE-2006-1370 |
Title: SANS06C5: Multiple Vulnerabilities in RealPlayer |
Type: Software |
Bulletins:
CVE-2006-1370 CVE-2005-2922 CVE-2005-4126 CVE-2005-3677 CVE-2005-2936 SFBID17202 SFBID15691 SFBID15398 SFBID15448 |
Severity: Critical |
Description: Multiple vulnerabilities exist in RealNetworks RealPlayer in versions 10.5 6.0.12.1348 and earlier. These include buffer overflows, and possibility of remote code execution and denial of service. It is suggested to update to the latest version. | ||||
Applies to: RealNetworks RealPlayer |
Created: 2006-11-27 |
Updated: 2021-04-03 |
ID: CVE-2006-1249 |
Title: SANS06C5: Multiple iTunes and QuickTime Vulnerabilities |
Type: Software |
Bulletins:
CVE-2006-1249 CVE-2005-4092 CVE-2005-3713 CVE-2006-2238 CVE-2006-1456 CVE-2005-3711 CVE-2005-3710 CVE-2005-3709 CVE-2005-3708 CVE-2005-3707 CVE-2005-2340 CVE-2005-2743 SFBID17074 SFBID15732 SFBID17953 SFBID16202 |
Severity: Critical |
Description: Multiple vulnerabilities exist in QuickTime Player versions before 7.0.4, and in iTunes 6.0.2 and earlier. These include integer overflow, and heap-based buffer overflows. It is recommended to update to the latest versions of these products. | ||||
Applies to: iTunes and QuickTime |
Created: 2006-11-27 |
Updated: 2021-04-03 |
ID: CVE-2005-2310 |
Title: SANS06C5: Multiple buffer overflows in NullSoft Winamp 5.13 and earlier |
Type: Software |
Bulletins:
CVE-2005-2310 CVE-2005-3188 CVE-2005-3188 SFBID16623 SFBID16462 SFBID14276 |
Severity: Critical |
Description: Multiple buffer overflow vulnerabilities exist in Winamp 5.13 and earlier which allow remote code execution. It is recommended to update to the latest version. | ||||
Applies to: Nullsoft Winamp |
Created: 2006-11-27 |
Updated: 2021-04-03 |
ID: CVE-2006-6055 |
Title: Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE). |
Type: Hardware |
Bulletins:
CVE-2006-6055 SFBID21032 |
Severity: Critical |
Description: Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE). | ||||
Applies to: DWL-G132 |
Created: 2006-11-21 |
Updated: 2021-04-03 |
ID: SFBID715 |
Title: Sendmail 8-8-4 |
Type: |
Bulletins:
SFBID715 |
Severity: High |
Description: Berkeley Sendmail is prone to a group permissions vulnerability. When delivering mail to a program which is listed in a .forward or :include: file, this program will be run the group permissions possessed by the owner of the .forward or :include: file. The owner of the file is used to initialize the list of group permissions obtained by scanning the /etc/group file, that are in force when the program is run. In such an environment it is possible to attain group permissions one should not have by linking to a file that is owned by someone else who has group write permissions. In order to solve such a problem one should upgrade to at least version 8.8.4 of sendmail or else install a vendor supplied patch. | ||||
Applies to: Sendmail |
Created: 2006-11-10 |
Updated: 2010-08-21 |
ID: MITRE:100 |
Title: oval:org.mitre.oval:def:100: VML Buffer Overrun Vulnerability |
Type: Web |
Bulletins:
MITRE:100 CVE-2006-4868 |
Severity: Critical |
Description: Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-31 |
Updated: 2021-04-03 |
ID: CVE-2006-5537 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection... |
Type: Hardware |
Bulletins:
CVE-2006-5537 |
Severity: Moderate |
Description: Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection parameters. | ||||
Applies to: DSL-G624T |
Created: 2006-10-26 |
Updated: 2021-04-03 |
ID: CVE-2006-5536 |
Title: Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter. |
Type: Hardware |
Bulletins:
CVE-2006-5536 SFBID20689 |
Severity: Moderate |
Description: Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter. | ||||
Applies to: DSL-G624T |
Created: 2006-10-26 |
Updated: 2021-04-03 |
ID: CVE-2006-5538 |
Title: D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request. |
Type: Hardware |
Bulletins:
CVE-2006-5538 |
Severity: Moderate |
Description: D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request. | ||||
Applies to: DSL-G624T |
Created: 2006-10-26 |
Updated: 2021-04-03 |
ID: CVE-2006-5553 |
Title: Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan... |
Type: Hardware |
Bulletins:
CVE-2006-5553 SFBID20737 |
Severity: Critical |
