LanGuard reports



Supported OVAL Bulletins


More information on 2020 updates



ID:
MITRE:12240
Title:
oval:org.mitre.oval:def:12240: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:12240
CVE-2010-3572
Severity:
Critical
Description:
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12226
Title:
oval:org.mitre.oval:def:12226: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions
Type:
Software
Bulletins:
MITRE:12226
CVE-2010-3569
Severity:
Critical
Description:
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12225
Title:
oval:org.mitre.oval:def:12225: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions
Type:
Software
Bulletins:
MITRE:12225
CVE-2010-3566
Severity:
Critical
Description:
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12200
Title:
oval:org.mitre.oval:def:12200: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions
Type:
Software
Bulletins:
MITRE:12200
CVE-2010-3561
Severity:
Critical
Description:
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12189
Title:
oval:org.mitre.oval:def:12189: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:12189
CVE-2010-3554
Severity:
Critical
Description:
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects."
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12181
Title:
oval:org.mitre.oval:def:12181: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions
Type:
Software
Bulletins:
MITRE:12181
CVE-2010-3563
Severity:
Critical
Description:
Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12180
Title:
oval:org.mitre.oval:def:12180: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions
Type:
Software
Bulletins:
MITRE:12180
CVE-2010-3565
Severity:
Critical
Description:
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12177
Title:
oval:org.mitre.oval:def:12177: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:12177
CVE-2010-3571
Severity:
Critical
Description:
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12173
Title:
oval:org.mitre.oval:def:12173: Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 and earlier versions
Type:
Software
Bulletins:
MITRE:12173
CVE-2010-3570
Severity:
Critical
Description:
Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12029
Title:
oval:org.mitre.oval:def:12029: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions
Type:
Software
Bulletins:
MITRE:12029
CVE-2010-3568
Severity:
Critical
Description:
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12005
Title:
oval:org.mitre.oval:def:12005: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions
Type:
Software
Bulletins:
MITRE:12005
CVE-2010-3560
Severity:
Low
Description:
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12004
Title:
oval:org.mitre.oval:def:12004: Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions
Type:
Software
Bulletins:
MITRE:12004
CVE-2010-3552
Severity:
Critical
Description:
Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11990
Title:
oval:org.mitre.oval:def:11990: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and earlier versions
Type:
Software
Bulletins:
MITRE:11990
CVE-2010-3573
Severity:
Moderate
Description:
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11893
Title:
oval:org.mitre.oval:def:11893: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:11893
CVE-2010-3562
Severity:
Critical
Description:
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11880
Title:
oval:org.mitre.oval:def:11880: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:11880
CVE-2010-3559
Severity:
Critical
Description:
Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11871
Title:
oval:org.mitre.oval:def:11871: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions
Type:
Software
Bulletins:
MITRE:11871
CVE-2010-3558
Severity:
Critical
Description:
Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11815
Title:
oval:org.mitre.oval:def:11815: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:11815
CVE-2010-3556
Severity:
Critical
Description:
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11798
Title:
oval:org.mitre.oval:def:11798: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:11798
CVE-2010-3553
Severity:
Critical
Description:
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11714
Title:
oval:org.mitre.oval:def:11714: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 and earlier versions
Type:
Software
Bulletins:
MITRE:11714
CVE-2010-3567
Severity:
Critical
Description:
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11619
Title:
oval:org.mitre.oval:def:11619: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions
Type:
Software
Bulletins:
MITRE:11619
CVE-2010-3550
Severity:
Critical
Description:
Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11330
Title:
oval:org.mitre.oval:def:11330: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions
Type:
Software
Bulletins:
MITRE:11330
CVE-2010-3551
Severity:
Moderate
Description:
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11320
Title:
oval:org.mitre.oval:def:11320: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions
Type:
Software
Bulletins:
MITRE:11320
CVE-2010-3555
Severity:
Critical
Description:
Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that the ActiveX Plugin does not properly initialize an object field that is used as a window handle, which allows attackers to execute arbitrary code.
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:11268
Title:
oval:org.mitre.oval:def:11268: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions
Type:
Software
Bulletins:
MITRE:11268
CVE-2010-3557
Severity:
Moderate
Description:
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static."
Applies to:
Oracle Java SE
Created:
2010-12-27
Updated:
2020-10-10

ID:
MITRE:12219
Title:
oval:org.mitre.oval:def:12219: Untrusted search path vulnerability in Microsoft Office PowerPoint 2007
Type:
Software
Bulletins:
MITRE:12219
CVE-2010-3142
Severity:
Critical
Description:
Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file.
Applies to:
Microsoft Office PowerPoint 2007
Created:
2010-12-20
Updated:
2020-10-10

ID:
CVE-2010-4012
Title:
Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button.
Type:
Mobile Devices
Bulletins:
CVE-2010-4012
Severity:
Moderate
Description:
Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button.
Applies to:
Created:
2010-12-08
Updated:
2020-10-10

ID:
MITRE:7360
Title:
oval:org.mitre.oval:def:7360: Vulnerability in offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software
Type:
Software
Bulletins:
MITRE:7360
CVE-2010-3741
Severity:
Moderate
Description:
The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack.
Applies to:
BlackBerry Desktop Software
Created:
2010-12-06
Updated:
2020-10-10

ID:
MITRE:6843
Title:
oval:org.mitre.oval:def:6843: Untrusted search path vulnerability in BlackBerry Desktop Software version less than 6.0.0.47
Type:
Software
Bulletins:
MITRE:6843
CVE-2010-2600
Severity:
Critical
Description:
Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry.
Applies to:
BlackBerry Desktop Software
Created:
2010-12-06
Updated:
2020-10-10

ID:
MITRE:6653
Title:
oval:org.mitre.oval:def:6653: Windows Media Player Memory Corruption Vulnerability
Type:
Software
Bulletins:
MITRE:6653
CVE-2010-2745
Severity:
Critical
Description:
Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability."
Applies to:
Windows Media Player
Created:
2010-12-06
Updated:
2020-10-10

ID:
CVE-2010-4354
Title:
The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only...
Type:
Hardware
Bulletins:
CVE-2010-4354
Severity:
Moderate
Description:
The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device, which allows remote attackers to enumerate valid group names via a series of IKE negotiation attempts, aka Bug ID CSCtj96108, a different vulnerability than CVE-2005-2025.
Applies to:
Cisco VPN 3015 Concentrator
Cisco VPN 3030 Concentrator
Cisco VPN 3060 Concentrator
Cisco VPN 3080 Concentrator
Cisco Vpn 3005 Concentrator
Created:
2010-11-30
Updated:
2020-10-10

ID:
MITRE:7291
Title:
oval:org.mitre.oval:def:7291: Privilege-escalation vulnerability in PostgreSQL version less than or equal to 9.0
Type:
Software
Bulletins:
MITRE:7291
CVE-2010-3433
Severity:
Moderate
Description:
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
Applies to:
PostgreSQL
Created:
2010-11-29
Updated:
2020-10-10

ID:
MITRE:6645
Title:
oval:org.mitre.oval:def:6645: Vulnerability in pl\php ADD-ON in PostgreSQL version less than or equal to 9.0
Type:
Software
Bulletins:
MITRE:6645
CVE-2010-3781
Severity:
Moderate
Description:
The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, a related issue to CVE-2010-3433.
Applies to:
PostgreSQL
Created:
2010-11-29
Updated:
2020-10-10

ID:
CVE-2010-3829
Title:
WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for...
Type:
Mobile Devices
Bulletins:
CVE-2010-3829
Severity:
Moderate
Description:
WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813.
Applies to:
Created:
2010-11-26
Updated:
2020-10-10

ID:
CVE-2010-3831
Title:
Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a...
Type:
Mobile Devices
Bulletins:
CVE-2010-3831
Severity:
Moderate
Description:
Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a "Send to MobileMe" action.
Applies to:
Created:
2010-11-26
Updated:
2020-10-10

ID:
CVE-2010-3830
Title:
Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.
Type:
Mobile Devices
Bulletins:
CVE-2010-3830
Severity:
Critical
Description:
Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.
Applies to:
Created:
2010-11-26
Updated:
2020-10-10

ID:
CVE-2010-3828
Title:
iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad.
Type:
Mobile Devices
Bulletins:
CVE-2010-3828
Severity:
Moderate
Description:
iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad.
Applies to:
Created:
2010-11-26
Updated:
2020-10-10

ID:
CVE-2010-3832
Title:
Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary...
Type:
Mobile Devices
Bulletins:
CVE-2010-3832
Severity:
Moderate
Description:
Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field.
Applies to:
Created:
2010-11-26
Updated:
2020-10-10

ID:
CVE-2010-3827
Title:
Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors.
Type:
Mobile Devices
Bulletins:
CVE-2010-3827
Severity:
Moderate
Description:
Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors.
Applies to:
Created:
2010-11-26
Updated:
2020-10-10

ID:
CVE-2010-3039
Title:
/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the...
Type:
Hardware
Bulletins:
CVE-2010-3039
SFBID44672
Severity:
Moderate
Description:
/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930.
Applies to:
Unified Communications Manager
Created:
2010-11-09
Updated:
2020-10-10

ID:
MITRE:6778
Title:
oval:org.mitre.oval:def:6778: Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5
Type:
Software
Bulletins:
MITRE:6778
CVE-2010-3127
Severity:
Critical
Description:
Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other file that is processed by PhotoShop. NOTE: some of these details are obtained from third party information.
Applies to:
Adobe Photoshop
Created:
2010-11-08
Updated:
2020-10-10

ID:
MITRE:7604
Title:
oval:org.mitre.oval:def:7604: Apple iTunes Log File Insecure File Operation Local Privilege Escalation Vulnerability
Type:
Software
Bulletins:
MITRE:7604
CVE-2010-1768
Severity:
Moderate
Description:
Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.
Applies to:
Apple iTunes
Created:
2010-11-01
Updated:
2020-10-10

ID:
MITRE:7221
Title:
oval:org.mitre.oval:def:7221: Apple iTunes Webkit Unspecified Vulnerability
Type:
Software
Bulletins:
MITRE:7221
CVE-2010-1763
Severity:
Critical
Description:
Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769.
Applies to:
Apple iTunes
Created:
2010-11-01
Updated:
2020-10-10

ID:
MITRE:7217
Title:
oval:org.mitre.oval:def:7217: Apple iTunes DLL Loading Arbitrary Code Execution Vulnerability
Type:
Software
Bulletins:
MITRE:7217
CVE-2010-1795
Severity:
Critical
Description:
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.
Applies to:
Apple iTunes
Created:
2010-11-01
Updated:
2020-10-10

ID:
MITRE:7178
Title:
oval:org.mitre.oval:def:7178: Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability
Type:
Software
Bulletins:
MITRE:7178
CVE-2010-1769
Severity:
Critical
Description:
WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.
Applies to:
Apple iTunes
Created:
2010-11-01
Updated:
2020-10-10

ID:
MITRE:7061
Title:
oval:org.mitre.oval:def:7061: Apple iTunes JavaScriptCore Page Transitions Denial Of Service Vulnerability
Type:
Software
Bulletins:
MITRE:7061
CVE-2010-1387
Severity:
Critical
Description:
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.
Applies to:
Apple iTunes
Created:
2010-11-01
Updated:
2020-10-10

ID:
MITRE:6988
Title:
oval:org.mitre.oval:def:6988: Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability
Type:
Software
Bulletins:
MITRE:6988
CVE-2010-1777
Severity:
Critical
Description:
Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL.
Applies to:
Apple iTunes
Created:
2010-11-01
Updated:
2020-10-10

ID:
CISEC:1127
Title:
oval:org.cisecurity:def:1127: Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows
Type:
Web
Bulletins:
CISEC:1127
CVE-2016-5157
Severity:
Moderate
Description:
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.
Applies to:
Google Chrome
Created:
2010-10-07
Updated:
2020-10-10

ID:
MITRE:12011
Title:
oval:org.mitre.oval:def:12011: Movie Maker Memory Corruption Vulnerability
Type:
Software
Bulletins:
MITRE:12011
CVE-2010-2564
Severity:
Critical
Description:
Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability."
Applies to:
Movie Maker 2.1
Movie Maker 2.6
Movie Maker 6.0
Created:
2010-09-27
Updated:
2020-10-10

ID:
CVE-2010-2831
Title:
Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624.
Type:
Hardware
Bulletins:
CVE-2010-2831
Severity:
Critical
Description:
Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624.
Applies to:
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2832
Title:
Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428.
Type:
Hardware
Bulletins:
CVE-2010-2832
Severity:
Critical
Description:
Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428.
Applies to:
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2833
Title:
Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472.
Type:
Hardware
Bulletins:
CVE-2010-2833
Severity:
Critical
Description:
Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472.
Applies to:
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2829
Title:
Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via...
Type:
Hardware
Bulletins:
CVE-2010-2829
Severity:
Critical
Description:
Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via crafted H.323 packets, aka Bug ID CSCtd33567.
Applies to:
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2828
Title:
Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323...
Type:
Hardware
Bulletins:
CVE-2010-2828
Severity:
Critical
Description:
Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759.
Applies to:
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2830
Title:
The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603.
Type:
Hardware
Bulletins:
CVE-2010-2830
Severity:
Critical
Description:
The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603.
Applies to:
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2836
Title:
Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections...
Type:
Hardware
Bulletins:
CVE-2010-2836
Severity:
Critical
Description:
Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685.
Applies to:
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2834
Title:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote...
Type:
Hardware
Bulletins:
CVE-2010-2834
Severity:
Critical
Description:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987.
Applies to:
Unified Communications Manager
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-2835
Title:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before...
Type:
Hardware
Bulletins:
CVE-2010-2835
Severity:
Critical
Description:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358.
Applies to:
Unified Communications Manager
Created:
2010-09-23
Updated:
2020-10-10

ID:
CVE-2010-1807
Title:
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial...
Type:
Mobile Devices
Bulletins:
CVE-2010-1807
SFBID43047
Severity:
Critical
Description:
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-2841
Title:
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service...
Type:
Hardware
Bulletins:
CVE-2010-2841
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-0574
Title:
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to...
Type:
Hardware
Bulletins:
CVE-2010-0574
Severity:
Critical
Description:
Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-0575
Title:
Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified...
Type:
Hardware
Bulletins:
CVE-2010-0575
Severity:
Moderate
Description:
Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-3034
Title:
Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified...
Type:
Hardware
Bulletins:
CVE-2010-3034
Severity:
Moderate
Description:
Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-2842
Title:
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a...
Type:
Hardware
Bulletins:
CVE-2010-2842
Severity:
Critical
Description:
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-2843
Title:
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a...
Type:
Hardware
Bulletins:
CVE-2010-2843
Severity:
Critical
Description:
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-3033
Title:
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a...
Type:
Hardware
Bulletins:
CVE-2010-3033
Severity:
Critical
Description:
Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843.
Applies to:
Created:
2010-09-10
Updated:
2020-10-10

ID:
CVE-2010-1814
Title:
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving...
Type:
Mobile Devices
Bulletins:
CVE-2010-1814
SFBID43083
Severity:
Moderate
Description:
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1813
Title:
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines.
Type:
Mobile Devices
Bulletins:
CVE-2010-1813
Severity:
Moderate
Description:
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1812
Title:
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors...
Type:
Mobile Devices
Bulletins:
CVE-2010-1812
SFBID43079
Severity:
Moderate
Description:
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1815
Title:
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors...
Type:
Mobile Devices
Bulletins:
CVE-2010-1815
SFBID43081
Severity:
Moderate
Description:
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1809
Title:
The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.
Type:
Mobile Devices
Bulletins:
CVE-2010-1809
Severity:
Critical
Description:
The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1811
Title:
ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.
Type:
Mobile Devices
Bulletins:
CVE-2010-1811
Severity:
Moderate
Description:
ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1810
Title:
FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.
Type:
Mobile Devices
Bulletins:
CVE-2010-1810
Severity:
Low
Description:
FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1781
Title:
Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an...
Type:
Mobile Devices
Bulletins:
CVE-2010-1781
SFBID43077
Severity:
Moderate
Description:
Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-1817
Title:
Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
Type:
Mobile Devices
Bulletins:
CVE-2010-1817
Severity:
Moderate
Description:
Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
Applies to:
Created:
2010-09-09
Updated:
2020-10-10

ID:
CVE-2010-3035
Title:
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the...
Type:
Hardware
Bulletins:
CVE-2010-3035
Severity:
Moderate
Description:
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.
Applies to:
Created:
2010-08-30
Updated:
2020-10-10

ID:
CVE-2010-2837
Title:
The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to...
Type:
Hardware
Bulletins:
CVE-2010-2837
Severity:
Critical
Description:
The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310.
Applies to:
Unified Communications Manager
Created:
2010-08-26
Updated:
2020-10-10

ID:
CVE-2010-2838
Title:
The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process...
Type:
Hardware
Bulletins:
CVE-2010-2838
Severity:
Critical
Description:
The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305.
Applies to:
Unified Communications Manager
Created:
2010-08-26
Updated:
2020-10-10

ID:
CVE-2010-2825
Title:
Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series...
Type:
Hardware
Bulletins:
CVE-2010-2825
Severity:
Critical
Description:
Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.4), allows remote attackers to cause a denial of service (device reload) via crafted SIP packets over (1) TCP or (2) UDP, aka Bug IDs CSCta65603 and CSCta71569.
Applies to:
Cisco Ace 4710
Created:
2010-08-17
Updated:
2020-10-10

ID:
CVE-2010-2822
Title:
Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710...
Type:
Hardware
Bulletins:
CVE-2010-2822
Severity:
Critical
Description:
Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6), allows remote attackers to cause a denial of service (device reload) via crafted RTSP packets over TCP, aka Bug IDs CSCta85227 and CSCtg14858.
Applies to:
Cisco Ace 4710
Created:
2010-08-17
Updated:
2020-10-10

ID:
CVE-2010-2823
Title:
Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets,...
Type:
Hardware
Bulletins:
CVE-2010-2823
Severity:
Critical
Description:
Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493.
Applies to:
Cisco Ace 4710
Created:
2010-08-17
Updated:
2020-10-10

ID:
CVE-2010-1797
Title:
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch...
Type:
Mobile Devices
Bulletins:
CVE-2010-1797
SFBID42151
Severity:
Critical
Description:
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information.
Applies to:
Created:
2010-08-16
Updated:
2020-10-10

ID:
CVE-2010-2827
Title:
Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193.
Type:
Hardware
Bulletins:
CVE-2010-2827
SFBID42426
Severity:
Critical
Description:
Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193.
Applies to:
Created:
2010-08-16
Updated:
2020-10-10

ID:
CVE-2010-2983
Title:
The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an...
Type:
Hardware
Bulletins:
CVE-2010-2983
Severity:
Critical
Description:
The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2976
Title:
The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4)...
Type:
Hardware
Bulletins:
CVE-2010-2976
Severity:
Critical
Description:
The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2988
Title:
Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333.
Type:
Hardware
Bulletins:
CVE-2010-2988
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2975
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.
Type:
Hardware
Bulletins:
CVE-2010-2975
Severity:
Low
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2980
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794.
Type:
Hardware
Bulletins:
CVE-2010-2980
Severity:
Critical
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2979
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508.
Type:
Hardware
Bulletins:
CVE-2010-2979
Severity:
Critical
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2984
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305.
Type:
Hardware
Bulletins:
CVE-2010-2984
Severity:
Critical
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2978
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions,...
Type:
Hardware
Bulletins:
CVE-2010-2978
Severity:
Critical
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2977
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611.
Type:
Hardware
Bulletins:
CVE-2010-2977
Severity:
Critical
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2982
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037.
Type:
Hardware
Bulletins:
CVE-2010-2982
Severity:
Critical
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2981
Title:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370.
Type:
Hardware
Bulletins:
CVE-2010-2981
Severity:
Critical
Description:
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370.
Applies to:
Wireless Lan Controller Software
Created:
2010-08-10
Updated:
2020-10-10

ID:
CVE-2010-2707
Title:
Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2010-2707
Severity:
Critical
Description:
Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
Applies to:
Procurve Switch 2626
Procurve Switch 2626-pwr
Procurve Switch 2650
Procurve Switch 2650-pwr
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2708
Title:
Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2010-2708
Severity:
Moderate
Description:
Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors.
Applies to:
Procurve Switch 2610-24
Procurve Switch 2610-24-pwr
Procurve Switch 2610-24/12pwr
Procurve Switch 2610-48
Procurve Switch 2610-48-pwr
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2705
Title:
Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via...
Type:
Hardware
Bulletins:
CVE-2010-2705
Severity:
Moderate
Description:
Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors.
Applies to:
Procurve Switch 1800-24g
Procurve Switch 1800-8g
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-1581
Title:
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3...
Type:
Hardware
Bulletins:
CVE-2010-1581
SFBID42187
Severity:
Critical
Description:
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.
Applies to:
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2814
Title:
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3...
Type:
Hardware
Bulletins:
CVE-2010-2814
SFBID42196
Severity:
Critical
Description:
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.
Applies to:
Cisco ASA 5505 Adaptive Security Appliance
Cisco ASA 5510 Adaptive Security Appliance
Cisco ASA 5520 Adaptive Security Appliance
Cisco ASA 5540 Adaptive Security Appliance
Cisco ASA 5550 Adaptive Security Appliance
Cisco ASA 5580 Adaptive...
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2815
Title:
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3...
Type:
Hardware
Bulletins:
CVE-2010-2815
SFBID42198
Severity:
Critical
Description:
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.
Applies to:
Cisco ASA 5505 Adaptive Security Appliance
Cisco ASA 5510 Adaptive Security Appliance
Cisco ASA 5520 Adaptive Security Appliance
Cisco ASA 5540 Adaptive Security Appliance
Cisco ASA 5550 Adaptive Security Appliance
Cisco ASA 5580 Adaptive...
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-1578
Title:
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security...
Type:
Hardware
Bulletins:
CVE-2010-1578
Severity:
Critical
Description:
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567.
Applies to:
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-1579
Title:
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security...
Type:
Hardware
Bulletins:
CVE-2010-1579
Severity:
Critical
Description:
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922.
Applies to:
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-1580
Title:
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security...
Type:
Hardware
Bulletins:
CVE-2010-1580
Severity:
Critical
Description:
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753.
Applies to:
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2816
Title:
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2010-2816
SFBID42189
Severity:
Critical
Description:
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.
Applies to:
Cisco ASA 5505 Adaptive Security Appliance
Cisco ASA 5510 Adaptive Security Appliance
Cisco ASA 5520 Adaptive Security Appliance
Cisco ASA 5540 Adaptive Security Appliance
Cisco ASA 5550 Adaptive Security Appliance
Cisco ASA 5580 Adaptive...
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2706
Title:
Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2010-2706
Severity:
Moderate
Description:
Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors.
Applies to:
Procurve Switch 2610-24
Procurve Switch 2610-24-pwr
Procurve Switch 2610-24/12pwr
Procurve Switch 2610-48
Procurve Switch 2610-48-pwr
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2817
Title:
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and...
Type:
Hardware
Bulletins:
CVE-2010-2817
SFBID42190
Severity:
Critical
Description:
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507.
Applies to:
Cisco ASA 5505 Adaptive Security Appliance
Cisco ASA 5510 Adaptive Security Appliance
Cisco ASA 5520 Adaptive Security Appliance
Cisco ASA 5540 Adaptive Security Appliance
Cisco ASA 5550 Adaptive Security Appliance
Cisco ASA 5580 Adaptive...
Created:
2010-08-09
Updated:
2020-10-10

ID:
CVE-2010-2973
Title:
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
Type:
Mobile Devices
Bulletins:
CVE-2010-2973
SFBID42151
Severity:
Moderate
Description:
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
Applies to:
Created:
2010-08-05
Updated:
2020-10-10

ID:
CVE-2010-1574
Title:
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the...
Type:
Hardware
Bulletins:
CVE-2010-1574
SFBID41436
Severity:
Critical
Description:
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589.
Applies to:
Created:
2010-07-08
Updated:
2020-10-10

ID:
CVE-2010-1576
Title:
The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence...
Type:
Hardware
Bulletins:
CVE-2010-1576
SFBID41315
Severity:
Critical
Description:
The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885.
Applies to:
Cisco Ace 4710
Content Services Switch 11500
Created:
2010-07-06
Updated:
2020-10-10

ID:
CVE-2010-2629
Title:
The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which...
Type:
Hardware
Bulletins:
CVE-2010-2629
SFBID41315
Severity:
Critical
Description:
The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576.
Applies to:
Cisco Ace 4710
Content Services Switch 11500
Created:
2010-07-06
Updated:
2020-10-10

ID:
CVE-2010-1575
Title:
The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via...
Type:
Hardware
Bulletins:
CVE-2010-1575
SFBID41315
Severity:
Critical
Description:
The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.
Applies to:
Content Services Switch 11500
Created:
2010-07-06
Updated:
2020-10-10

ID:
CVE-2009-4922
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (traceback) by establishing many IPsec L2L tunnels from remote peer...
Type:
Hardware
Bulletins:
CVE-2009-4922
Severity:
Moderate
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (traceback) by establishing many IPsec L2L tunnels from remote peer IP addresses, aka Bug ID CSCso15583.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4916
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka...
Type:
Hardware
Bulletins:
CVE-2009-4916
Severity:
Moderate
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka Bug ID CSCsq80095.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4915
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection...
Type:
Hardware
Bulletins:
CVE-2009-4915
Severity:
Critical
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection stress test," aka Bug ID CSCsq68451.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4917
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901.
Type:
Hardware
Bulletins:
CVE-2009-4917
Severity:
Critical
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4911
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug...
Type:
Hardware
Bulletins:
CVE-2009-4911
Severity:
Critical
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4923
Title:
Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162.
Type:
Hardware
Bulletins:
CVE-2009-4923
Severity:
Critical
Description:
Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4920
Title:
Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412.
Type:
Hardware
Bulletins:
CVE-2009-4920
Severity:
Critical
Description:
Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4913
Title:
The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6...
Type:
Hardware
Bulletins:
CVE-2009-4913
Severity:
Moderate
Description:
The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4914
Title:
Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID...
Type:
Hardware
Bulletins:
CVE-2009-4914
Severity:
Critical
Description:
Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4910
Title:
Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug...
Type:
Hardware
Bulletins:
CVE-2009-4910
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2008-7257
Title:
CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack...
Type:
Hardware
Bulletins:
CVE-2008-7257
SFBID41159
Severity:
Moderate
Description:
CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4912
Title:
Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions...
Type:
Hardware
Bulletins:
CVE-2009-4912
Severity:
Critical
Description:
Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4921
Title:
Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110.
Type:
Hardware
Bulletins:
CVE-2009-4921
Severity:
Critical
Description:
Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4918
Title:
Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439.
Type:
Hardware
Bulletins:
CVE-2009-4918
Severity:
Critical
Description:
Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2009-4919
Title:
Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121.
Type:
Hardware
Bulletins:
CVE-2009-4919
Severity:
Critical
Description:
Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121.
Applies to:
Cisco ASA 5580 Adaptive Security Appliance
Created:
2010-06-29
Updated:
2020-10-10

ID:
CVE-2010-2506
Title:
Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter.
Type:
Hardware
Bulletins:
CVE-2010-2506
Severity:
Low
Description:
Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter.
Applies to:
WAP54G
Created:
2010-06-28
Updated:
2020-10-10

ID:
CVE-2010-1407
Title:
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via...
Type:
Mobile Devices
Bulletins:
CVE-2010-1407
SFBID41016
Severity:
Moderate
Description:
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1757
Title:
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.
Type:
Mobile Devices
Bulletins:
CVE-2010-1757
SFBID41016
Severity:
Moderate
Description:
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1756
Title:
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an...
Type:
Mobile Devices
Bulletins:
CVE-2010-1756
SFBID41016
Severity:
Moderate
Description:
The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1752
Title:
Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.
Type:
Mobile Devices
Bulletins:
CVE-2010-1752
SFBID41016
Severity:
Moderate
Description:
Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1755
Title:
Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie.
Type:
Mobile Devices
Bulletins:
CVE-2010-1755
SFBID41016
Severity:
Moderate
Description:
Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1775
Title:
Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data,...
Type:
Mobile Devices
Bulletins:
CVE-2010-1775
SFBID41016
Severity:
Low
Description:
Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1754
Title:
Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to...
Type:
Mobile Devices
Bulletins:
CVE-2010-1754
SFBID41016
Severity:
Moderate
Description:
Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1753
Title:
ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.
Type:
Mobile Devices
Bulletins:
CVE-2010-1753
SFBID41016
Severity:
Moderate
Description:
ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1751
Title:
Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors.
Type:
Mobile Devices
Bulletins:
CVE-2010-1751
SFBID41016
Severity:
Moderate
Description:
Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors.
Applies to:
Created:
2010-06-22
Updated:
2020-10-10

ID:
CVE-2010-1387
Title:
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service...
Type:
Mobile Devices
Bulletins:
CVE-2010-1387
SFBID41016
Severity:
Critical
Description:
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.
Applies to:
Created:
2010-06-18
Updated:
2020-10-10

ID:
CVE-2010-2293
Title:
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size.
Type:
Hardware
Bulletins:
CVE-2010-2293
SFBID40691
Severity:
Moderate
Description:
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size.
Applies to:
DI-604
Created:
2010-06-15
Updated:
2020-10-10

ID:
CVE-2010-2292
Title:
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field.
Type:
Hardware
Bulletins:
CVE-2010-2292
SFBID40691
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field.
Applies to:
DI-604
Created:
2010-06-15
Updated:
2020-10-10

ID:
CVE-2010-1573
Title:
Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3)...
Type:
Hardware
Bulletins:
CVE-2010-1573
SFBID40648
Severity:
Critical
Description:
Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.
Applies to:
wap54g
Created:
2010-06-09
Updated:
2020-10-10

ID:
CVE-2010-2261
Title:
Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.
Type:
Hardware
Bulletins:
CVE-2010-2261
Severity:
Critical
Description:
Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.
Applies to:
wap54g
Created:
2010-06-09
Updated:
2020-10-10

ID:
MITRE:7561
Title:
oval:org.mitre.oval:def:7561: Apple Safari TIFF Image Uninitialized Memory Information Disclosure Vulnerability
Type:
Software
Bulletins:
MITRE:7561
CVE-2010-0042
Severity:
Moderate
Description:
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image.
Applies to:
Apple Safari
Apple iTunes
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:7427
Title:
oval:org.mitre.oval:def:7427: Apple iTunes MP4 File Processing Denial of Service Vulnerability
Type:
Software
Bulletins:
MITRE:7427
CVE-2010-0531
Severity:
Moderate
Description:
Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.
Applies to:
Apple iTunes
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:7170
Title:
oval:org.mitre.oval:def:7170: VBScript Help Keypress Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:7170
CVE-2010-0483
Severity:
Critical
Description:
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability."
Applies to:
VBScript 5.1
VBScript 5.6
VBScript 5.7
VBScript 5.8
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:7110
Title:
oval:org.mitre.oval:def:7110: Apple iTunes Install or Update Privilege Escalation Vulnerability
Type:
Software
Bulletins:
MITRE:7110
CVE-2010-0532
Severity:
Moderate
Description:
Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.
Applies to:
Apple iTunes
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:7049
Title:
oval:org.mitre.oval:def:7049: LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
Type:
Software
Bulletins:
MITRE:7049
CVE-2009-2285
Severity:
Moderate
Description:
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
Applies to:
Apple Safari
Apple iTunes
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:6901
Title:
oval:org.mitre.oval:def:6901: Apple Safari ImageIO TIFF Image Remote Code Execution Vulnerability
Type:
Software
Bulletins:
MITRE:6901
CVE-2010-0043
Severity:
Critical
Description:
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.
Applies to:
Apple Safari
Apple iTunes
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:6885
Title:
oval:org.mitre.oval:def:6885: Apple Safari BMP Image Uninitialized Memory Information Disclosure Vulnerability
Type:
Software
Bulletins:
MITRE:6885
CVE-2010-0041
Severity:
Moderate
Description:
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image.
Applies to:
Apple Safari
Apple iTunes
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:6741
Title:
oval:org.mitre.oval:def:6741: Apple Safari Prior to 4.0.5 Integer Overflow Vulnerability
Type:
Software
Bulletins:
MITRE:6741
CVE-2010-0040
Severity:
Critical
Description:
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.
Applies to:
Apple Safari
Apple iTunes
Created:
2010-06-07
Updated:
2020-10-10

ID:
MITRE:8595
Title:
oval:org.mitre.oval:def:8595: Movie Maker and Producer Buffer Overflow Vulnerability
Type:
Software
Bulletins:
MITRE:8595
CVE-2010-0265
Severity:
Critical
Description:
Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability."
Applies to:
Microsoft Producer 2003
Movie Maker 2.1
Movie Maker 2.6
Movie Maker 6.0
Created:
2010-05-24
Updated:
2020-10-10

ID:
MITRE:7709
Title:
oval:org.mitre.oval:def:7709: libpng buffer overflow
Type:
Software
Bulletins:
MITRE:7709
CVE-2004-0597
Severity:
Critical
Description:
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Applies to:
Adobe Acrobat Reader
MSN Messenger 4.7
MSN Messenger 6.1
MSN Messenger 6.2
Created:
2010-05-17
Updated:
2020-10-10

ID:
CVE-2009-4821
Title:
The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi...
Type:
Hardware
Bulletins:
CVE-2009-4821
SFBID37415
Severity:
Moderate
Description:
The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors.
Applies to:
DIR-615
Created:
2010-04-27
Updated:
2020-10-10

ID:
CVE-2010-1226
Title:
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV...
Type:
Mobile Devices
Bulletins:
CVE-2010-1226
SFBID38758
Severity:
Moderate
Description:
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed character" issue.
Applies to:
Created:
2010-04-01
Updated:
2020-10-10

ID:
CVE-2010-1181
Title:
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element.
Type:
Mobile Devices
Bulletins:
CVE-2010-1181
Severity:
Moderate
Description:
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element.
Applies to:
Created:
2010-03-29
Updated:
2020-10-10

ID:
CVE-2010-1119
Title:
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause...
Type:
Mobile Devices
Bulletins:
CVE-2010-1119
SFBID40620
Severity:
Critical
Description:
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0581
Title:
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability."
Type:
Hardware
Bulletins:
CVE-2010-0581
Severity:
Critical
Description:
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability."
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0580
Title:
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."
Type:
Hardware
Bulletins:
CVE-2010-0580
Severity:
Critical
Description:
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0584
Title:
Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250.
Type:
Hardware
Bulletins:
CVE-2010-0584
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250.
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0576
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers...
Type:
Hardware
Bulletins:
CVE-2010-0576
SFBID38938
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893.
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0579
Title:
The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability."
Type:
Hardware
Bulletins:
CVE-2010-0579
Severity:
Critical
Description:
The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability."
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0578
Title:
The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.
Type:
Hardware
Bulletins:
CVE-2010-0578
SFBID38932
Severity:
Critical
Description:
The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0583
Title:
Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855.
Type:
Hardware
Bulletins:
CVE-2010-0583
SFBID38934
Severity:
Critical
Description:
Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855.
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0577
Title:
Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.
Type:
Hardware
Bulletins:
CVE-2010-0577
SFBID38930
Severity:
Critical
Description:
Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0585
Title:
Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny...
Type:
Hardware
Bulletins:
CVE-2010-0585
Severity:
Critical
Description:
Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability."
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0586
Title:
Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny...
Type:
Hardware
Bulletins:
CVE-2010-0586
Severity:
Critical
Description:
Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability."
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0582
Title:
Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.
Type:
Hardware
Bulletins:
CVE-2010-0582
Severity:
Critical
Description:
Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.
Applies to:
Created:
2010-03-25
Updated:
2020-10-10

ID:
CVE-2010-0936
Title:
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter.
Type:
Hardware
Bulletins:
CVE-2010-0936
SFBID37646
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter.
Applies to:
DKVM-IP8
Created:
2010-03-08
Updated:
2020-10-10

ID:
CVE-2010-0592
Title:
The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2010-0592
SFBID38497
Severity:
Critical
Description:
The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800.
Applies to:
Unified Communications Manager
Created:
2010-03-05
Updated:
2020-10-10

ID:
CVE-2010-0590
Title:
The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register...
Type:
Hardware
Bulletins:
CVE-2010-0590
SFBID38495
Severity:
Critical
Description:
The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188.
Applies to:
Unified Communications Manager
Created:
2010-03-05
Updated:
2020-10-10

ID:
CVE-2010-0591
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to...
Type:
Hardware
Bulletins:
CVE-2010-0591
SFBID38498
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362.
Applies to:
Unified Communications Manager
Created:
2010-03-05
Updated:
2020-10-10

ID:
CVE-2010-0588
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines...
Type:
Hardware
Bulletins:
CVE-2010-0588
SFBID38501
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines or (2) FwdStatReq message with an invalid Line number, aka Bug ID CSCtc47823.
Applies to:
Unified Communications Manager
Created:
2010-03-05
Updated:
2020-10-10

ID:
CVE-2010-0587
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP...
Type:
Hardware
Bulletins:
CVE-2010-0587
SFBID38496
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985.
Applies to:
Unified Communications Manager
Created:
2010-03-05
Updated:
2020-10-10

ID:
MITRE:7995
Title:
oval:org.mitre.oval:def:7995: Apple iTunes Filetype Remote Off-By-One Stack Buffer Overflow Vulnerability
Type:
Software
Bulletins:
MITRE:7995
CVE-2008-4116
Severity:
Critical
Description:
Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow.
Applies to:
Apple QuickTime
Apple iTunes
Created:
2010-02-22
Updated:
2020-10-10

ID:
MITRE:7573
Title:
oval:org.mitre.oval:def:7573: ATL Null String Vulnerability
Type:
Mail
Bulletins:
MITRE:7573
CVE-2009-2495
Severity:
Critical
Description:
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
Applies to:
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Created:
2010-02-22
Updated:
2020-10-10

ID:
CVE-2010-0149
Title:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a...
Type:
Hardware
Bulletins:
CVE-2010-0149
SFBID38275
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability."
Applies to:
Created:
2010-02-19
Updated:
2020-10-10

ID:
CVE-2010-0565
Title:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device...
Type:
Hardware
Bulletins:
CVE-2010-0565
SFBID38280
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device reload) via a malformed DTLS message, aka Bug ID CSCtb64913 and "WebVPN DTLS Denial of Service Vulnerability."
Applies to:
Created:
2010-02-19
Updated:
2020-10-10

ID:
CVE-2010-0568
Title:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote...
Type:
Hardware
Bulletins:
CVE-2010-0568
SFBID38279
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953.
Applies to:
Created:
2010-02-19
Updated:
2020-10-10