Description: Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options. | ||||
Applies to: Unified Callmanager |
Created: 2006-10-26 |
Updated: 2021-04-03 |
ID: CVE-2006-5382 |
Title: 3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that... |
Type: Hardware |
Bulletins:
CVE-2006-5382 SFBID20736 |
Severity: Critical |
Description: 3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned. | ||||
Applies to: 3Com SS3-4400-24PWR |
Created: 2006-10-25 |
Updated: 2021-04-03 |
ID: MITRE:783 |
Title: oval:org.mitre.oval:def:783: Windows Server 2003 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:783 CVE-2005-1983 |
Severity: Critical |
Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:618 |
Title: oval:org.mitre.oval:def:618: Windows XP,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:618 CVE-2005-1218 |
Severity: Moderate |
Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:609 |
Title: oval:org.mitre.oval:def:609: Windows Server 2003 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:609 CVE-2005-1218 |
Severity: Moderate |
Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:497 |
Title: oval:org.mitre.oval:def:497: Windows XP,SP2 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:497 CVE-2005-1983 |
Severity: Critical |
Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:474 |
Title: oval:org.mitre.oval:def:474: Windows 2000 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:474 CVE-2005-1983 |
Severity: Critical |
Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:376 |
Title: oval:org.mitre.oval:def:376: Windows XP,SP2 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:376 CVE-2005-1218 |
Severity: Moderate |
Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:346 |
Title: oval:org.mitre.oval:def:346: Windows Server 2003,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:346 CVE-2005-1218 |
Severity: Moderate |
Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:267 |
Title: oval:org.mitre.oval:def:267: Windows XP Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:267 CVE-2005-1983 |
Severity: Critical |
Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:256 |
Title: oval:org.mitre.oval:def:256: Windows XP,SP2 Print Spooler Service Buffer Overflow |
Type: Miscellaneous |
Bulletins:
MITRE:256 CVE-2005-1984 |
Severity: Critical |
Description: Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:180 |
Title: oval:org.mitre.oval:def:180: Windows 2000,SP4 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:180 CVE-2005-1218 |
Severity: Moderate |
Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: MITRE:160 |
Title: oval:org.mitre.oval:def:160: Windows Server 2003 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:160 CVE-2005-1983 |
Severity: Critical |
Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
Applies to: |
Created: 2006-10-24 |
Updated: 2021-04-03 |
ID: REF000190 |
Title: Webmin running |
Type: Information |
Bulletins: | Severity: Information |
Description: Webmin installed and running on this computer (port 10000) | ||||
Applies to: Webmin |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000197 |
Title: VNC server listening on port 5901 |
Type: Information |
Bulletins: | Severity: Information |
Description: The remote server is running VNC. VNC permits a console to be displayed remotely and should be disabled if not required. VNC can be blocked using a firewall or simply by stopping the VNC service. | ||||
Applies to: VNC |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000245 |
Title: Upnp helper is running |
Type: Miscellaneous |
Bulletins: | Severity: Low |
Description: This service is not recommended to be running production machines. | ||||
Applies to: UPnP |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000188 |
Title: Sub7 server passworded |
Type: Information |
Bulletins: | Severity: Information |
Description: Verify if the Sub7 server is passworded or not | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000185 |
Title: Squid running |
Type: Information |
Bulletins: | Severity: Information |
Description: Squid Web Proxy Cache is running on this computer. | ||||
Applies to: Squid |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000196 |
Title: Some POP3 server banners providing information to attacker |