ID:
CVE-2010-0150
Title:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows...
Type:
Hardware
Bulletins:
CVE-2010-0150
SFBID38277
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCsy91157.
Applies to:
Created:
2010-02-19
Updated:
2020-10-10

ID:
CVE-2010-0569
Title:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows...
Type:
Hardware
Bulletins:
CVE-2010-0569
SFBID38281
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018.
Applies to:
Created:
2010-02-19
Updated:
2020-10-10

ID:
CVE-2010-0567
Title:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows...
Type:
Hardware
Bulletins:
CVE-2010-0567
SFBID38279
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782.
Applies to:
Created:
2010-02-19
Updated:
2020-10-10

ID:
CVE-2010-0566
Title:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service...
Type:
Hardware
Bulletins:
CVE-2010-0566
SFBID38278
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219.
Applies to:
Created:
2010-02-19
Updated:
2020-10-10

ID:
MITRE:7581
Title:
oval:org.mitre.oval:def:7581: ATL Uninitialized Object Vulnerability
Type:
Mail
Bulletins:
MITRE:7581
CVE-2009-0901
Severity:
Critical
Description:
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Applies to:
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Created:
2010-02-08
Updated:
2020-10-10

ID:
MITRE:6716
Title:
oval:org.mitre.oval:def:6716: ATL COM Initialization Vulnerability
Type:
Mail
Bulletins:
MITRE:6716
CVE-2009-2493
Severity:
Critical
Description:
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Applies to:
Microsoft Internet Explorer 5
Microsoft Internet Explorer 6
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Created:
2010-02-08
Updated:
2020-10-10

ID:
CVE-2010-0038
Title:
Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that...
Type:
Mobile Devices
Bulletins:
CVE-2010-0038
SFBID38040
Severity:
Moderate
Description:
Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption.
Applies to:
Created:
2010-02-03
Updated:
2020-10-10

ID:
MITRE:5846
Title:
oval:org.mitre.oval:def:5846: WordPad and Office Text converter Memory Corruption Vulnerability
Type:
Software
Bulletins:
MITRE:5846
CVE-2009-2506
Severity:
Critical
Description:
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow.
Applies to:
Microsoft Office Converter Pack
Microsoft Word 2002
Microsoft Word 2003
Microsoft Works 8.5
Created:
2010-01-25
Updated:
2020-10-10

ID:
CVE-2010-0137
Title:
Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.
Type:
Hardware
Bulletins:
CVE-2010-0137
SFBID37878
Severity:
Critical
Description:
Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.
Applies to:
Created:
2010-01-21
Updated:
2020-10-10

ID:
CVE-2009-4455
Title:
The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended...
Type:
Hardware
Bulletins:
CVE-2009-4455
Severity:
Moderate
Description:
The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web sites via a crafted URL obfuscated with ROT13 and a certain encoding. NOTE: this issue was originally reported as a vulnerability related to lack of restrictions to URLs listed in the Cisco WebVPN bookmark component, but the vendor states that "The bookmark feature is not a security feature."
Applies to:
Created:
2009-12-29
Updated:
2020-10-10

ID:
MITRE:6484
Title:
oval:org.mitre.oval:def:6484: Windows Media Runtime Heap Corruption Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:6484
CVE-2009-2525
Severity:
Critical
Description:
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability."
Applies to:
Windows Media Format Runtime 11
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Created:
2009-12-07
Updated:
2020-10-10

ID:
MITRE:6407
Title:
oval:org.mitre.oval:def:6407: Windows Media Runtime Voice Sample Rate Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:6407
CVE-2009-0555
Severity:
Critical
Description:
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability."
Applies to:
Windows Media Format Runtime 11
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Created:
2009-12-07
Updated:
2020-10-10

ID:
CVE-2009-2631
Title:
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix...
Type:
Hardware
Bulletins:
CVE-2009-2631
SFBID37152
Severity:
Moderate
Description:
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design.
Applies to:
SonicWall SSL-VPN
SonicWall SSL-VPN E Class
Created:
2009-12-04
Updated:
2020-10-10

ID:
MITRE:6491
Title:
oval:org.mitre.oval:def:6491: GDI+ TIFF Buffer Overflow Vulnerability
Type:
Web
Bulletins:
MITRE:6491
CVE-2009-2503
Severity:
Critical
Description:
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Office XP
Microsoft SQL Server 2005
Microsoft Visual Studio 2008
Created:
2009-11-30
Updated:
2020-10-10

ID:
MITRE:6290
Title:
oval:org.mitre.oval:def:6290: Apple iTunes '.pls' File Buffer Overflow Vulnerability
Type:
Software
Bulletins:
MITRE:6290
CVE-2009-2817
Severity:
Critical
Description:
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.
Applies to:
Apple iTunes
Created:
2009-11-30
Updated:
2020-10-10

ID:
MITRE:6282
Title:
oval:org.mitre.oval:def:6282: GDI+ .NET API Vulnerability
Type:
Software
Bulletins:
MITRE:6282
CVE-2009-2504
Severity:
Critical
Description:
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability."
Applies to:
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Office XP
Microsoft SQL Server 2005
Microsoft Visual Studio 2008
Created:
2009-11-30
Updated:
2020-10-10

ID:
MITRE:6134
Title:
oval:org.mitre.oval:def:6134: GDI+ PNG Integer Overflow Vulnerability
Type:
Software
Bulletins:
MITRE:6134
CVE-2009-3126
Severity:
Critical
Description:
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability."
Applies to:
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Office XP
Microsoft SQL Server 2005
Microsoft Visual Studio 2008
Created:
2009-11-30
Updated:
2020-10-10

ID:
MITRE:5967
Title:
oval:org.mitre.oval:def:5967: GDI+ WMF Integer Overflow Vulnerability
Type:
Web
Bulletins:
MITRE:5967
CVE-2009-2500
Severity:
Critical
Description:
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Office XP
Microsoft SQL Server 2005
Microsoft Visual Studio 2008
Created:
2009-11-30
Updated:
2020-10-10

ID:
MITRE:5898
Title:
oval:org.mitre.oval:def:5898: GDI+ TIFF Buffer Overflow Vulnerability
Type:
Web
Bulletins:
MITRE:5898
CVE-2009-2502
Severity:
Critical
Description:
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Office XP
Microsoft SQL Server 2005
Microsoft Visual Studio 2008
Created:
2009-11-30
Updated:
2020-10-10

ID:
MITRE:6316
Title:
oval:org.mitre.oval:def:6316: JScript Remote Code Execution Vulnerability
Type:
Software
Bulletins:
MITRE:6316
CVE-2009-1920
Severity:
Critical
Description:
The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability."
Applies to:
JScript Scripting Engine
Created:
2009-10-19
Updated:
2020-10-10

ID:
MITRE:6257
Title:
oval:org.mitre.oval:def:6257: Windows Media Header Parsing Invalid Free Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:6257
CVE-2009-2498
Severity:
Critical
Description:
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."
Applies to:
Microsoft Media Services 9
Microsoft Media Services 9.1
Windows Media Format Runtime 11
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Created:
2009-10-19
Updated:
2020-10-10

ID:
CVE-2009-2999
Title:
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an...
Type:
Mobile Devices
Bulletins:
CVE-2009-2999
Severity:
Moderate
Description:
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.
Applies to:
Created:
2009-10-14
Updated:
2020-10-10

ID:
CVE-2009-3698
Title:
An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.
Type:
Mobile Devices
Bulletins:
CVE-2009-3698
SFBID36590
Severity:
Moderate
Description:
An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.
Applies to:
Created:
2009-10-14
Updated:
2020-10-10

ID:
CVE-2009-3486
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the...
Type:
Hardware
Bulletins:
CVE-2009-3486
SFBID36537
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the diagnose program; or (2) the traceroute program, reachable through the diagnose program; or (3) the probe-limit parameter to the configuration program; the (4) wizard-ids or (5) pager-new-identifier parameter in a firewall-filters action to the configuration program; (6) the cos-physical-interface-name parameter in a cos-physical-interfaces-edit action to the configuration program; the (7) wizard-args or (8) wizard-ids parameter in an snmp action to the configuration program; the (9) username or (10) fullname parameter in a users action to the configuration program; or the (11) certname or (12) certbody parameter in a local-cert (aka https) action to the configuration program.
Applies to:
Created:
2009-09-30
Updated:
2020-10-10

ID:
CVE-2009-3487
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the...
Type:
Hardware
Bulletins:
CVE-2009-3487
SFBID36537
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3) refresh-time, or (4) ifid parameter to scripter.php; (5) the revision parameter in a rollback action to the configuration program; the m[] parameter to the (6) monitor, (7) manage, (8) events, (9) configuration, or (10) alarms program; (11) the m[] parameter to the default URI; (12) the m[] parameter in a browse action to the default URI; (13) the wizard-next parameter in an https action to the configuration program; or the (14) Contact Information, (15) System Description, (16) Local Engine ID, (17) System Location, or (18) System Name Override SNMP parameter, related to the configuration program.
Applies to:
Created:
2009-09-30
Updated:
2020-10-10

ID:
CVE-2009-3485
Title:
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI.
Type:
Hardware
Bulletins:
CVE-2009-3485
SFBID36537
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI.
Applies to:
Created:
2009-09-30
Updated:
2020-10-10

ID:
CVE-2009-2867
Title:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP...
Type:
Hardware
Bulletins:
CVE-2009-2867
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2869
Title:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
Type:
Hardware
Bulletins:
CVE-2009-2869
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2870
Title:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.
Type:
Hardware
Bulletins:
CVE-2009-2870
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2868
Title:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
Type:
Hardware
Bulletins:
CVE-2009-2868
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2866
Title:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.
Type:
Hardware
Bulletins:
CVE-2009-2866
SFBID36494
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2871
Title:
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
Type:
Hardware
Bulletins:
CVE-2009-2871
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2862
Title:
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114,...
Type:
Hardware
Bulletins:
CVE-2009-2862
SFBID36495
Severity:
Moderate
Description:
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2863
Title:
Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.
Type:
Hardware
Bulletins:
CVE-2009-2863
SFBID36491
Severity:
Critical
Description:
Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2864
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP...
Type:
Hardware
Bulletins:
CVE-2009-2864
SFBID36496
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2873
Title:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.
Type:
Hardware
Bulletins:
CVE-2009-2873
Severity:
Critical
Description:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2872
Title:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from...
Type:
Hardware
Bulletins:
CVE-2009-2872
Severity:
Moderate
Description:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-2865
Title:
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a...
Type:
Hardware
Bulletins:
CVE-2009-2865
SFBID36498
Severity:
Critical
Description:
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779.
Applies to:
Created:
2009-09-28
Updated:
2020-10-10

ID:
CVE-2009-3341
Title:
Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this...
Type:
Hardware
Bulletins:
CVE-2009-3341
Severity:
Critical
Description:
Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
Applies to:
wrt54gl
Created:
2009-09-24
Updated:
2020-10-10

ID:
CVE-2009-3347
Title:
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this...
Type:
Hardware
Bulletins:
CVE-2009-3347
SFBID36237
Severity:
Critical
Description:
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
Applies to:
DIR-400
Created:
2009-09-24
Updated:
2020-10-10

ID:
CVE-2009-3273
Title:
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate.
Type:
Mobile Devices
Bulletins:
CVE-2009-3273
SFBID36370
Severity:
Critical
Description:
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate.
Applies to:
Created:
2009-09-21
Updated:
2020-10-10

ID:
CVE-2009-3271
Title:
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.
Type:
Mobile Devices
Bulletins:
CVE-2009-3271
SFBID36386
Severity:
Moderate
Description:
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.
Applies to:
Created:
2009-09-21
Updated:
2020-10-10

ID:
CVE-2009-2797
Title:
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive...
Type:
Mobile Devices
Bulletins:
CVE-2009-2797
SFBID36339
Severity:
Moderate
Description:
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server.
Applies to:
Created:
2009-09-10
Updated:
2020-10-10

ID:
CVE-2009-2796
Title:
The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.
Type:
Mobile Devices
Bulletins:
CVE-2009-2796
SFBID36335
Severity:
Low
Description:
The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.
Applies to:
Created:
2009-09-10
Updated:
2020-10-10

ID:
CVE-2009-2815
Title:
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted...
Type:
Mobile Devices
Bulletins:
CVE-2009-2815
Severity:
Critical
Description:
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message.
Applies to:
Created:
2009-09-10
Updated:
2020-10-10

ID:
CVE-2009-2207
Title:
The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these...
Type:
Mobile Devices
Bulletins:
CVE-2009-2207
SFBID36337
Severity:
Low
Description:
The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages.
Applies to:
Created:
2009-09-10
Updated:
2020-10-10

ID:
CVE-2009-2794
Title:
The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended...
Type:
Mobile Devices
Bulletins:
CVE-2009-2794
SFBID36342
Severity:
Moderate
Description:
The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value.
Applies to:
Created:
2009-09-10
Updated:
2020-10-10

ID:
CVE-2009-2206
Title:
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial...
Type:
Mobile Devices
Bulletins:
CVE-2009-2206
SFBID36338
Severity:
Moderate
Description:
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table.
Applies to:
Created:
2009-09-10
Updated:
2020-10-10

ID:
CVE-2009-2795
Title:
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related...
Type:
Mobile Devices
Bulletins:
CVE-2009-2795
SFBID36341
Severity:
Critical
Description:
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."
Applies to:
Created:
2009-09-10
Updated:
2020-10-10

ID:
CVE-2009-0627
Title:
Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation,"...
Type:
Hardware
Bulletins:
CVE-2009-0627
Severity:
Critical
Description:
Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609.
Applies to:
Cisco Nexus 5000 Series
Cisco Nexus 7000
Created:
2009-09-08
Updated:
2020-10-10

ID:
CVE-2009-2861
Title:
The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-2861
SFBID36145
Severity:
Critical
Description:
The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664.
Applies to:
Cisco Aironet Ap1100
Cisco Aironet Ap1200
Created:
2009-08-27
Updated:
2020-10-10

ID:
CVE-2009-2050
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466.
Type:
Hardware
Bulletins:
CVE-2009-2050
SFBID36152
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2020-10-10

ID:
CVE-2009-2054
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and...
Type:
Hardware
Bulletins:
CVE-2009-2054
SFBID36152
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2020-10-10

ID:
CVE-2009-2053
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP...
Type:
Hardware
Bulletins:
CVE-2009-2053
SFBID36152
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2020-10-10

ID:
CVE-2009-2052
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote...
Type:
Hardware
Bulletins:
CVE-2009-2052
SFBID36152
Severity:
Critical
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote attackers to cause a denial of service (TCP services outage) via a large number of TCP connections, related to "tracking of network connections," aka Bug IDs CSCsq22534 and CSCsw52371.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2020-10-10

ID:
CVE-2009-2051
Title:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote...
Type:
Hardware
Bulletins:
CVE-2009-2051
SFBID36152
Severity:
Critical
Description:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2020-10-10

ID:
CVE-2009-2976
Title:
Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by...
Type:
Hardware
Bulletins:
CVE-2009-2976
Severity:
Critical
Description:
Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network.
Applies to:
Cisco Aironet Ap1100
Cisco Aironet Ap1200
Created:
2009-08-27
Updated:
2020-10-10

ID:
CVE-2009-2056
Title:
Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.
Type:
Hardware
Bulletins:
CVE-2009-2056
Severity:
Low
Description:
Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.
Applies to:
Created:
2009-08-21
Updated:
2020-10-10

ID:
CVE-2009-1154
Title:
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.
Type:
Hardware
Bulletins:
CVE-2009-1154
Severity:
Low
Description:
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.
Applies to:
Created:
2009-08-21
Updated:
2020-10-10

ID:
CVE-2009-2055
Title:
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
Type:
Hardware
Bulletins:
CVE-2009-2055
Severity:
Moderate
Description:
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
Applies to:
Created:
2009-08-19
Updated:
2020-10-10

ID:
CVE-2009-2199
Title:
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and...
Type:
Mobile Devices
Bulletins:
CVE-2009-2199
SFBID36026
Severity:
Moderate
Description:
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.
Applies to:
Created:
2009-08-12
Updated:
2020-10-10

ID:
CVE-2009-2204
Title:
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory...
Type:
Mobile Devices
Bulletins:
CVE-2009-2204
SFBID35569
Severity:
Critical
Description:
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore.
Applies to:
Created:
2009-08-03
Updated:
2020-10-10

ID:
CVE-2009-2656
Title:
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and...
Type:
Mobile Devices
Bulletins:
CVE-2009-2656
SFBID35886
Severity:
Moderate
Description:
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.
Applies to:
Created:
2009-08-03
Updated:
2020-10-10

ID:
CVE-2009-1168
Title:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through...
Type:
Hardware
Bulletins:
CVE-2009-1168
SFBID35862
Severity:
Critical
Description:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021.
Applies to:
Created:
2009-07-30
Updated:
2020-10-10

ID:
CVE-2009-2049
Title:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t...
Type:
Hardware
Bulletins:
CVE-2009-2049
SFBID35860
Severity:
Moderate
Description:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973.
Applies to:
Created:
2009-07-30
Updated:
2020-10-10

ID:
CVE-2009-1167
Title:
Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules...
Type:
Hardware
Bulletins:
CVE-2009-1167
Severity:
Critical
Description:
Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672.
Applies to:
Cisco Catalyst 3750G
Cisco WLC 2000
Cisco WLC 2100
Cisco WLC 4100
Created:
2009-07-29
Updated:
2020-10-10

ID:
CVE-2009-1166
Title:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services...
Type:
Hardware
Bulletins:
CVE-2009-1166
Severity:
Critical
Description:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708.
Applies to:
Cisco Catalyst 3750G
Created:
2009-07-29
Updated:
2020-10-10

ID:
CVE-2009-1164
Title:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services...
Type:
Hardware
Bulletins:
CVE-2009-1164
Severity:
Critical
Description:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a malformed response to a (1) HTTP or (2) HTTPS authentication request, aka Bug ID CSCsx03715.
Applies to:
Cisco Catalyst 3750G
Cisco WLC 2000
Cisco WLC 2100
Cisco WLC 4100
Created:
2009-07-29
Updated:
2020-10-10

ID:
CVE-2009-1165
Title:
Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless...
Type:
Hardware
Bulletins:
CVE-2009-1165
SFBID35817
Severity:
Critical
Description:
Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789.
Applies to:
Cisco Catalyst 3750G
Cisco WLC 2000
Cisco WLC 2100
Cisco WLC 4100
Created:
2009-07-29
Updated:
2020-10-10

ID:
CVE-2009-2348
Title:
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and...
Type:
Mobile Devices
Bulletins:
CVE-2009-2348
SFBID35717
Severity:
Moderate
Description:
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone.
Applies to:
Created:
2009-07-17
Updated:
2020-10-10

ID:
CVE-2009-1725
Title:
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle...
Type:
Mobile Devices
Bulletins:
CVE-2009-1725
SFBID35607
Severity:
Critical
Description:
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Applies to:
Created:
2009-07-09
Updated:
2020-10-10

ID:
CVE-2009-1724
Title:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or...
Type:
Mobile Devices
Bulletins:
CVE-2009-1724
SFBID35441
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.
Applies to:
Created:
2009-07-09
Updated:
2020-10-10

ID:
CVE-2009-1203
Title:
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it...
Type:
Hardware
Bulletins:
CVE-2009-1203
SFBID35475
Severity:
Moderate
Description:
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709.
Applies to:
Created:
2009-06-25
Updated:
2020-10-10

ID:
CVE-2009-1202
Title:
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS)...
Type:
Hardware
Bulletins:
CVE-2009-1202
SFBID35480
Severity:
Moderate
Description:
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705.
Applies to:
Created:
2009-06-25
Updated:
2020-10-10

ID:
CVE-2009-1201
Title:
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct...
Type:
Hardware
Bulletins:
CVE-2009-1201
SFBID35476
Severity:
Moderate
Description:
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.
Applies to:
Created:
2009-06-25
Updated:
2020-10-10

ID:
CVE-2009-1692
Title:
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via...
Type:
Mobile Devices
Bulletins:
CVE-2009-1692
SFBID35414
Severity:
Critical
Description:
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-1683
Title:
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an...
Type:
Mobile Devices
Bulletins:
CVE-2009-1683
SFBID35414
Severity:
Critical
Description:
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue."
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-1679
Title:
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password...
Type:
Mobile Devices
Bulletins:
CVE-2009-1679
SFBID35414
Severity:
Low
Description:
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy.
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-0959
Title:
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input...
Type:
Mobile Devices
Bulletins:
CVE-2009-0959
SFBID35414
Severity:
Critical
Description:
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue."
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-0960
Title:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device...
Type:
Mobile Devices
Bulletins:
CVE-2009-0960
SFBID35414
Severity:
Moderate
Description:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an e-mail is read via an HTML email containing an image URL.
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-0961
Title:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a...
Type:
Mobile Devices
Bulletins:
CVE-2009-0961
SFBID35414
Severity:
Moderate
Description:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-1680
Title:
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to...
Type:
Mobile Devices
Bulletins:
CVE-2009-1680
SFBID35414
Severity:
Low
Description:
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-0958
Title:
Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in...
Type:
Mobile Devices
Bulletins:
CVE-2009-0958
SFBID35414
Severity:
Moderate
Description:
Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials.
Applies to:
Created:
2009-06-19
Updated:
2020-10-10

ID:
CVE-2009-1698
Title:
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical...
Type:
Mobile Devices
Bulletins:
CVE-2009-1698
SFBID35260
Severity:
Critical
Description:
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Applies to:
Created:
2009-06-10
Updated:
2020-10-10

ID:
CVE-2009-1690
Title:
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to...
Type:
Mobile Devices
Bulletins:
CVE-2009-1690
SFBID35260
Severity:
Critical
Description:
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
Applies to:
Created:
2009-06-10
Updated:
2020-10-10

ID:
CVE-2009-1701
Title:
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or...
Type:
Mobile Devices
Bulletins:
CVE-2009-1701
SFBID35260
Severity:
Critical
Description:
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.
Applies to:
Created:
2009-06-10
Updated:
2020-10-10

ID:
CVE-2009-1700
Title:
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from...
Type:
Mobile Devices
Bulletins:
CVE-2009-1700
SFBID35260
Severity:
Moderate
Description:
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document.
Applies to:
Created:
2009-06-10
Updated:
2020-10-10

ID:
CVE-2009-1699
Title:
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read...
Type:
Mobile Devices
Bulletins:
CVE-2009-1699
SFBID35260
Severity:
Critical
Description:
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."
Applies to:
Created:
2009-06-10
Updated:
2020-10-10

ID:
CVE-2009-1702
Title:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors...
Type:
Mobile Devices
Bulletins:
CVE-2009-1702
SFBID35260
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects.
Applies to:
Created:
2009-06-10
Updated:
2020-10-10

ID:
CVE-2009-1754
Title:
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an...
Type:
Mobile Devices
Bulletins:
CVE-2009-1754
SFBID35090
Severity:
Moderate
Description:
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application.
Applies to:
Created:
2009-05-26
Updated:
2020-10-10

ID:
CVE-2009-1561
Title:
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator...
Type:
Hardware
Bulletins:
CVE-2009-1561
SFBID34616
Severity:
Moderate
Description:
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters.
Applies to:
wrt54gc
Created:
2009-05-06
Updated:
2020-10-10

ID:
MITRE:6001
Title:
oval:org.mitre.oval:def:6001: Apple iTunes Denial of Service Vulnerability
Type:
Software
Bulletins:
MITRE:6001
CVE-2009-0016
Severity:
Moderate
Description:
Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.
Applies to:
Apple iTunes
Created:
2009-05-04
Updated:
2020-10-10

ID:
MITRE:5868
Title:
oval:org.mitre.oval:def:5868: Microsoft Malformed BMP Filter Vulnerability
Type:
Software
Bulletins:
MITRE:5868
CVE-2008-3020
Severity:
Critical
Description:
Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."
Applies to:
Microsoft Office 2000
Microsoft Office Converter Pack
Microsoft Office Project 2002
Microsoft Office XP
Microsoft Works
Created:
2009-05-04
Updated:
2020-10-10

ID:
MITRE:5336
Title:
oval:org.mitre.oval:def:5336: Apple iTunes Information Disclosure Vulnerability
Type:
Software
Bulletins:
MITRE:5336
CVE-2009-0143
Severity:
Moderate
Description:
Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast.
Applies to:
Apple iTunes
Created:
2009-05-04
Updated:
2020-10-10

ID:
CVE-2009-1156
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload)...
Type:
Hardware
Bulletins:
CVE-2009-1156
SFBID34429
Severity:
Moderate
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
Applies to:
Created:
2009-04-09
Updated:
2020-10-10

ID:
CVE-2009-1158
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote...
Type:
Hardware
Bulletins:
CVE-2009-1158
SFBID34429
Severity:
Critical
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet.
Applies to:
Created:
2009-04-09
Updated:
2020-10-10

ID:
CVE-2009-1159
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a...
Type:
Hardware
Bulletins:
CVE-2009-1159
SFBID34429
Severity:
Critical
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets.
Applies to:
Created:
2009-04-09
Updated:
2020-10-10

ID:
CVE-2009-1157
Title:
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-1157
SFBID34429
Severity:
Critical
Description:
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet.
Applies to:
Created:
2009-04-09
Updated:
2020-10-10

ID:
CVE-2009-1155
Title:
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field,...
Type:
Hardware
Bulletins:
CVE-2009-1155
SFBID34429
Severity:
Critical
Description:
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
Applies to:
Created:
2009-04-09
Updated:
2020-10-10

ID:
CVE-2009-1160
Title:
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote...
Type:
Hardware
Bulletins:
CVE-2009-1160
SFBID34429
Severity:
Moderate
Description:
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
Applies to:
Created:
2009-04-09
Updated:
2020-10-10

ID:
CVE-2008-6576
Title:
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion...
Type:
Hardware
Bulletins:
CVE-2008-6576
SFBID28691
Severity:
Critical
Description:
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions.
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2020-10-10

ID:
CVE-2008-6577
Title:
Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.
Type:
Hardware
Bulletins:
CVE-2008-6577
SFBID28691
Severity:
Critical
Description:
Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2020-10-10

ID:
CVE-2008-6579
Title:
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators."
Type:
Hardware
Bulletins:
CVE-2008-6579
SFBID28691
Severity:
Moderate
Description:
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators."
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2020-10-10

ID:
CVE-2008-6578
Title:
Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2008-6578
SFBID28691
Severity:
Critical
Description:
Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2020-10-10

ID:
CVE-2009-0636
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.
Type:
Hardware
Bulletins:
CVE-2009-0636
SFBID34243
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0631
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol...
Type:
Hardware
Bulletins:
CVE-2009-0631
SFBID34245
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0626
Title:
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
Type:
Hardware
Bulletins:
CVE-2009-0626
SFBID34239
Severity:
Critical
Description:
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0637
Title:
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite...
Type:
Hardware
Bulletins:
CVE-2009-0637
SFBID34247
Severity:
Critical
Description:
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0630
Title:
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission...
Type:
Hardware
Bulletins:
CVE-2009-0630
SFBID34242
Severity:
Critical
Description:
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0629
Title:
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging...
Type:
Hardware
Bulletins:
CVE-2009-0629
SFBID34238
Severity:
Moderate
Description:
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0634
Title:
Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge...
Type:
Hardware
Bulletins:
CVE-2009-0634
SFBID34241
Severity:
Critical
Description:
Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0633
Title:
Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6...
Type:
Hardware
Bulletins:
CVE-2009-0633
SFBID34241
Severity:
Critical
Description:
Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0628
Title:
Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control...
Type:
Hardware
Bulletins:
CVE-2009-0628
SFBID34239
Severity:
Critical
Description:
Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0635
Title:
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a...
Type:
Hardware
Bulletins:
CVE-2009-0635
SFBID34246
Severity:
Critical
Description:
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets.
Applies to:
Created:
2009-03-27
Updated:
2020-10-10

ID:
CVE-2009-0632
Title:
The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2)...
Type:
Hardware
Bulletins:
CVE-2009-0632
SFBID34082
Severity:
Critical
Description:
The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x.
Applies to:
Unified Communications Manager
Created:
2009-03-12
Updated:
2020-10-10

ID:
CVE-2009-0624
Title:
Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote...
Type:
Hardware
Bulletins:
CVE-2009-0624
SFBID33900
Severity:
Moderate
Description:
Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2020-10-10

ID:
CVE-2009-0623
Title:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-0623
SFBID33900
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2020-10-10

ID:
CVE-2009-0622
Title:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute...
Type:
Hardware
Bulletins:
CVE-2009-0622
SFBID33900
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI).
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2020-10-10

ID:
CVE-2009-0625
Title:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-0625
SFBID33900
Severity:
Critical
Description:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2020-10-10

ID:
CVE-2009-0742
Title:
The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers...
Type:
Hardware
Bulletins:
CVE-2009-0742
Severity:
Critical
Description:
The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2020-10-10

ID:
CVE-2009-0621
Title:
Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform...
Type:
Hardware
Bulletins:
CVE-2009-0621
SFBID33900
Severity:
Critical
Description:
Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2020-10-10

ID:
CVE-2008-6096
Title:
Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet...
Type:
Hardware
Bulletins:
CVE-2008-6096
SFBID31528
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page.
Applies to:
Created:
2009-02-09
Updated:
2020-10-10

ID:
CVE-2009-0470
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different...
Type:
Hardware
Bulletins:
CVE-2009-0470
SFBID33625
Severity:
Moderate
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821.
Applies to:
Created:
2009-02-06
Updated:
2020-10-10

ID:
CVE-2009-0471
Title:
Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request.
Type:
Hardware
Bulletins:
CVE-2009-0471
Severity:
Moderate
Description:
Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request.
Applies to:
Created:
2009-02-06
Updated:
2020-10-10

ID:
CVE-2009-0061
Title:
Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before...
Type:
Hardware
Bulletins:
CVE-2009-0061
SFBID33608
Severity:
Critical
Description:
Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets.
Applies to:
Cisco WLC 4400
Created:
2009-02-04
Updated:
2020-10-10

ID:
CVE-2009-0062
Title:
Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain...
Type:
Hardware
Bulletins:
CVE-2009-0062
SFBID33608
Severity:
Critical
Description:
Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.
Applies to:
Created:
2009-02-04
Updated:
2020-10-10

ID:
CVE-2009-0058
Title:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial...
Type:
Hardware
Bulletins:
CVE-2009-0058
SFBID33608
Severity:
Moderate
Description:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner.
Applies to:
Cisco WLC 4400
Created:
2009-02-04
Updated:
2020-10-10

ID:
CVE-2009-0059
Title:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a...
Type:
Hardware
Bulletins:
CVE-2009-0059
SFBID33608
Severity:
Critical
Description:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html.
Applies to:
Cisco WLC 4400
Created:
2009-02-04
Updated:
2020-10-10

ID:
CVE-2009-0057
Title:
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a...
Type:
Hardware
Bulletins:
CVE-2009-0057
SFBID33379
Severity:
Moderate
Description:
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely."
Applies to:
Unified Communications Manager
Created:
2009-01-22
Updated:
2020-10-10

ID:
CVE-2008-3821
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
Type:
Hardware
Bulletins:
CVE-2008-3821
SFBID33260
Severity:
Moderate
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
Applies to:
Created:
2009-01-16
Updated:
2020-10-10

ID:
CVE-2008-3818
Title:
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
Type:
Hardware
Bulletins:
CVE-2008-3818
SFBID33261
Severity:
Critical
Description:
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
Applies to:
Created:
2009-01-16
Updated:
2020-10-10

ID:
MITRE:6075
Title:
oval:org.mitre.oval:def:6075: HIS Command Execution Vulnerability
Type:
Software
Bulletins:
MITRE:6075
CVE-2008-3466
Severity:
Critical
Description:
Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability."
Applies to:
Microsoft Host Integration Server 2000
Microsoft Host Integration Server 2004
Microsoft Host Integration Server 2004 Client
Microsoft Host Integration Server 2006
Created:
2008-12-08
Updated:
2020-10-10

ID:
CVE-2008-5230
Title:
The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which...
Type:
Hardware
Bulletins:
CVE-2008-5230
SFBID32164
Severity:
Moderate
Description:
The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-4230
Title:
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain...
Type:
Mobile Devices
Bulletins:
CVE-2008-4230
SFBID32394
Severity:
Low
Description:
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a duplicate of CVE-2008-4593.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-4228
Title:
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an...
Type:
Mobile Devices
Bulletins:
CVE-2008-4228
SFBID32394
Severity:
Low
Description:
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-4232
Title:
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a...
Type:
Mobile Devices
Bulletins:
CVE-2008-4232
SFBID32394
Severity:
Moderate
Description:
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-4231
Title:
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory...
Type:
Mobile Devices
Bulletins:
CVE-2008-4231
SFBID32394
Severity:
Critical
Description:
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-4233
Title:
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone...
Type:
Mobile Devices
Bulletins:
CVE-2008-4233
SFBID32394
Severity:
Low
Description:
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-4229
Title:
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the...
Type:
Mobile Devices
Bulletins:
CVE-2008-4229
SFBID32394
Severity:
Low
Description:
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-1586
Title:
ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image.
Type:
Mobile Devices
Bulletins:
CVE-2008-1586
SFBID32394
Severity:
Critical
Description:
ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
CVE-2008-4227
Title:
Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain...
Type:
Mobile Devices
Bulletins:
CVE-2008-4227
SFBID32394
Severity:
Critical
Description:
Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic.
Applies to:
Created:
2008-11-25
Updated:
2020-10-10

ID:
REF000667
Title:
USB devices installed over time
Type:
Information
Bulletins: Severity:
Information
Description:
This check generates a list of all USB devices that have been connected to the scanned computer.
Applies to:
Created:
2008-11-17
Updated:
2010-08-21

ID:
CVE-2008-4963
Title:
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP...
Type:
Hardware
Bulletins:
CVE-2008-4963
SFBID32120
Severity:
Critical
Description:
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port.
Applies to:
Created:
2008-11-06
Updated:
2020-10-10

ID:
CVE-2008-4918
Title:
Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that...
Type:
Hardware
Bulletins:
CVE-2008-4918
SFBID31998
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking."
Applies to:
Created:
2008-11-04
Updated:
2020-10-10

ID:
MITRE:6035
Title:
oval:org.mitre.oval:def:6035: Apple iTunes Local Privilege Escalation Vulnerability
Type:
Software
Bulletins:
MITRE:6035
CVE-2008-3636
Severity:
Critical
Description:
Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server 2003, and Vista allows context-dependent attackers to gain privileges. NOTE: this issue was originally reported for GEARAspiWDM.sys 2.0.7.5 in Gear Software CD DVD Filter driver before 4.001.7, as used in other products including Apple iTunes and multiple Symantec and Norton products, which allows local users to gain privileges via repeated IoAttachDevice IOCTL calls to \\.\GEARAspiWDMDevice in this GEARAspiWDM.sys. However, the root cause is the integer overflow in the API call itself.
Applies to:
Apple iTunes
Created:
2008-11-03
Updated:
2020-10-10

ID:
CVE-2008-3816
Title:
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
Type:
Hardware
Bulletins:
CVE-2008-3816
SFBID31863
Severity:
Critical
Description:
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
Applies to:
Cisco ASA 5500 Adaptive Security Appliance
Cisco PIX 500 Firewall Series
Created:
2008-10-23
Updated:
2020-10-10

ID:
CVE-2008-3815
Title:
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using...
Type:
Hardware
Bulletins:
CVE-2008-3815
SFBID31864
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
Applies to:
Created:
2008-10-23
Updated:
2020-10-10

ID:
CVE-2008-3817
Title:
Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets,...
Type:
Hardware
Bulletins:
CVE-2008-3817
SFBID31865
Severity:
Critical
Description:
Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator."
Applies to:
Cisco ASA 5500 Adaptive Security Appliance
Cisco PIX 500 Firewall Series
Created:
2008-10-23
Updated:
2020-10-10

ID:
CVE-2008-4609
Title:
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple...
Type:
Hardware
Bulletins:
CVE-2008-4609
Severity:
Critical
Description:
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Applies to:
Created:
2008-10-20
Updated:
2020-10-10

ID:
CVE-2008-4594
Title:
Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote.
Type:
Hardware
Bulletins:
CVE-2008-4594
Severity:
Critical
Description:
Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote.
Applies to:
wap400n
Created:
2008-10-17
Updated:
2020-10-10

ID:
CVE-2008-4441
Title:
The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2008-4441
SFBID31742
Severity:
Critical
Description:
The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197.
Applies to:
wap400n
Created:
2008-10-14
Updated:
2020-10-10

ID:
CVE-2008-4211
Title:
Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service...
Type:
Mobile Devices
Bulletins:
CVE-2008-4211
SFBID31681
Severity:
Critical
Description:
Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns."
Applies to:
Created:
2008-10-10
Updated:
2020-10-10

ID:
MITRE:5995
Title:
oval:org.mitre.oval:def:5995: Windows Messenger Information Disclosure Vulnerability
Type:
Software
Bulletins:
MITRE:5995
CVE-2008-0082
Severity:
Critical
Description:
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors.
Applies to:
MSN Messenger 4.7
MSN Messenger 5.1
Created:
2008-10-06
Updated:
2020-10-10

ID:
CVE-2008-4383
Title:
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01,...
Type:
Hardware
Bulletins:
CVE-2008-4383
SFBID30652
Severity:
Critical
Description:
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.
Applies to:
Created:
2008-10-03
Updated:
2020-10-10

ID:
CVE-2008-4296
Title:
The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
Type:
Hardware
Bulletins:
CVE-2008-4296
Severity:
Critical
Description:
The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
Applies to:
wrt350n
Created:
2008-09-27
Updated:
2020-10-10