Type: Information |
Bulletins: | Severity: Information |
Description: The script displays the information provided by the POP3 server. This information could help an attacker choose the best attack vector for the server. | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000252 |
Title: Sasser worm |
Type: Miscellaneous |
Bulletins: | Severity: High |
Description: Sasser worm leaves a backdoor on port 5554 which allows transfer of files. Make sure you run an Antivirus on the infected computer. | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000182 |
Title: Oracle HTTP Server running |
Type: Information |
Bulletins: | Severity: Information |
Description: Oracle HTTP server running on this computer. | ||||
Applies to: Oracle |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000181 |
Title: MySQL (open source database) running |
Type: Information |
Bulletins: | Severity: Information |
Description: MySQL is running on this computer. | ||||
Applies to: MySQL |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000180 |
Title: Microsoft SQL server |
Type: Information |
Bulletins: | Severity: Information |
Description: Microsoft SQL server is installed on this computer. | ||||
Applies to: Microsoft SQL |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000192 |
Title: List of modems installed |
Type: Information |
Bulletins: | Severity: Information |
Description: lists the installed modem drivers | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000195 |
Title: IMAP4 server banner provides information to attacker |
Type: Information |
Bulletins: | Severity: Information |
Description: Imap banners with information such as server versions and types should be omitted where possible. Instead you can change them to something more generic that will hide such information from potential intruders. | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000161 |
Title: Ftp Exposing Full Path |
Type: FTP |
Bulletins: | Severity: Medium |
Description: Anonymous FTP is exposing full path. This might give out sensitive information or mean that the ftp server is misconfigured. | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000194 |
Title: Finger service running |
Type: Information |
Bulletins: | Severity: Information |
Description: Using a finger server a remote user can get a wide range of information regarding users on the local machine. | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000193 |
Title: Citrix server running on this host |
Type: Information |
Bulletins: | Severity: Information |
Description: For information only | ||||
Applies to: Citrix |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000240 |
Title: BugBear-B backdoor |
Type: Miscellaneous |
Bulletins: | Severity: High |
Description: BugBear.B (worm) leaves a backdoor which allows hackers remote access to your computer. | ||||
Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: REF000177 |
Title: Apache Tomcat running |
Type: Information |
Bulletins: | Severity: Information |
Description: Apache Tomcat running on port 8080 | ||||
Applies to: Apache Tomcat |
Created: 2006-10-17 |
Updated: 2010-08-21 |
ID: MITRE:738 |
Title: oval:org.mitre.oval:def:738: Redirect Cross-Domain Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:738 CVE-2006-3280 |
Severity: Critical |
Description: Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability." | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:719 |
Title: oval:org.mitre.oval:def:719: COM Object Instantiation Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:719 CVE-2006-3638 |
Severity: Critical |
Description: Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability." | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:694 |
Title: oval:org.mitre.oval:def:694: Visual Basic for Applications Vulnerability |
Type: Software |
Bulletins:
MITRE:694 CVE-2006-3649 |
Severity: Moderate |
Description: Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute arbitrary code via unspecified document properties that are not verified when VBA is invoked to open documents. | ||||
Applies to: Microsoft Visual Basic 6.0 |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:5 |
Title: oval:org.mitre.oval:def:5: CSS Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:5 CVE-2006-3451 |