ID:
CVE-2008-3802
Title:
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka...
Type:
Hardware
Bulletins:
CVE-2008-3802
Severity:
Critical
Description:
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3800
Title:
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service...
Type:
Hardware
Bulletins:
CVE-2008-3800
SFBID31367
Severity:
Critical
Description:
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3801
Title:
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service...
Type:
Hardware
Bulletins:
CVE-2008-3801
SFBID31367
Severity:
Critical
Description:
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3804
Title:
Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software...
Type:
Hardware
Bulletins:
CVE-2008-3804
Severity:
Critical
Description:
Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3813
Title:
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
Type:
Hardware
Bulletins:
CVE-2008-3813
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3808
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
Type:
Hardware
Bulletins:
CVE-2008-3808
SFBID31356
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-2739
Title:
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a...
Type:
Hardware
Bulletins:
CVE-2008-2739
Severity:
Critical
Description:
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3799
Title:
Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP...
Type:
Hardware
Bulletins:
CVE-2008-3799
Severity:
Critical
Description:
Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3812
Title:
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
Type:
Hardware
Bulletins:
CVE-2008-3812
SFBID31354
Severity:
Critical
Description:
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3798
Title:
Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
Type:
Hardware
Bulletins:
CVE-2008-3798
Severity:
Critical
Description:
Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3810
Title:
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than...
Type:
Hardware
Bulletins:
CVE-2008-3810
SFBID31359
Severity:
Critical
Description:
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3811
Title:
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different...
Type:
Hardware
Bulletins:
CVE-2008-3811
SFBID31359
Severity:
Critical
Description:
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3807
Title:
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this...
Type:
Hardware
Bulletins:
CVE-2008-3807
Severity:
Critical
Description:
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3809
Title:
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
Type:
Hardware
Bulletins:
CVE-2008-3809
SFBID31356
Severity:
Critical
Description:
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3805
Title:
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2008-3805
Severity:
Critical
Description:
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3806
Title:
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2008-3806
Severity:
Critical
Description:
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
CVE-2008-3803
Title:
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from...
Type:
Hardware
Bulletins:
CVE-2008-3803
SFBID31366
Severity:
Moderate
Description:
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.
Applies to:
Created:
2008-09-26
Updated:
2020-10-10

ID:
MITRE:6122
Title:
oval:org.mitre.oval:def:6122: Microsoft Malformed EPS Filter Vulnerability
Type:
Software
Bulletins:
MITRE:6122
CVE-2008-3019
Severity:
Critical
Description:
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability."
Applies to:
Microsoft Office 2000
Microsoft Office 2003
Microsoft Office Converter Pack
Microsoft Office Project 2002
Microsoft Office XP
Microsoft Works
Created:
2008-09-22
Updated:
2020-10-10

ID:
MITRE:6019
Title:
oval:org.mitre.oval:def:6019: Microsoft Office WPG Image File Heap Corruption Vulnerability
Type:
Software
Bulletins:
MITRE:6019
CVE-2008-3460
Severity:
Critical
Description:
WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability."
Applies to:
Microsoft Office 2000
Microsoft Office 2003
Microsoft Office Converter Pack
Microsoft Office Project 2002
Microsoft Office XP
Microsoft Works
Created:
2008-09-22
Updated:
2020-10-10

ID:
MITRE:5997
Title:
oval:org.mitre.oval:def:5997: Microsoft PICT Filter Parsing Vulnerability
Type:
Software
Bulletins:
MITRE:5997
CVE-2008-3021
Severity:
Critical
Description:
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a different vulnerability than CVE-2008-3018.
Applies to:
Microsoft Office 2000
Microsoft Office 2003
Microsoft Office Converter Pack
Microsoft Office Project 2002
Microsoft Office XP
Microsoft Works 8
Created:
2008-09-22
Updated:
2020-10-10

ID:
MITRE:5879
Title:
oval:org.mitre.oval:def:5879: Microsoft Malformed PICT Filter Vulnerability
Type:
Software
Bulletins:
MITRE:5879
CVE-2008-3018
Severity:
Critical
Description:
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021.
Applies to:
Microsoft Office 2000
Microsoft Office 2003
Microsoft Office Converter Pack
Microsoft Office Project 2002
Microsoft Office XP
Microsoft Works
Created:
2008-09-22
Updated:
2020-10-10

ID:
CVE-2008-4133
Title:
The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.
Type:
Hardware
Bulletins:
CVE-2008-4133
SFBID31050
Severity:
Moderate
Description:
The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.
Applies to:
DIR-100
Created:
2008-09-19
Updated:
2020-10-10

ID:
CVE-2008-4128
Title:
Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command...
Type:
Hardware
Bulletins:
CVE-2008-4128
SFBID31218
Severity:
Critical
Description:
Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information.
Applies to:
Created:
2008-09-18
Updated:
2020-10-10

ID:
CVE-2008-1197
Title:
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a...
Type:
Hardware
Bulletins:
CVE-2008-1197
SFBID30976
Severity:
Moderate
Description:
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."
Applies to:
WPN802 Access Point
Created:
2008-09-05
Updated:
2020-10-10

ID:
CVE-2008-1144
Title:
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or...
Type:
Hardware
Bulletins:
CVE-2008-1144
SFBID31013
Severity:
Moderate
Description:
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length."
Applies to:
WPN802 Access Point
Created:
2008-09-05
Updated:
2020-10-10

ID:
CVE-2007-5474
Title:
The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users...
Type:
Hardware
Bulletins:
CVE-2007-5474
SFBID31012
Severity:
Moderate
Description:
The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long.
Applies to:
wrt350n
Created:
2008-09-05
Updated:
2020-10-10

ID:
CVE-2008-2736
Title:
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown...
Type:
Hardware
Bulletins:
CVE-2008-2736
SFBID30998
Severity:
Critical
Description:
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636.
Applies to:
Created:
2008-09-04
Updated:
2020-10-10

ID:
CVE-2008-2735
Title:
The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2008-2735
SFBID30998
Severity:
Critical
Description:
The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of service (device reload) via a URI in a crafted SSL or HTTP packet, aka Bug ID CSCsq19369.
Applies to:
Created:
2008-09-04
Updated:
2020-10-10

ID:
CVE-2008-2732
Title:
Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow...
Type:
Hardware
Bulletins:
CVE-2008-2732
SFBID30998
Severity:
Critical
Description:
Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315.
Applies to:
Created:
2008-09-04
Updated:
2020-10-10

ID:
CVE-2008-2734
Title:
Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a...
Type:
Hardware
Bulletins:
CVE-2008-2734
SFBID30998
Severity:
Critical
Description:
Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a denial of service (memory consumption and VPN hang) via a crafted SSL or HTTP packet, aka Bug ID CSCso66472.
Applies to:
Created:
2008-09-04
Updated:
2020-10-10

ID:
CVE-2008-2733
Title:
Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote...
Type:
Hardware
Bulletins:
CVE-2008-2733
SFBID30998
Severity:
Critical
Description:
Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942.
Applies to:
Created:
2008-09-04
Updated:
2020-10-10

ID:
CVE-2008-2062
Title:
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information...
Type:
Hardware
Bulletins:
CVE-2008-2062
SFBID29935
Severity:
Moderate
Description:
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.
Applies to:
Unified Communications Manager
Created:
2008-06-26
Updated:
2020-10-10

ID:
CVE-2008-2730
Title:
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and...
Type:
Hardware
Bulletins:
CVE-2008-2730
SFBID29935
Severity:
Moderate
Description:
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843.
Applies to:
Unified Communications Manager
Created:
2008-06-26
Updated:
2020-10-10

ID:
CVE-2008-2061
Title:
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP...
Type:
Hardware
Bulletins:
CVE-2008-2061
SFBID29933
Severity:
Critical
Description:
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
Applies to:
Unified Communications Manager
Created:
2008-06-26
Updated:
2020-10-10

ID:
MITRE:5578
Title:
oval:org.mitre.oval:def:5578: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
Type:
Services
Bulletins:
MITRE:5578
CVE-2007-6026
Severity:
Critical
Description:
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
Applies to:
Microsoft Jet 4.0 Database Engine
Created:
2008-06-23
Updated:
2020-10-10

ID:
CVE-2008-2636
Title:
The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many...
Type:
Hardware
Bulletins:
CVE-2008-2636
Severity:
Critical
Description:
The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many instances of a "front_page" sequence, and ends with a ".asp" sequence.
Applies to:
wrh54g
Created:
2008-06-09
Updated:
2020-10-10

ID:
CVE-2008-2057
Title:
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a...
Type:
Hardware
Bulletins:
CVE-2008-2057
Severity:
Moderate
Description:
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.
Applies to:
Cisco PIX 500 Firewall Series
Created:
2008-06-04
Updated:
2020-10-10

ID:
CVE-2008-2056
Title:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the...
Type:
Hardware
Bulletins:
CVE-2008-2056
Severity:
Critical
Description:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.
Applies to:
Cisco PIX 500 Firewall Series
Created:
2008-06-04
Updated:
2020-10-10

ID:
CVE-2008-2059
Title:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2008-2059
Severity:
Critical
Description:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors.
Applies to:
Cisco PIX 500 Firewall Series
Created:
2008-06-04
Updated:
2020-10-10

ID:
CVE-2008-2058
Title:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.
Type:
Hardware
Bulletins:
CVE-2008-2058
Severity:
Critical
Description:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.
Applies to:
Cisco PIX 500 Firewall Series
Created:
2008-06-04
Updated:
2020-10-10

ID:
CVE-2008-2055
Title:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.
Type:
Hardware
Bulletins:
CVE-2008-2055
Severity:
Critical
Description:
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.
Applies to:
Cisco PIX 500 Firewall Series
Created:
2008-06-04
Updated:
2020-10-10

ID:
CVE-2008-1159
Title:
Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293.
Type:
Hardware
Bulletins:
CVE-2008-1159
SFBID29314
Severity:
Critical
Description:
Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293.
Applies to:
Created:
2008-05-22
Updated:
2020-10-10

ID:
CVE-2008-1747
Title:
Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via...
Type:
Hardware
Bulletins:
CVE-2008-1747
SFBID29221
Severity:
Critical
Description:
Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944.
Applies to:
Unified Communications Manager
Created:
2008-05-16
Updated:
2020-10-10

ID:
CVE-2008-1746
Title:
The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and...
Type:
Hardware
Bulletins:
CVE-2008-1746
SFBID29221
Severity:
Critical
Description:
The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113.
Applies to:
Unified Communications Manager
Created:
2008-05-16
Updated:
2020-10-10

ID:
CVE-2008-1744
Title:
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via...
Type:
Hardware
Bulletins:
CVE-2008-1744
SFBID29221
Severity:
Critical
Description:
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2008-05-16
Updated:
2020-10-10

ID:
CVE-2008-1743
Title:
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service...
Type:
Hardware
Bulletins:
CVE-2008-1743
SFBID29221
Severity:
Critical
Description:
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433.
Applies to:
Unified Communications Manager
Created:
2008-05-16
Updated:
2020-10-10

ID:
CVE-2008-1742
Title:
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of...
Type:
Hardware
Bulletins:
CVE-2008-1742
SFBID29221
Severity:
Critical
Description:
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609.
Applies to:
Unified Communications Manager
Created:
2008-05-16
Updated:
2020-10-10

ID:
CVE-2008-1748
Title:
Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service...
Type:
Hardware
Bulletins:
CVE-2008-1748
SFBID29221
Severity:
Critical
Description:
Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.
Applies to:
Unified Communications Manager
Created:
2008-05-16
Updated:
2020-10-10

ID:
CVE-2008-1745
Title:
Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115.
Type:
Hardware
Bulletins:
CVE-2008-1745
SFBID29221
Severity:
Critical
Description:
Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115.
Applies to:
Unified Communications Manager
Created:
2008-05-16
Updated:
2020-10-10

ID:
CVE-2008-1154
Title:
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not...
Type:
Hardware
Bulletins:
CVE-2008-1154
SFBID28591
Severity:
Critical
Description:
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.
Applies to:
Unified Communications Manager
Created:
2008-04-04
Updated:
2020-10-10

ID:
CVE-2008-1156
Title:
Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree...
Type:
Hardware
Bulletins:
CVE-2008-1156
SFBID28464
Severity:
Moderate
Description:
Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message.
Applies to:
Created:
2008-03-27
Updated:
2020-10-10

ID:
CVE-2008-1150
Title:
The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB)...
Type:
Hardware
Bulletins:
CVE-2008-1150
SFBID28460
Severity:
Critical
Description:
The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309.
Applies to:
Created:
2008-03-27
Updated:
2020-10-10

ID:
CVE-2008-1152
Title:
The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.
Type:
Hardware
Bulletins:
CVE-2008-1152
SFBID28465
Severity:
Critical
Description:
The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.
Applies to:
Created:
2008-03-27
Updated:
2020-10-10

ID:
CVE-2008-1151
Title:
Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated...
Type:
Hardware
Bulletins:
CVE-2008-1151
SFBID28460
Severity:
Critical
Description:
Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566.
Applies to:
Created:
2008-03-27
Updated:
2020-10-10

ID:
CVE-2008-1153
Title:
Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device.
Type:
Hardware
Bulletins:
CVE-2008-1153
SFBID28461
Severity:
Critical
Description:
Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device.
Applies to:
Created:
2008-03-27
Updated:
2020-10-10

ID:
CVE-2007-6709
Title:
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
Type:
Hardware
Bulletins:
CVE-2007-6709
Severity:
Critical
Description:
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
Applies to:
wag54gs
Created:
2008-03-13
Updated:
2020-10-10

ID:
CVE-2007-6707
Title:
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than...
Type:
Hardware
Bulletins:
CVE-2007-6707
Severity:
Moderate
Description:
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574.
Applies to:
wag54gs
Created:
2008-03-13
Updated:
2020-10-10

ID:
CVE-2007-6708
Title:
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an...
Type:
Hardware
Bulletins:
CVE-2007-6708
Severity:
Moderate
Description:
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi.
Applies to:
wag54gs
Created:
2008-03-13
Updated:
2020-10-10

ID:
CVE-2008-1247
Title:
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2)...
Type:
Hardware
Bulletins:
CVE-2008-1247
SFBID28381
Severity:
Critical
Description:
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202.
Applies to:
wrt54g
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1263
Title:
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
Type:
Hardware
Bulletins:
CVE-2008-1263
Severity:
Moderate
Description:
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
Applies to:
wrt54g
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1264
Title:
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.
Type:
Hardware
Bulletins:
CVE-2008-1264
Severity:
Critical
Description:
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.
Applies to:
wrt54g
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1265
Title:
The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.
Type:
Hardware
Bulletins:
CVE-2008-1265
Severity:
Critical
Description:
The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.
Applies to:
wrt54g
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1268
Title:
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
Type:
Hardware
Bulletins:
CVE-2008-1268
Severity:
Critical
Description:
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
Applies to:
wrt54g 7
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1266
Title:
Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact via (1) a long username or (2) an HTTP header with a large name...
Type:
Hardware
Bulletins:
CVE-2008-1266
SFBID28439
Severity:
Critical
Description:
Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact via (1) a long username or (2) an HTTP header with a large name and an empty value.
Applies to:
DI-524
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1243
Title:
Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.
Type:
Hardware
Bulletins:
CVE-2008-1243
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.
Applies to:
wrt300n
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1258
Title:
Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter.
Type:
Hardware
Bulletins:
CVE-2008-1258
SFBID28439
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter.
Applies to:
DI-604
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-1253
Title:
Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the...
Type:
Hardware
Bulletins:
CVE-2008-1253
SFBID28439
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page.
Applies to:
DSL-G604T
Created:
2008-03-10
Updated:
2020-10-10

ID:
CVE-2008-0026
Title:
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and...
Type:
Hardware
Bulletins:
CVE-2008-0026
SFBID27775
Severity:
Moderate
Description:
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2008-02-14
Updated:
2020-10-10

ID:
MITRE:3622
Title:
oval:org.mitre.oval:def:3622: Windows Media Format Remote Code Execution Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:3622
CVE-2007-0064
Severity:
Critical
Description:
Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
Applies to:
Windows Media Format Runtime 11
Windows Media Format Runtime 7.1
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Created:
2008-02-04
Updated:
2020-10-10

ID:
CVE-2008-0028
Title:
Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2008-0028
SFBID27418
Severity:
Critical
Description:
Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet.
Applies to:
Cisco ASA 5500 Adaptive Security Appliance
Created:
2008-01-23
Updated:
2020-10-10

ID:
REF000657
Title:
IM installed: Yahoo! Messenger
Type:
Software
Bulletins: Severity:
Low
Description:
Yahoo Messenger instant messaging client is installed.
Applies to:
Yahoo Messenger
Created:
2008-01-17
Updated:
2010-08-21

ID:
REF000661
Title:
IM installed: Windows Live Messenger
Type:
Software
Bulletins: Severity:
Low
Description:
Windows Live Messenger instant messaging client is installed.
Applies to:
Windows Live Messenger
Created:
2008-01-17
Updated:
2010-08-21

ID:
REF000658
Title:
IM installed: Trillian
Type:
Software
Bulletins: Severity:
Low
Description:
Trillian instant messaging client is installed.
Applies to:
Trillian
Created:
2008-01-17
Updated:
2010-08-21

ID:
REF000659
Title:
IM installed: Skype
Type:
Software
Bulletins: Severity:
Low
Description:
Skype instant messaging client is installed.
Applies to:
Skype
Created:
2008-01-17
Updated:
2010-08-21

ID:
REF000662
Title:
IM installed: Pidgin
Type:
Software
Bulletins: Severity:
Low
Description:
Pidgin instant messaging client is installed.
Applies to:
Pidgin
Created:
2008-01-17
Updated:
2010-08-21

ID:
REF000656
Title:
IM installed: ICQ
Type:
Software
Bulletins: Severity:
Low
Description:
ICQ instant messaging client is installed.
Applies to:
ICQ
Created:
2008-01-17
Updated:
2010-08-21

ID:
REF000655
Title:
IM installed: Google Talk
Type:
Software
Bulletins: Severity:
Low
Description:
Google Talk instant messaging client is installed.
Applies to:
Google Talk
Created:
2008-01-17
Updated:
2010-08-21

ID:
REF000660
Title:
IM installed: Gizmo
Type:
Software
Bulletins: Severity:
Low
Description:
Gizmo instant messaging client is installed.
Applies to:
Gizmo
Created:
2008-01-17
Updated:
2010-08-21

ID:
CVE-2008-0027
Title:
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows...
Type:
Hardware
Bulletins:
CVE-2008-0027
SFBID27313
Severity:
Critical
Description:
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2008-01-16
Updated:
2020-10-10

ID:
CVE-2007-0588
Title:
SANS07C4:Apple QuickDraw on Mac OSX 10.4.8 and earlier allows remote denial of service
Type:
Software
Bulletins:
CVE-2007-0588
SFBID22228
Severity:
Critical
Description:
The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function.
Applies to:
Apple QuickDraw
Created:
2008-01-11
Updated:
2020-10-10

ID:
CVE-2007-0466
Title:
SANS07C4: Telestream Flip4Mac WMV for Quicktime 2.1.0.33 remote code execution vulnerability
Type:
Software
Bulletins:
CVE-2007-0466
SFBID22286
Severity:
Critical
Description:
Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 allows remote attackers to execute arbitrary code via a crafted ASF_File_Properties_Object size field in a WMV file, which triggers memory corruption.
Applies to:
Telestream Flip4Mac WMV
Created:
2008-01-11
Updated:
2020-10-10

ID:
CVE-2007-0731
Title:
SANS07S3: Samba module in Apple Mac OS X buffer overflow
Type:
Services
Bulletins:
CVE-2007-0731
SFBID22948
Severity:
Critical
Description:
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.3.9 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.
Applies to:
Apple Mac OS X
Created:
2008-01-10
Updated:
2020-10-10

ID:
CVE-2006-6652
Title:
SANS07S3: Buffer overflow in libc used in FTP daemon and tnftpd in Apple Mac OS X
Type:
Services
Bulletins:
CVE-2006-6652
SFBID21377
Severity:
Critical
Description:
Buffer overflow in the glob implementation (glob.c) in libc in Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
Applies to:
FTP
Created:
2008-01-10
Updated:
2020-10-10

ID:
CVE-2007-0776
Title:
SANS07C1: Multiple Vulnerabilities in Mozilla Firefox earlier than 2.0.0.8
Type:
Web
Bulletins:
CVE-2007-0776
CVE-2007-0777
CVE-2007-0779
CVE-2007-0981
CVE-2007-1092
CVE-2007-2292
CVE-2007-2867
CVE-2007-3734
CVE-2007-3735
CVE-2007-3737
CVE-2007-3738
CVE-2007-3845
CVE-2007-4841
CVE-2007-5338
CVE-2006-4565
CVE-2006-4571
CVE-2006-5463
CVE-2006-5747
SFBID26132
SFBID20957
SFBID20042
SFBID25543
SFBID22679
SFBID24946
SFBID24242
SFBID22694
SFBID23668
SFBID22566
SFBID21668
Severity:
Critical
Description:
Multiple vulnerabilities exist in Mozilla Firefox versions earlier than 2.0.0.8. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements.
Applies to:
Mozilla Firefox
Created:
2008-01-10
Updated:
2020-10-10

ID:
CVE-2008-0228
Title:
Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators.
Type:
Hardware
Bulletins:
CVE-2008-0228
Severity:
Critical
Description:
Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators.
Applies to:
wrt54gl
Created:
2008-01-10
Updated:
2020-10-10

ID:
CVE-2006-0994
Title:
SANS07S5: Sophos Anti-Virus products allow remote code execution via crafted CAB
Type:
Software
Bulletins:
CVE-2006-0994
SFBID17876
Severity:
Critical
Description:
Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.
Applies to:
Sophos Anti-Virus
Created:
2008-01-08
Updated:
2020-10-10

ID:
CVE-2006-6335
Title:
SANS07S5: Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40
Type:
Software
Bulletins:
CVE-2006-6335
SFBID21563
Severity:
Critical
Description:
Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll.
Applies to:
Sophos Anti-Virus
Created:
2008-01-08
Updated:
2020-10-10

ID:
CVE-2007-3509
Title:
SANS07S4: Buffer overflow in Symantec/Veritas Backup Exec
Type:
Software
Bulletins:
CVE-2007-3509
SFBID23897
Severity:
Critical
Description:
Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests.
Applies to:
Symantec/Veritas Backup Exec
Created:
2008-01-07
Updated:
2020-10-10

ID:
REF000618
Title:
IM installed: xchat installed
Type:
Software
Bulletins: Severity:
Low
Description:
Xchat instant messaging client installed.
Applies to:
Created:
2008-01-07
Updated:
2010-08-21

ID:
REF000617
Title:
IM installed: konversation installed
Type:
Software
Bulletins: Severity:
Low
Description:
Koversation instant messaging client installed.
Applies to:
Created:
2008-01-07
Updated:
2010-08-21

ID:
CVE-2007-2974
Title:
SANS07S5: Multiple Vulnerabilities in Avira AntiVir
Type:
Software
Bulletins:
CVE-2007-2974
CVE-2007-2973
CVE-2007-2972
CVE-2007-1671
SFBID23823
SFBID24187
SFBID24239
Severity:
Critical
Description:
Multiple vulnerabilities exist in Avira AntiVir antivirus engine prior to 7.04.00.24 and avpack prior to 7.03.00.09.
Applies to:
Avira AntiVir
Created:
2008-01-03
Updated:
2020-10-10

ID:
CVE-2007-3509
Title:
SANS07S4: Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers
Type:
Services
Bulletins:
CVE-2007-3509
SFBID23897
Severity:
Critical
Description:
Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests.
Applies to:
Symantec Backup Exec for Windows Servers
Created:
2008-01-03
Updated:
2020-10-10

ID:
REF000584
Title:
Config pam: no bruteforce protection configured
Type:
Services
Bulletins: Severity:
Low
Description:
No PAM brute-force protection modules detected. Modules pam_abl and pam_al missing.
Applies to:
Created:
2008-01-03
Updated:
2010-08-21

ID:
CVE-2007-2139
Title:
SANS07S4: Multiple unspecified vulnerabilities in mediasvr and caloggerd in CA BrightStor ARCServe Backup
Type:
Services
Bulletins:
CVE-2007-2139
SFBID23635
Severity:
Critical
Description:
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings.
Applies to:
CA BrightStor ARCServe Backup
Created:
2007-12-21
Updated:
2020-10-10

ID:
REF000653
Title:
MP installed: VLC browser plug-in is installed
Type:
Software
Bulletins: Severity:
Low
Description:
VLC Media Plugin for internet browsers is installed.
Applies to:
Created:
2007-12-20
Updated:
2010-08-21

ID:
REF000651
Title:
MP installed: MPlayer browser plug-in is installed
Type:
Software
Bulletins: Severity:
Low
Description:
MPlayer Media Plugin for internet browsers is installed.
Applies to:
Created:
2007-12-20
Updated:
2010-08-21

ID:
REF000652
Title:
MP installed: HelixPlayer browser plug-in is installed
Type:
Software
Bulletins: Severity:
Low
Description:
HelixPlayer Media Plugin for internet browsers is installed.
Applies to:
Created:
2007-12-20
Updated:
2010-08-21

ID:
REF000654
Title:
MP installed: GCJ java browser plug-in is installed
Type:
Software
Bulletins: Severity:
Low
Description:
Java Media Plugin for internet browsers is installed.
Applies to:
Created:
2007-12-20
Updated:
2010-08-21

ID:
REF000650
Title:
MP installed: Flash browser plug-in is installed
Type:
Software
Bulletins: Severity:
Low
Description:
Flash Media Plugin for internet browsers is installed.
Applies to:
Created:
2007-12-20
Updated:
2010-08-21

ID:
CVE-2006-5339
Title:
SANS07S7: Multiple vulnerabilities in Oracle 8.1.7.4
Type:
Services
Bulletins:
CVE-2006-5339
CVE-2006-5340
CVE-2006-5344
CVE-2007-0272
SFBID20588
SFBID22083
Severity:
Critical
Description:
Multiple vulnerabilities exist in Oracle 8.1.7.4, including buffer overflows, and multiple unspecified vulnerabilities.
Applies to:
Oracle Database 8i
Created:
2007-12-17
Updated:
2020-10-10

ID:
CVE-2007-1086
Title:
SANS07S7: Multiple vulnerabilities in IBM DB2
Type:
Services
Bulletins:
CVE-2007-1086
CVE-2007-1087
CVE-2007-1088
CVE-2007-1089
CVE-2007-2582
CVE-2007-5652
SFBID22677
SFBID26010
SFBID23890
SFBID26450
Severity:
Critical
Description:
Multiple vulnerabilities exist in IBM DB2 before version 9.1 FixPack4. These include execution of arbitrary code, creation and modification of arbitrary files, and execution of unauthorized SQL commands.
Applies to:
IBM DB2
Created:
2007-12-17
Updated:
2020-10-10

ID:
CVE-2007-6372
Title:
Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping.
Type:
Hardware
Bulletins:
CVE-2007-6372
SFBID26869
Severity:
Critical
Description:
Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping.
Applies to:
Created:
2007-12-14
Updated:
2020-10-10

ID:
CVE-2006-5332
Title:
SANS07S7: Multiple vulnerabilities in Oracle Database 9i
Type:
Services
Bulletins:
CVE-2006-5332
CVE-2006-5334
CVE-2006-5336
CVE-2006-5339
CVE-2006-5340
CVE-2006-5341
CVE-2006-5342
CVE-2006-5344
CVE-2006-5345
CVE-2007-0272
CVE-2007-2118
CVE-2007-5506
SFBID20588
SFBID22083
SFBID23532
Severity:
Critical
Description:
Multiple vulnerabilities exist in some versions of Oracle Database Server 9i. It is recommended to update to the latest versions or apply the latest patches.
Applies to:
Oracle Database 9i
Created:
2007-12-14
Updated:
2020-10-10

ID:
CVE-2006-5332
Title:
SANS07S7: Multiple vulnerabilities in Oracle Database 10g
Type:
Services
Bulletins:
CVE-2006-5332
CVE-2006-5333
CVE-2006-5334
CVE-2006-5335
CVE-2006-5336
CVE-2006-5339
CVE-2006-5340
CVE-2006-5341
CVE-2006-5342
CVE-2006-5343
CVE-2006-5344
CVE-2006-5345
CVE-2007-0272
CVE-2007-1442
CVE-2007-2113
CVE-2007-5506
SFBID20588
SFBID22083
SFBID23532
SFBID22905
Severity:
Critical
Description:
Multiple vulnerabilities exist in some versions of Oracle Database Server 10g. It is recommended to update to the latest versions or apply the latest patches.
Applies to:
Oracle Database 10g
Created:
2007-12-14
Updated:
2020-10-10

ID:
CVE-2007-1680
Title:
SANS07A1: Stack-based buffer overflow in Yahoo! Messenger before 20070313
Type:
Software
Bulletins:
CVE-2007-1680
SFBID23291
Severity:
Critical
Description:
Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before March 13, 2007, allows remote attackers to execute arbitrary code via long socksHostname and hostname properties.
Applies to:
Created:
2007-12-14
Updated:
2020-10-10

ID:
CVE-2007-2418
Title:
SANS07A1: Multiple buffer overflow vulnerabilities in Trillian earlier than 3.1.7.0
Type:
Software
Bulletins:
CVE-2007-2418
CVE-2007-2478
CVE-2007-3832
CVE-2007-3305
SFBID23781
SFBID23730
SFBID24927
SFBID24523
Severity:
Critical
Description:
Multiple buffer overflow vulnerabilities exist in Cerulean Studios Trillian 3.x before 3.1.7.0, allowing remote attackers to execute arbitrary code.
Applies to:
Cerulean Studios Trillian
Created:
2007-12-14
Updated:
2020-10-10

ID:
CVE-2007-0711
Title:
SANS07C4: Multiple vulnerabilities in Apple Quicktime 7.2 and earlier
Type:
Software
Bulletins:
CVE-2007-0711
CVE-2007-0712
CVE-2007-0714
CVE-2007-2295
CVE-2007-2296
CVE-2007-0754
CVE-2007-2389
CVE-2007-2393
CVE-2007-2394
CVE-2007-5045
CVE-2007-4673
SFBID24873
SFBID22827
SFBID22844
SFBID25913
SFBID23652
SFBID23923
SFBID23650
SFBID24222
Severity:
Critical
Description:
Multiple vulnerabilities exist in Apple Quicktime version 7.2 and earlier. These include possibility of information disclosure and code execution.
Applies to:
Apple QuickTime
Created:
2007-12-11
Updated:
2020-10-10

ID:
CVE-2007-3457
Title:
SANS07C4: Adobe Flash Player 8.0.34.0 and earlier vulnerable to CSRF attack
Type:
Software
Bulletins:
CVE-2007-3457
Severity:
Moderate
Description:
Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which potentially allows remote attackers to conduct a CSRF attack via a crafted SWF file.
Applies to:
Adobe Flash Player
Created:
2007-12-11
Updated:
2020-10-10

ID:
CVE-2007-2497
Title:
SANS07C4: Multiple Vulnerabilities in RealPlayer 10, 10.5 and 11 Beta
Type:
Software
Bulletins:
CVE-2007-2497
CVE-2007-3410
CVE-2007-5601
SFBID23712
SFBID26130
Severity:
Critical
Description:
Multiple vulnerabilities exist in RealPlayer versions 10.0, 10.5 and 11 Beta. These include remote execution of arbitrary code, and denial of service.
Applies to:
RealPlayer
Created:
2007-12-10
Updated:
2020-10-10

ID:
CVE-2007-3752
Title:
SANS07C4: Buffer overflow in Apple iTunes before 7.4
Type:
Software
Bulletins:
CVE-2007-3752
Severity:
Critical
Description:
Buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a music file with crafted album cover art.
Applies to:
Apple iTunes
Created:
2007-12-10
Updated:
2020-10-10

ID:
REF000642
Title:
P2P installed: mldonkey installed
Type:
Software
Bulletins: Severity:
Low
Description:
mlDonkey P2P file sharing client installed.
Applies to:
Created:
2007-12-10
Updated:
2010-08-21

ID:
CVE-2007-0044
Title:
SANS07C1: Multiple vulnerabilities in Adobe Reader earlier than 8.0.0
Type:
Software
Bulletins:
CVE-2007-0044
CVE-2007-0046
CVE-2007-0103
CVE-2007-0045
SFBID21858
SFBID21910
Severity:
Critical
Description:
Multiple vulnerabilities exist in Adobe Reader earlier than 8.0.0, some of which have unknown impact. Known vulnerabilities include denial of service and remote execution of arbitrary code.
Applies to:
Adobe Reader
Created:
2007-12-07
Updated:
2020-10-10

ID:
REF000638
Title:
P2P installed: xmule installed
Type:
Software
Bulletins: Severity:
Low
Description:
xMule P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000636
Title:
P2P installed: transmission installed
Type:
Software
Bulletins: Severity:
Low
Description:
Transmission P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000635
Title:
P2P installed: rtorrent installed
Type:
Software
Bulletins: Severity:
Low
Description:
rTorrent P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000634
Title:
P2P installed: qtella installed
Type:
Software
Bulletins: Severity:
Low
Description:
Qtella P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000643
Title:
P2P installed: napster installed
Type:
Software
Bulletins: Severity:
Low
Description:
Napster P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000646
Title:
P2P installed: nap installed
Type:
Software
Bulletins: Severity:
Low
Description:
Nap P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000640
Title:
P2P installed: mutella installed
Type:
Software
Bulletins: Severity:
Low
Description:
Mutella P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000645
Title:
P2P installed: lopster instaled
Type:
Software
Bulletins: Severity:
Low
Description:
Lopster P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000632
Title:
P2P installed: ktorrent installed
Type:
Software
Bulletins: Severity:
Low
Description:
Ktorrent P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000633
Title:
P2P installed: kommute installed
Type:
Software
Bulletins: Severity:
Low
Description:
Komute P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000641
Title:
P2P installed: knapster installed
Type:
Software
Bulletins: Severity:
Low
Description:
Knapster P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000647
Title:
P2P installed: gtk-gnutella installed
Type:
Software
Bulletins: Severity:
Low
Description:
GTK-Gnutella P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000644
Title:
P2P installed: gnut installed
Type:
Software
Bulletins: Severity:
Low
Description:
Gnut P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000631
Title:
P2P installed: gnunet installed
Type:
Software
Bulletins: Severity:
Low
Description:
GnuNet P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000630
Title:
P2P installed: deluge installed
Type:
Software
Bulletins: Severity:
Low
Description:
Deluge P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000637
Title:
P2P installed: dctc installed
Type:
Software
Bulletins: Severity:
Low
Description:
DCtc P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000629
Title:
P2P installed: ctorrent installed
Type:
Software
Bulletins: Severity:
Low
Description:
cTorrent P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000628
Title:
P2P installed: bittorrent installed
Type:
Software
Bulletins: Severity:
Low
Description:
BitTorrent P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000627
Title:
P2P installed: bittornado installed
Type:
Software
Bulletins: Severity:
Low
Description:
BitTornado P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000649
Title:
P2P installed: bitstormlite installed
Type:
Software
Bulletins: Severity:
Low
Description:
BitStormLite P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000626
Title:
P2P installed: azureus installed
Type:
Software
Bulletins: Severity:
Low
Description:
Azureus P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000639
Title:
P2P installed: apollon installed
Type:
Software
Bulletins: Severity:
Low
Description:
Apollon P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000648
Title:
P2P installed: amule installed
Type:
Software
Bulletins: Severity:
Low
Description:
aMule P2P file sharing client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000624
Title:
IM installed: ytalk installed
Type:
Software
Bulletins: Severity:
Low
Description:
Ytalk instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000621
Title:
IM installed: yahoo messenger installed
Type:
Software
Bulletins: Severity:
Low
Description:
Yahoo Messenger instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000622
Title:
IM installed: trebuchet installed
Type:
Software
Bulletins: Severity:
Low
Description:
Trebuchet instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000623
Title:
IM installed: talk installed
Type:
Software
Bulletins: Severity:
Low
Description:
Talk instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000601
Title:
IM installed: skype installed
Type:
Software
Bulletins: Severity:
Low
Description:
Skype instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000615
Title:
IM installed: sircd installed
Type:
Software
Bulletins: Severity:
Low
Description:
sIRCd instant messaging server installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000614
Title:
IM installed: sim installed
Type:
Software
Bulletins: Severity:
Low
Description:
Sim instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000613
Title:
IM installed: psi installed
Type:
Software
Bulletins: Severity:
Low
Description:
PSI instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000612
Title:
IM installed: pidgin installed
Type:
Software
Bulletins: Severity:
Low
Description:
Pidgin instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000611
Title:
IM installed: micq installed
Type:
Software
Bulletins: Severity:
Low
Description:
mICQ instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000610
Title:
IM installed: lostirc installed
Type:
Software
Bulletins: Severity:
Low
Description:
LostIRC instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000609
Title:
IM installed: licq installed
Type:
Software
Bulletins: Severity:
Low
Description:
LICQ instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000608
Title:
IM installed: kxicq installed
Type:
Software
Bulletins: Severity:
Low
Description:
KxICQ instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000620
Title:
IM installed: kopete installed
Type:
Software
Bulletins: Severity:
Low
Description:
Kopete instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000616
Title:
IM installed: kicq installed
Type:
Software
Bulletins: Severity:
Low
Description:
KICQ instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000607
Title:
IM installed: kadu installed
Type:
Software
Bulletins: Severity:
Low
Description:
Kadu instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000606
Title:
IM installed: jabbin installed
Type:
Software
Bulletins: Severity:
Low
Description:
Jabin instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000605
Title:
IM installed: jabber installed
Type:
Software
Bulletins: Severity:
Low
Description:
Jabber instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000604
Title:
IM installed: gossip installed
Type:
Software
Bulletins: Severity:
Low
Description:
Gossip instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000603
Title:
IM installed: gnu gadu installed
Type:
Software
Bulletins: Severity:
Low
Description:
GNU Gadu instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000619
Title:
IM installed: gaim installed
Type:
Software
Bulletins: Severity:
Low
Description:
Gaim instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000625
Title:
IM installed: gabber installed
Type:
Software
Bulletins: Severity:
Low
Description:
Gabber instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000602
Title:
IM installed: epic installed
Type:
Software
Bulletins: Severity:
Low
Description:
Epic instant messaging client installed.
Applies to:
Created:
2007-12-06
Updated:
2010-08-21

ID:
REF000663
Title:
Config laptop: swap partition not encrypted
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
Computer was identified as a laptop. No encryption was detected on the swap partition.
Applies to:
Created:
2007-12-05
Updated:
2010-08-21

ID:
REF000665
Title:
Config laptop: root partition not encypted
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
Computer was identified as a laptop. No encryption was detected on the root partition.
Applies to:
Created:
2007-12-05
Updated:
2010-08-21

ID:
REF000664
Title:
Config laptop: home partition not encrypted
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
Computer was identified as a laptop. No encryption was detected on the home partition.
Applies to:
Created:
2007-12-05
Updated:
2010-08-21

ID:
CVE-2007-2867
Title:
SANS07C3: Multiple Vulnerabilities in Mozilla Thunderbird 2.x earlier than 2.0.0.6
Type:
Mail
Bulletins:
CVE-2007-2867
CVE-2007-3734
CVE-2007-3735
CVE-2007-3845
SFBID24242
SFBID24946
Severity:
Critical
Description:
Mozilla Thunderbird 2.x versions earlier than 2.0.0.6 are vulnerable to remote denial of service attacks and remote execution of arbitrary commands.
Applies to:
Mozilla Thunderbird
Created:
2007-12-04
Updated:
2020-10-10