Severity: Critical |
Description: Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:577 |
Title: oval:org.mitre.oval:def:577: Source Element Cross-Domain Vulnerability |
Type: Web |
Bulletins:
MITRE:577 CVE-2006-3639 |
Severity: Critical |
Description: Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability." | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:502 |
Title: oval:org.mitre.oval:def:502: HTML Rendering Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:502 CVE-2006-3637 |
Severity: Moderate |
Description: Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:462 |
Title: oval:org.mitre.oval:def:462: FTP Server Command Injection Vulnerability |
Type: Web |
Bulletins:
MITRE:462 CVE-2004-1166 |
Severity: Critical |
Description: CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:433 |
Title: oval:org.mitre.oval:def:433: HTML Layout and Positioning Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:433 CVE-2006-3450 |
Severity: Critical |
Description: Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file. | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: MITRE:171 |
Title: oval:org.mitre.oval:def:171: Window Location Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:171 CVE-2006-3640 |
Severity: Moderate |
Description: Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability." | ||||
Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2021-04-03 |
ID: CVE-2006-5202 |
Title: Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout... |
Type: Hardware |
Bulletins:
CVE-2006-5202 SFBID19347 |
Severity: Moderate |
Description: Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559. | ||||
Applies to: wrt54g |
Created: 2006-10-10 |
Updated: 2021-04-03 |
ID: MITRE:1987 |
Title: oval:org.mitre.oval:def:1987: Remote Code Execution Vulnerability in Flash Player 6 and 7 |
Type: Web |
Bulletins:
MITRE:1987 CVE-2005-2628 |
Severity: Moderate |
Description: Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer. | ||||
Applies to: Adobe Flash Player |
Created: 2006-10-07 |
Updated: 2021-04-03 |
ID: MITRE:1922 |
Title: oval:org.mitre.oval:def:1922: Remote Code Execution Vulnerability in Flash Player 8 |
Type: Web |
Bulletins:
MITRE:1922 CVE-2006-0024 |
Severity: Moderate |
Description: Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. | ||||
Applies to: Adobe Flash Player |
Created: 2006-10-07 |
Updated: 2021-04-03 |
ID: CVE-2006-4950 |
Title: Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting... |
Type: Hardware |
Bulletins:
CVE-2006-4950 SFBID20125 |
Severity: Critical |
Description: Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. | ||||
Applies to: |
Created: 2006-09-23 |
Updated: 2021-04-03 |
ID: CVE-2006-4775 |
Title: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a... |
Type: Hardware |
Bulletins:
CVE-2006-4775 SFBID19998 |
Severity: Critical |
Description: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. | ||||
Applies to: |
Created: 2006-09-13 |
Updated: 2021-04-03 |
ID: CVE-2006-4774 |
Title: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. |
Type: Hardware |
Bulletins:
CVE-2006-4774 SFBID19998 |
Severity: Critical |
Description: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | ||||
Applies to: |
Created: 2006-09-13 |
Updated: 2021-04-03 |
ID: CVE-2006-4776 |
Title: Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement. |
Type: Hardware |
Bulletins:
CVE-2006-4776 SFBID19998 |
Severity: Critical |
Description: Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement. | ||||
Applies to: |
Created: 2006-09-13 |
Updated: 2021-04-03 |
ID: CVE-2006-4662 |
Title: SANS06C4: ICQ 2003b Buffer Overflow |
Type: Software |
Bulletins:
CVE-2006-4662 SFBID19897 |
Severity: Critical |
Description: Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. | ||||
Applies to: AOL ICQ |
Created: 2006-09-12 |
Updated: 2021-04-03 |
ID: CVE-2006-4650 |
Title: Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect... |
Type: Hardware |
Bulletins:
CVE-2006-4650 SFBID19878 |
Severity: Low |
Description: Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs. | ||||
Applies to: |
Created: 2006-09-08 |
Updated: 2021-04-03 |
ID: CVE-2006-4352 |
Title: The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2006-4352 |
Severity: Moderate |