ID:
CVE-2007-0777
Title:
SANS07C3: Multiple Vulnerabilities in Mozilla Thunderbird 1.5.x earlier than 1.5.0.13
Type:
Mail
Bulletins:
CVE-2007-0777
CVE-2007-2867
CVE-2007-3845
CVE-2006-4565
CVE-2006-4571
CVE-2006-5463
CVE-2006-5747
CVE-2006-6502
CVE-2007-1282
SFBID22694
SFBID24242
SFBID21668
SFBID20042
SFBID20957
SFBID22845
Severity:
Critical
Description:
Mozilla Thunderbird 1.5.x versions earlier than 1.5.0.13 are vulnerable to remote denial of service attacks and remote execution of arbitrary commands.
Applies to:
Mozilla Thunderbird
Created:
2007-12-04
Updated:
2020-10-10

ID:
CVE-2007-0981
Title:
SANS07C1: Multiple Vulnerabilities in SeaMonkey earlier than 1.1.5
Type:
Web
Bulletins:
CVE-2007-0981
CVE-2007-1092
CVE-2007-5338
CVE-2006-4565
CVE-2006-4571
CVE-2006-5463
CVE-2006-5747
CVE-2006-6502
CVE-2006-6504
CVE-2007-0777
CVE-2007-0779
CVE-2007-1282
CVE-2007-2867
CVE-2007-3845
SFBID22694
SFBID22566
SFBID22679
SFBID24242
SFBID26132
SFBID24242
SFBID21668
SFBID22845
SFBID20957
SFBID20042
Severity:
Critical
Description:
Multiple vulnerabilities exist in SeaMonkey versions earlier than 1.1.5. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements.
Applies to:
SeaMonkey
Created:
2007-12-04
Updated:
2020-10-10

ID:
CVE-2007-0776
Title:
SANS07C1: Multiple Vulnerabilities in Mozilla Firefox earlier than 2.0.0.8
Type:
Web
Bulletins:
CVE-2007-0776
CVE-2007-0777
CVE-2007-0779
CVE-2007-0981
CVE-2007-1092
CVE-2007-2292
CVE-2007-2867
CVE-2007-3734
CVE-2007-3735
CVE-2007-3737
CVE-2007-3738
CVE-2007-3845
CVE-2007-4841
CVE-2007-5338
CVE-2006-4565
CVE-2006-4571
CVE-2006-5463
CVE-2006-5747
SFBID26132
SFBID20957
SFBID20042
SFBID25543
SFBID22679
SFBID24946
SFBID24242
SFBID22694
SFBID23668
SFBID22566
SFBID21668
Severity:
Critical
Description:
Multiple vulnerabilities exist in Mozilla Firefox versions earlier than 2.0.0.8. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements.
Applies to:
Mozilla Firefox
Created:
2007-12-04
Updated:
2020-10-10

ID:
REF000578
Title:
Config yum-updatesd: auto-updating disabled
Type:
Services
Bulletins: Severity:
Low
Description:
yum-updatesd auto-update is disabled. See /etc/yum/yum-updatesd.conf for details.
Applies to:
Created:
2007-12-04
Updated:
2010-08-21

ID:
REF000580
Title:
Config yum-updatesd: auto-resolving dependencies disabled
Type:
Services
Bulletins: Severity:
Low
Description:
yum-updatesd auto-resolving of update dependencies is disabled. See /etc/yum/yum-updatesd.conf for details.
Applies to:
Created:
2007-12-04
Updated:
2010-08-21

ID:
REF000579
Title:
Config yum-updatesd: auto-downloading disabled
Type:
Services
Bulletins: Severity:
Low
Description:
yum-updatesd update auto-downloading is disabled. See /etc/yum/yum-updatesd.conf for details.
Applies to:
Created:
2007-12-04
Updated:
2010-08-21

ID:
REF000583
Title:
Config apt: update notification disabled
Type:
Services
Bulletins: Severity:
Low
Description:
apt-update notification is disabled.
Applies to:
Created:
2007-12-04
Updated:
2010-08-21

ID:
REF000582
Title:
Config apt: daily job disabled
Type:
Services
Bulletins: Severity:
Low
Description:
apt daily update job is disabled, /etc/cron.daily/apt is missing.
Applies to:
Created:
2007-12-04
Updated:
2010-08-21

ID:
REF000581
Title:
Config apt: auto-updating package lists disabled
Type:
Services
Bulletins: Severity:
Low
Description:
apt auto-updating package lists is disabled. See /etc/apt/apt.conf.d/10periodic and /etc/apt/apt.conf.d/15adept-periodic-update for details.
Applies to:
Created:
2007-12-04
Updated:
2010-08-21

ID:
REF000577
Title:
Config yum-updatesd: start on boot disabled
Type:
Services
Bulletins: Severity:
Low
Description:
yum-updatesd is installed but not activated during init3 or init5 startup. See 'chkconfig --list' output for details.
Applies to:
Created:
2007-12-03
Updated:
2010-08-21

ID:
CVE-2007-5020
Title:
APSB07-18: Adobe Acrobat mailto: vulnerability
Type:
Software
Bulletins:
CVE-2007-5020
SFBID25748
Severity:
Critical
Description:
Critical vulnerabilities have been identified in Adobe Reader and Acrobat that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. This issue only affects customers on Windows XP or Windows 2003 with Internet Explorer 7 installed. A malicious file must be loaded in Adobe Reader or Acrobat by the end user for an attacker to exploit these vulnerabilities. It is recommended that affected users update to Adobe Reader 8.1.1 or Acrobat 8.1.1.
Applies to:
Created:
2007-10-30
Updated:
2020-10-10

ID:
CVE-2007-5651
Title:
Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and...
Type:
Hardware
Bulletins:
CVE-2007-5651
SFBID26139
Severity:
Critical
Description:
Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet.
Applies to:
Created:
2007-10-23
Updated:
2020-10-10

ID:
CVE-2007-5549
Title:
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as...
Type:
Hardware
Bulletins:
CVE-2007-5549
Severity:
Low
Description:
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Applies to:
Created:
2007-10-18
Updated:
2020-10-10

ID:
CVE-2007-5550
Title:
Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no...
Type:
Hardware
Bulletins:
CVE-2007-5550
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Applies to:
Created:
2007-10-18
Updated:
2020-10-10

ID:
CVE-2007-5551
Title:
Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information....
Type:
Hardware
Bulletins:
CVE-2007-5551
Severity:
Critical
Description:
Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Applies to:
Created:
2007-10-18
Updated:
2020-10-10

ID:
CVE-2007-5548
Title:
Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory...
Type:
Hardware
Bulletins:
CVE-2007-5548
Severity:
Moderate
Description:
Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Applies to:
Created:
2007-10-18
Updated:
2020-10-10

ID:
CVE-2007-5552
Title:
Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...
Type:
Hardware
Bulletins:
CVE-2007-5552
Severity:
Critical
Description:
Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Applies to:
Created:
2007-10-18
Updated:
2020-10-10

ID:
CVE-2007-5547
Title:
Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague...
Type:
Hardware
Bulletins:
CVE-2007-5547
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Applies to:
Created:
2007-10-18
Updated:
2020-10-10

ID:
CVE-2007-5569
Title:
Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120.
Type:
Hardware
Bulletins:
CVE-2007-5569
SFBID26104
Severity:
Critical
Description:
Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120.
Applies to:
Created:
2007-10-18
Updated:
2020-10-10

ID:
CVE-2007-5537
Title:
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers...
Type:
Hardware
Bulletins:
CVE-2007-5537
SFBID26105
Severity:
Critical
Description:
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2007-10-17
Updated:
2020-10-10

ID:
CVE-2007-5538
Title:
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of...
Type:
Hardware
Bulletins:
CVE-2007-5538
SFBID26105
Severity:
Critical
Description:
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2007-10-17
Updated:
2020-10-10

ID:
CVE-2007-5468
Title:
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof...
Type:
Hardware
Bulletins:
CVE-2007-5468
SFBID26057
Severity:
Moderate
Description:
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack").
Applies to:
Cisco Call Manager
Created:
2007-10-15
Updated:
2020-10-10

ID:
CVE-2007-5381
Title:
Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message...
Type:
Hardware
Bulletins:
CVE-2007-5381
SFBID26001
Severity:
Critical
Description:
Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515.
Applies to:
Created:
2007-10-11
Updated:
2020-10-10

ID:
CVE-2007-4634
Title:
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands...
Type:
Hardware
Bulletins:
CVE-2007-4634
SFBID25480
Severity:
Critical
Description:
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265.
Applies to:
Cisco Call Manager
Unified Communications Manager
Created:
2007-08-31
Updated:
2020-10-10

ID:
CVE-2007-4633
Title:
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web...
Type:
Hardware
Bulletins:
CVE-2007-4633
SFBID25480
Severity:
Moderate
Description:
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728.
Applies to:
Cisco Call Manager
Unified Communications Manager
Created:
2007-08-31
Updated:
2020-10-10

ID:
CVE-2007-4632
Title:
Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass...
Type:
Hardware
Bulletins:
CVE-2007-4632
SFBID25482
Severity:
Moderate
Description:
Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105.
Applies to:
Created:
2007-08-31
Updated:
2020-10-10

ID:
CVE-2007-4430
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE:...
Type:
Hardware
Bulletins:
CVE-2007-4430
SFBID25352
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.
Applies to:
Created:
2007-08-20
Updated:
2020-10-10

ID:
CVE-2007-4294
Title:
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
Type:
Hardware
Bulletins:
CVE-2007-4294
SFBID25239
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
Applies to:
Unified Communications Manager
Created:
2007-08-09
Updated:
2020-10-10

ID:
CVE-2007-4285
Title:
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or...
Type:
Hardware
Bulletins:
CVE-2007-4285
Severity:
Critical
Description:
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.
Applies to:
Created:
2007-08-09
Updated:
2020-10-10

ID:
CVE-2007-4295
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
Type:
Hardware
Bulletins:
CVE-2007-4295
SFBID25239
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
Applies to:
Created:
2007-08-09
Updated:
2020-10-10

ID:
CVE-2007-4292
Title:
Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007,...
Type:
Hardware
Bulletins:
CVE-2007-4292
SFBID25239
Severity:
Critical
Description:
Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249.
Applies to:
Created:
2007-08-09
Updated:
2020-10-10

ID:
CVE-2007-4291
Title:
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with...
Type:
Hardware
Bulletins:
CVE-2007-4291
SFBID25239
Severity:
Critical
Description:
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption.
Applies to:
Created:
2007-08-09
Updated:
2020-10-10

ID:
CVE-2007-4293
Title:
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505.
Type:
Hardware
Bulletins:
CVE-2007-4293
SFBID25239
Severity:
Critical
Description:
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505.
Applies to:
Created:
2007-08-09
Updated:
2020-10-10

ID:
CVE-2007-4286
Title:
Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.
Type:
Hardware
Bulletins:
CVE-2007-4286
SFBID25238
Severity:
Critical
Description:
Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.
Applies to:
Created:
2007-08-09
Updated:
2020-10-10

ID:
CVE-2007-4263
Title:
Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2007-4263
SFBID25240
Severity:
Critical
Description:
Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.
Applies to:
Created:
2007-08-08
Updated:
2020-10-10

ID:
CVE-2007-4011
Title:
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or...
Type:
Hardware
Bulletins:
CVE-2007-4011
SFBID25043
Severity:
Critical
Description:
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841.
Applies to:
Created:
2007-07-25
Updated:
2020-10-10

ID:
CVE-2007-4012
Title:
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a...
Type:
Hardware
Bulletins:
CVE-2007-4012
SFBID25043
Severity:
Critical
Description:
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client context", aka CSCsj50374.
Applies to:
Created:
2007-07-25
Updated:
2020-10-10

ID:
CVE-2007-3944
Title:
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute...
Type:
Mobile Devices
Bulletins:
CVE-2007-3944
SFBID25002
Severity:
Critical
Description:
Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier.
Applies to:
Created:
2007-07-23
Updated:
2020-10-10

ID:
CVE-2007-3775
Title:
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1)...
Type:
Hardware
Bulletins:
CVE-2007-3775
SFBID24867
Severity:
Critical
Description:
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985.
Applies to:
Unified Communications Manager
Created:
2007-07-15
Updated:
2020-10-10

ID:
CVE-2006-5277
Title:
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that...
Type:
Hardware
Bulletins:
CVE-2006-5277
SFBID24868
Severity:
Critical
Description:
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2007-07-15
Updated:
2020-10-10

ID:
CVE-2006-5278
Title:
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets,...
Type:
Hardware
Bulletins:
CVE-2006-5278
SFBID24868
Severity:
Critical
Description:
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.
Applies to:
Unified Callmanager
Unified Communications Manager
Created:
2007-07-15
Updated:
2020-10-10

ID:
CVE-2007-3776
Title:
Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings,...
Type:
Hardware
Bulletins:
CVE-2007-3776
SFBID24867
Severity:
Moderate
Description:
Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962.
Applies to:
Unified Communications Manager
Created:
2007-07-15
Updated:
2020-10-10

ID:
MITRE:1670
Title:
oval:org.mitre.oval:def:1670: CAPICOM.Certificates Vulnerability
Type:
Software
Bulletins:
MITRE:1670
CVE-2007-0940
Severity:
Critical
Description:
Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."
Applies to:
Microsoft Capicom
Created:
2007-07-10
Updated:
2020-10-10

ID:
CVE-2007-3574
Title:
Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3)...
Type:
Hardware
Bulletins:
CVE-2007-3574
SFBID24682
Severity:
Moderate
Description:
Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter.
Applies to:
wag54gs
Created:
2007-07-05
Updated:
2020-10-10

ID:
CVE-2007-3348
Title:
The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message.
Type:
Hardware
Bulletins:
CVE-2007-3348
SFBID24538
Severity:
Critical
Description:
The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message.
Applies to:
DPH-540
DPH-541
Created:
2007-06-22
Updated:
2020-10-10

ID:
CVE-2007-3347
Title:
The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.
Type:
Hardware
Bulletins:
CVE-2007-3347
SFBID24560
Severity:
Critical
Description:
The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.
Applies to:
DPH-540
DPH-541
Created:
2007-06-22
Updated:
2020-10-10

ID:
MITRE:2001
Title:
oval:org.mitre.oval:def:2001: CMS Memory Corruption Vulnerability
Type:
Software
Bulletins:
MITRE:2001
CVE-2007-0938
Severity:
Critical
Description:
Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability."
Applies to:
Microsoft Content Management Server 2001
Microsoft Content Management Server 2002
Created:
2007-05-23
Updated:
2020-10-10

ID:
MITRE:1575
Title:
oval:org.mitre.oval:def:1575: CMS Cross-Site Scripting and Spoofing Vulnerability
Type:
Software
Bulletins:
MITRE:1575
CVE-2007-0939
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability."
Applies to:
Microsoft Content Management Server 2001
Microsoft Content Management Server 2002
Created:
2007-05-23
Updated:
2020-10-10

ID:
CVE-2007-2832
Title:
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via...
Type:
Hardware
Bulletins:
CVE-2007-2832
SFBID24119
Severity:
Moderate
Description:
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors.
Applies to:
Cisco Call Manager
Created:
2007-05-23
Updated:
2020-10-10

ID:
CVE-2007-2813
Title:
Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
Type:
Hardware
Bulletins:
CVE-2007-2813
SFBID24097
Severity:
Critical
Description:
Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
Applies to:
Created:
2007-05-22
Updated:
2020-10-10

ID:
CVE-2007-2734
Title:
The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic.
Type:
Hardware
Bulletins:
CVE-2007-2734
Severity:
Critical
Description:
The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic.
Applies to:
TippingPoint 200
TippingPoint 2000E
TippingPoint 2400E
TippingPoint 50
TippingPoint 5000E
TippingPoint 600E
Created:
2007-05-16
Updated:
2020-10-10

ID:
CVE-2007-2688
Title:
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
Type:
Hardware
Bulletins:
CVE-2007-2688
SFBID23980
Severity:
Critical
Description:
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
Applies to:
Created:
2007-05-15
Updated:
2020-10-10

ID:
REF000467
Title:
AutoRun is enabled
Type:
Miscellaneous
Bulletins: Severity:
High
Description:
Microsoft Windows supports automatic execution in CD/DVD drives and other removable media. This poses a security risk in the case where a CD or removable disk containing malware that automatically installs itself once the disc is inserted. It is recommended to disable AutoRun both for CD/DVD drives and also for other removable drives.
Applies to:
Created:
2007-05-10
Updated:
2010-09-20

ID:
CVE-2007-2587
Title:
The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).
Type:
Hardware
Bulletins:
CVE-2007-2587
SFBID23885
Severity:
Moderate
Description:
The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).
Applies to:
Created:
2007-05-09
Updated:
2020-10-10

ID:
CVE-2007-2586
Title:
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that...
Type:
Hardware
Bulletins:
CVE-2007-2586
SFBID23885
Severity:
Critical
Description:
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.
Applies to:
Created:
2007-05-09
Updated:
2020-10-10

ID:
CVE-2007-2502
Title:
Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015.
Type:
Hardware
Bulletins:
CVE-2007-2502
SFBID23791
Severity:
Critical
Description:
Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015.
Applies to:
Procurve Switch 9300m
Created:
2007-05-03
Updated:
2020-10-10

ID:
CVE-2007-2462
Title:
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via...
Type:
Hardware
Bulletins:
CVE-2007-2462
SFBID23768
Severity:
Critical
Description:
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.
Applies to:
Created:
2007-05-02
Updated:
2020-10-10

ID:
CVE-2007-2463
Title:
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination...
Type:
Hardware
Bulletins:
CVE-2007-2463
SFBID23768
Severity:
Critical
Description:
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry.
Applies to:
Created:
2007-05-02
Updated:
2020-10-10

ID:
CVE-2007-2461
Title:
The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP...
Type:
Hardware
Bulletins:
CVE-2007-2461
SFBID23763
Severity:
Critical
Description:
The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.
Applies to:
Created:
2007-05-02
Updated:
2020-10-10

ID:
CVE-2007-2464
Title:
Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."
Type:
Hardware
Bulletins:
CVE-2007-2464
SFBID23768
Severity:
Critical
Description:
Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."
Applies to:
Created:
2007-05-02
Updated:
2020-10-10

ID:
CVE-2007-2332
Title:
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store.
Type:
Hardware
Bulletins:
CVE-2007-2332
SFBID23562
Severity:
Critical
Description:
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store.
Applies to:
Contivity 1740 VPN Router
Contivity1010
Contivity1050
Contivity1100
Contivity1700
Contivity1750
Contivity2700
Contivity5000
Created:
2007-04-27
Updated:
2020-10-10

ID:
CVE-2007-2333
Title:
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow...
Type:
Hardware
Bulletins:
CVE-2007-2333
SFBID23562
Severity:
Critical
Description:
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.
Applies to:
Contivity1000
Contivity2000
Contivity4000
Contivity5000
Created:
2007-04-27
Updated:
2020-10-10

ID:
CVE-2007-2334
Title:
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration...
Type:
Hardware
Bulletins:
CVE-2007-2334
SFBID23562
Severity:
Critical
Description:
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.
Applies to:
Contivity1000
Contivity2000
Contivity4000
Contivity5000
Created:
2007-04-27
Updated:
2020-10-10

ID:
CVE-2007-2036
Title:
The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID...
Type:
Hardware
Bulletins:
CVE-2007-2036
SFBID23461
Severity:
Critical
Description:
The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384.
Applies to:
Created:
2007-04-16
Updated:
2020-10-10