Description: The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | ||||
Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2006-08-25 |
Updated: 2021-04-03 |
ID: CVE-2006-2113 |
Title: The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not... |
Type: Hardware |
Bulletins:
CVE-2006-2113 SFBID19716 |
Severity: Moderate |
Description: The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server. | ||||
Applies to: Laser Printer 3100cn Laser Printer 5100cn |
Created: 2006-08-24 |
Updated: 2021-04-03 |
ID: CVE-2006-2112 |
Title: Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP... |
Type: Hardware |
Bulletins:
CVE-2006-2112 SFBID19711 |
Severity: Critical |
Description: Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted. | ||||
Applies to: Laser Printer 3100cn Laser Printer 5100cn |
Created: 2006-08-24 |
Updated: 2021-04-03 |
ID: CVE-2006-4312 |
Title: Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user... |
Type: Hardware |
Bulletins:
CVE-2006-4312 SFBID19681 |
Severity: Moderate |
Description: Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access. | ||||
Applies to: |
Created: 2006-08-23 |
Updated: 2021-04-03 |
ID: CVE-2006-4143 |
Title: Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. |
Type: Hardware |
Bulletins:
CVE-2006-4143 SFBID19468 |
Severity: Critical |
Description: Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. | ||||
Applies to: FVG318 Router |
Created: 2006-08-14 |
Updated: 2021-04-03 |
ID: CVE-2006-4015 |
Title: Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2006-4015 SFBID19310 |
Severity: Moderate |
Description: Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors. | ||||
Applies to: ProCurve Switch 3500yl Procurve Switch 5400zl Procurve Switch 6200yl |
Created: 2006-08-07 |
Updated: 2021-04-03 |
ID: CVE-2006-3906 |
Title: Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the... |
Type: Hardware |
Bulletins:
CVE-2006-3906 SFBID19176 |
Severity: Moderate |
Description: Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. | ||||
Applies to: Cisco PIX 501 Firewall Cisco PIX 506 Firewall Cisco PIX 515 Firewall Cisco PIX 515E Firewall Cisco PIX 520 Firewall Cisco PIX 525 Firewall Cisco PIX 535 Firewall |
Created: 2006-07-27 |
Updated: 2021-04-03 |
ID: CVE-2006-3687 |
Title: Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows... |
Type: Hardware |
Bulletins:
CVE-2006-3687 SFBID19006 |
Severity: Critical |
Description: Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900. | ||||
Applies to: DI-524 DI-604 DI-624 DI-784 EBR-2310 WBR-1310 WBR-2310 |
Created: 2006-07-21 |
Updated: 2021-04-03 |
ID: CVE-2006-3592 |
Title: Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI... |
Type: Hardware |
Bulletins:
CVE-2006-3592 SFBID18952 |
Severity: Moderate |
Description: Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005. | ||||
Applies to: Unified Callmanager |
Created: 2006-07-18 |
Updated: 2021-04-03 |
ID: CVE-2006-3593 |
Title: The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704. |
Type: Hardware |
Bulletins:
CVE-2006-3593 SFBID18952 |
Severity: Moderate |
Description: The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704. | ||||
Applies to: Unified Callmanager |
Created: 2006-07-18 |
Updated: 2021-04-03 |
ID: CVE-2006-3594 |
Title: Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. |
Type: Hardware |
Bulletins:
CVE-2006-3594 SFBID18952 |
Severity: Critical |
Description: Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. | ||||
Applies to: Unified Callmanager |
Created: 2006-07-18 |
Updated: 2021-04-03 |
ID: CVE-2006-3529 |
Title: Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed. |
Type: Hardware |
Bulletins:
CVE-2006-3529 SFBID18930 |
Severity: Moderate |
Description: Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed. | ||||
Applies to: |
Created: 2006-07-11 |
Updated: 2021-04-03 |
ID: CVE-2006-3291 |
Title: The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all... |
Type: Hardware |
Bulletins:
CVE-2006-3291 SFBID18704 |
Severity: Critical |
Description: The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system. | ||||
Applies to: |
Created: 2006-06-28 |
Updated: 2021-04-03 |
ID: CVE-2006-3109 |
Title: Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in... |
Type: Hardware |
Bulletin |