ID:
CVE-2007-2038
Title:
The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1)...
Type:
Hardware
Bulletins:
CVE-2007-2038
SFBID23461
Severity:
Moderate
Description:
The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug ID CSCsg36361.
Applies to:
Cisco WLC 2000
Cisco WLC 2100
Cisco WLC 4100
Cisco WLC 4400
Created:
2007-04-16
Updated:
2020-10-10

ID:
CVE-2007-2039
Title:
The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1)...
Type:
Hardware
Bulletins:
CVE-2007-2039
SFBID23461
Severity:
Moderate
Description:
The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841.
Applies to:
Created:
2007-04-16
Updated:
2020-10-10

ID:
CVE-2007-2041
Title:
Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug...
Type:
Hardware
Bulletins:
CVE-2007-2041
SFBID23461
Severity:
Moderate
Description:
Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195.
Applies to:
Cisco WLC 2100
Cisco WLC 4400
Created:
2007-04-16
Updated:
2020-10-10

ID:
CVE-2007-2037
Title:
Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic.
Type:
Hardware
Bulletins:
CVE-2007-2037
SFBID23461
Severity:
Low
Description:
Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic.
Applies to:
Created:
2007-04-16
Updated:
2020-10-10

ID:
CVE-2007-2040
Title:
Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192.
Type:
Hardware
Bulletins:
CVE-2007-2040
SFBID23461
Severity:
Moderate
Description:
Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192.
Applies to:
Created:
2007-04-16
Updated:
2020-10-10

ID:
MITRE:746
Title:
oval:org.mitre.oval:def:746: Word Malformed Data Structures Vulnerability
Type:
Software
Bulletins:
MITRE:746
CVE-2006-6456
Severity:
Critical
Description:
Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994.
Applies to:
Microsoft Word
Created:
2007-04-10
Updated:
2020-10-10

ID:
MITRE:257
Title:
oval:org.mitre.oval:def:257: COM Object Instantiation Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:257
CVE-2007-0219
Severity:
Critical
Description:
Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697.
Applies to:
Microsoft Internet Explorer 5
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Created:
2007-04-10
Updated:
2020-10-10

ID:
MITRE:1141
Title:
oval:org.mitre.oval:def:1141: FTP Server Response Parsing Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:1141
CVE-2007-0217
Severity:
Critical
Description:
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.
Applies to:
Microsoft Internet Explorer
Created:
2007-04-10
Updated:
2020-10-10

ID:
MITRE:1120
Title:
oval:org.mitre.oval:def:1120: COM Object Instantiation Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:1120
CVE-2006-4697
Severity:
Critical
Description:
Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193.
Applies to:
Microsoft Internet Explorer
Created:
2007-04-10
Updated:
2020-10-10

ID:
CVE-2007-1826
Title:
Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster...
Type:
Hardware
Bulletins:
CVE-2007-1826
SFBID23181
Severity:
Critical
Description:
Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949.
Applies to:
Unified Callmanager
Created:
2007-04-02
Updated:
2020-10-10

ID:
CVE-2007-1833
Title:
The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of...
Type:
Hardware
Bulletins:
CVE-2007-1833
SFBID23181
Severity:
Moderate
Description:
The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port.
Applies to:
Unified Callmanager
Created:
2007-04-02
Updated:
2020-10-10

ID:
CVE-2007-1834
Title:
Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
Type:
Hardware
Bulletins:
CVE-2007-1834
SFBID23181
Severity:
Critical
Description:
Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
Applies to:
Unified Callmanager
Created:
2007-04-02
Updated:
2020-10-10

ID:
CVE-2007-1585
Title:
The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE:...
Type:
Hardware
Bulletins:
CVE-2007-1585
SFBID23063
Severity:
Moderate
Description:
The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE: some of these details are obtained from third party information.
Applies to:
wag200g
wrt54gc
Created:
2007-03-21
Updated:
2020-10-10

ID:
CVE-2007-1467
Title:
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace...
Type:
Hardware
Bulletins:
CVE-2007-1467
SFBID22982
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.
Applies to:
Cisco Call Manager
Created:
2007-03-16
Updated:
2020-10-10

ID:
CVE-2007-1258
Title:
Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a...
Type:
Hardware
Bulletins:
CVE-2007-1258
Severity:
Moderate
Description:
Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet.
Applies to:
Cisco Catalyst 6000
Cisco Catalyst 6500 Series Switches
Cisco Catalyst 7600
Created:
2007-03-03
Updated:
2020-10-10

ID:
REF000466
Title:
P2P Software: SoulSeek Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
SoulSeek
Created:
2007-03-02
Updated:
2010-08-21

ID:
REF000465
Title:
P2P Software: Shareaza Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
Shareaza
Created:
2007-03-02
Updated:
2010-08-21

ID:
REF000464
Title:
P2P Software: Kazaa Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
Kazaa
Created:
2007-03-02
Updated:
2010-08-21

ID:
REF000463
Title:
P2P Software: IMESH Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
IMesh
Created:
2007-03-02
Updated:
2010-08-21

ID:
REF000462
Title:
P2P Software: eMule Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
Created:
2007-03-02
Updated:
2010-08-21

ID:
REF000461
Title:
P2P Software: eDonkey 2000 Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
eDonkey 2000
Created:
2007-03-02
Updated:
2010-08-21

ID:
REF000460
Title:
P2P Software: DC++ Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
DC++
Created:
2007-03-02
Updated:
2010-08-21

ID:
REF000459
Title:
P2P Software: BitTorrent Installed
Type:
Software
Bulletins: Severity:
Low
Description:
P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution.
Applies to:
BitTorrent
Created:
2007-03-02
Updated:
2010-08-21

ID:
MITRE:761
Title:
oval:org.mitre.oval:def:761: Script Error Handling Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:761
CVE-2006-5579
Severity:
Critical
Description:
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2007-02-20
Updated:
2020-10-10

ID:
MITRE:669
Title:
oval:org.mitre.oval:def:669: Windows Media Format ASX Parsing Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:669
CVE-2006-6134
Severity:
Critical
Description:
Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file.
Applies to:
Windows Media Format Runtime 7.1
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Created:
2007-02-20
Updated:
2020-10-10

ID:
MITRE:536
Title:
oval:org.mitre.oval:def:536: Windows Media Format ASF Parsing Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:536
CVE-2006-4702
Severity:
Moderate
Description:
Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
Applies to:
Windows Media Format Runtime 7.1
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Windows Media Player 6.4
Created:
2007-02-20
Updated:
2020-10-10

ID:
MITRE:337
Title:
oval:org.mitre.oval:def:337: TIF Folder Information Disclosure Vulnerability
Type:
Web
Bulletins:
MITRE:337
CVE-2006-5578
Severity:
Low
Description:
Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577.
Applies to:
Microsoft Internet Explorer
Created:
2007-02-20
Updated:
2020-10-10

ID:
MITRE:313
Title:
oval:org.mitre.oval:def:313: TIF Folder Information Disclosure Vulnerability
Type:
Web
Bulletins:
MITRE:313
CVE-2006-5577
Severity:
Moderate
Description:
Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578.
Applies to:
Microsoft Internet Explorer
Created:
2007-02-20
Updated:
2020-10-10

ID:
MITRE:116
Title:
oval:org.mitre.oval:def:116: DHTML Script Function Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:116
CVE-2006-5581
Severity:
Critical
Description:
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2007-02-20
Updated:
2020-10-10

ID:
REF000454
Title:
Config shadow: incorrect file premissions
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
the shadow file has incorrect permissions. Consider setting the permissions to '400' or '-r--------' and owner/group to '0:0'.
Applies to:
Created:
2007-02-16
Updated:
2010-08-21

ID:
REF000458
Title:
Config passwd: incorrect file permissions
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
the passwd file has incorrect permissions. Consider setting the permissions to '644' or '-rw-r--r--' and owner/group to '0:0'.
Applies to:
Created:
2007-02-16
Updated:
2010-08-21

ID:
REF000456
Title:
Config LILO: no password configured
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
lilo boot manager has no password set. Consider configuring a password to avoid overriding the boot settings.
Applies to:
Created:
2007-02-16
Updated:
2010-08-21

ID:
REF000457
Title:
Config INIT: pasword-less single user mode
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
Applies to:
Created:
2007-02-16
Updated:
2010-08-21

ID:
REF000455
Title:
Config GRUB: no password configured
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
grub boot manager has no password set. Consider configuring a password to avoid overriding the boot settings.
Applies to:
Created:
2007-02-16
Updated:
2010-08-21

ID:
REF000451
Title:
Config PAM: password strenght checking not configured
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
pluggable authentication modules pam_cracklib.so password strenght checking not configured.
Applies to:
Created:
2007-02-15
Updated:
2010-08-21

ID:
REF000450
Title:
Config PAM: minimum password lenght less than 6
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
pluggable authentication modules pam_unix.so or pam_cracklib.so minimum password lenght is less than 6. Consider increasing the minimum password lenght.
Applies to:
Created:
2007-02-15
Updated:
2010-08-21

ID:
REF000452
Title:
Config PAM: empty passwords enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
pluggable authentication modules pam_unix.so empty passwords enabled. Consider removing 'nullok' form the pam_unix.so config line in /etc/pam.d/common-password.
Applies to:
Created:
2007-02-15
Updated:
2010-08-21

ID:
REF000453
Title:
Config PAM: difference between paswords less than 6
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
pluggable authentication modules pam_cracklib.so minimum required difference between passwords is less than 6 characters. Consider increasing this value.
Applies to:
Created:
2007-02-15
Updated:
2010-08-21

ID:
REF000431
Title:
Config GDM: remote root login enabled
Type:
Services
Bulletins: Severity:
Low
Description:
GDM login manager remote root login enabled. If you don't need this feature, set 'AllowRemoteRoot=false'.
Applies to:
Created:
2007-02-15
Updated:
2010-08-21

ID:
REF000449
Title:
Config GDM: remote logins enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
GDM login manager remote logins enabled. If you don't need this feature, set 'Enable=false' in /etc/X11/gdm/gfm.conf.
Applies to:
Created:
2007-02-15
Updated:
2010-08-21

ID:
REF000448
Title:
Config GDM: remote autologin enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
GDM login manager remote autologin enabled. If you don't need this feature, set 'AllowRemoteAutoLogin=false'.
Applies to:
Created:
2007-02-15
Updated:
2010-08-21

ID:
REF000403
Title:
Config VSFTPd: upload enabled
Type:
FTP
Bulletins: Severity:
Low
Description:
VSFTPd upload enabled. If you don't need this feature, set 'write_enable=NO'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000404
Title:
Config VSFTPd: anonymous upload enabled
Type:
FTP
Bulletins: Severity:
Low
Description:
VSFTPd anonymous upload enabled. If you don't need this feature, set 'anon_upload_enable=NO'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000402
Title:
Config VSFTPd: anonymous login enabled
Type:
FTP
Bulletins: Severity:
Low
Description:
VSFTPd anonymous login enabled. If you don't need this feature, set 'anonymous_enable=NO'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000428
Title:
Config SSHd: using default port
Type:
Services
Bulletins: Severity:
Low
Description:
SSH service is running on the default port 22. Consider changing the port to avoid automated attacks.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000429
Title:
Config SSHd: protocol 1 enabled
Type:
Services
Bulletins: Severity:
Low
Description:
SSH protocol 1 enabled. If you don't need this functionality, set 'Protocol 2'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000427
Title:
Config SSHd: .rhosts and .shosts enabled
Type:
Services
Bulletins: Severity:
Low
Description:
use of .rhost and .shost files is enabled. If you don't need this functionality, set 'IgnoreRhosts yes'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000430
Title:
Config SSH: protocol 1 enabled
Type:
Services
Bulletins: Severity:
Low
Description:
SSH protocol 1 enabled. If you don't need this functionality, set 'Protocol 2'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000437
Title:
Config shadow: weak encryption detected
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
Some or all of the passwords in /etc/shadow are not encrypted using SHA-256/512 or stronger encryption Algorithms
Applies to:
Created:
2007-02-14
Updated:
2016-07-21

ID:
REF000447
Title:
Config passwd: no shadow file detected
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
shadow file not found. Consider configuring a shadow file for password storage.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000446
Title:
Config passwd: multiple root accounts
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
file /etc/passwd contains user with ID:0 other than root. Make sure this is a legal account.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000442
Title:
Config KDM: shutdown by everybody enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
KDM login manager allows shutdown to everybody. If you don't need this functionality, set 'AllowShutdown=None'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000441
Title:
Config KDM: root login enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
KDM login manager root login enabled. If you don't need this functionality, set 'AllowRootLogin=false'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000439
Title:
Config KDM: password-less login enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
KDM login manager password-less login enabled. If you don't need this functionality, set 'NoPassEnabled=false'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000440
Title:
Config KDM: empty password login enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
KDM login manager empty password login enabled. If you don't need this functionality, set 'AllowNullPasswd=false'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000438
Title:
Config KDM: autologin enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
KDM login manager autologin enabled. If you don't need this functionality, set 'AutoLoginEnabled=false'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000445
Title:
Config GDM: shutdown by everbody enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
GDM login manager allows shutdown to everybody. If you don't need this feature, set 'SystemMenu=false'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000444
Title:
Config GDM: root login enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
GDM login manager root login enabled. If you don't need this feature, set 'AllowRoot=false'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
REF000443
Title:
Config GDM: autologin enabled
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
GDM login manager autologin enabled. If you don't need this feature, set 'AutomaticLoginEnable=false'.
Applies to:
Created:
2007-02-14
Updated:
2010-08-21

ID:
CVE-2007-0917
Title:
The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.
Type:
Hardware
Bulletins:
CVE-2007-0917
SFBID22549
Severity:
Moderate
Description:
The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.
Applies to:
Created:
2007-02-13
Updated:
2020-10-10

ID:
CVE-2007-0918
Title:
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations...
Type:
Hardware
Bulletins:
CVE-2007-0918
SFBID22549
Severity:
Critical
Description:
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
Applies to:
Created:
2007-02-13
Updated:
2020-10-10

ID:
REF000383
Title:
GFI EndPointSecurity Report
Type:
Services
Bulletins: Severity:
High
Description:
This check generates a report regarding the status of GFI EndPointSecurity and EndPointSecurity Agent. This report is created on the GFI LANguard Network Security Scanner directory on Data\Reports\ESEC-Network-Report.csv. EndPointSecurity controls entry and exit of data via USB sticks, iPods, PDAs and other devices. For more information, visit http://www.gfi.com/endpointsecurity
Applies to:
GFI EndPointSecurity
Created:
2007-02-13
Updated:
2010-08-21

ID:
REF000382
Title:
GFI EndPointSecurity agent missing
Type:
Services
Bulletins: Severity:
High
Description:
The GFI EndPointSecurity agent is not installed on this machine. EndPointSecurity controls entry and exit of data via USB sticks, iPods, PDAs and other devices. For more information, visit http://www.gfi.com/endpointsecurity
Applies to:
GFI EndPointSecurity
Created:
2007-02-13
Updated:
2010-08-21

ID:
CVE-2006-1249
Title:
SANS06C5: Multiple iTunes and QuickTime for Mac Vulnerabilities
Type:
Software
Bulletins:
CVE-2006-1249
CVE-2005-4092
CVE-2005-3713
CVE-2006-2238
CVE-2006-1456
CVE-2005-3711
CVE-2005-3710
CVE-2005-3709
CVE-2005-3708
CVE-2005-3707
CVE-2005-2340
CVE-2005-2743
SFBID17074
SFBID15732
SFBID17953
SFBID16202
Severity:
Critical
Description:
Multiple vulnerabilities exist in QuickTime Player versions before 7.0.4, and in iTunes 6.0.2 and earlier. These include integer overflow, and heap-based buffer overflows. It is recommended to update to the latest versions of these products.
Applies to:
iTunes and QuickTime
Created:
2007-02-12
Updated:
2020-10-10

ID:
CVE-2006-5084
Title:
SANS06C4: Skype for Mac 1.5.*.79 and earlier vulnerable to DoS or remote code execution.
Type:
Software
Bulletins:
CVE-2006-5084
SFBID20218
Severity:
Critical
Description:
In some circumstances, a Skype URL can be crafted that, if followed, could cause the execution of arbitrary code on the platform on which Skype is running. It is recommended to update to Skype version 1.5.*.80 or later.
Applies to:
Skype
Created:
2007-02-12
Updated:
2020-10-10

ID:
CVE-2006-3505
Title:
SANS06M1: WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Type:
Web
Bulletins:
CVE-2006-3505
SFBID19289
Severity:
Critical
Description:
A maliciously-crafted HTML document could cause a previously deallocated object to be accessed. This may lead to an application crash or arbitrary code execution. It is recommended to install Apple Security Update 2006-004 or update to the latest Mac OS X version. More information regarding this update may be obtained from http://docs.info.apple.com/article.html?artnum=304063
Applies to:
WebKit
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-3946
Title:
SANS06M1: WebCore in Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to cause a denial of service
Type:
Web
Bulletins:
CVE-2006-3946
SFBID19250
Severity:
Critical
Description:
A memory management error in WebKit's handling of certain HTML could allow a malicious web site to cause a crash or potentially execute arbitrary code as the user viewing the site. It is recommended to update to Mac OS X version 10.4.8 or later.
Applies to:
WebCore
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-3946
Title:
SANS06M1: WebCore in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Type:
Web
Bulletins:
CVE-2006-3946
SFBID19250
Severity:
Critical
Description:
A memory management error in WebKit's handling of certain HTML could allow a malicious web site to cause a crash or potentially execute arbitrary code as the user viewing the site. It is recommended to install Apple Security Update 2006-006. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=304460
Applies to:
WebCore
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-0848
Title:
SANS06M1: Vulnerability in Safari and LaunchServices can lead to remote code exencution.
Type:
Web
Bulletins:
CVE-2006-0848
Severity:
Moderate
Description:
It is possible to construct a file which appears to be a safe file type, such as an image or movie, but is actually an application. When the "Open `safe' files after downloading" option is enabled in Safari's General preferences, visiting a malicious web site may result in the automatic download and execution of such a file. A proof-of-concept has been detected on public web sites that demonstrates the automatic execution of shell scripts. It is recommended to install Apple Security Update 2006-001 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=303382
Applies to:
LaunchServices
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-4394
Title:
SANS06M1: Vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIDs to bypass service access controls.
Type:
Software
Bulletins:
CVE-2006-4394
SFBID20271
Severity:
Critical
Description:
Service access controls can be used to restrict which users are allowed to log in to a system via loginwindow. A logic error in loginwindow allows network accounts without GUIDs to bypass service access controls. This issue only affects systems that have been configured to use service access controls for loginwindow and to allow network accounts to authenticate users without a GUID. It is recommended to update to Mac OS X version 10.4.8 or later.
Applies to:
LoginWindow
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-0397
Title:
SANS06M1: Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5
Type:
Web
Bulletins:
CVE-2006-0397
CVE-2006-0398
CVE-2006-0399
Severity:
Critical
Description:
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. It is recommended to install Apple Security Update 2006-002 or update to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=303453
Applies to:
Safari
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2005-2516
Title:
SANS06M1: Safari in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary commands.
Type:
Web
Bulletins:
CVE-2005-2516
Severity:
Critical
Description:
Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands. It is recommended to install Apple Security Update 2005-007 or update to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=302163
Applies to:
Safari
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-1450
Title:
SANS06M1: Multiple vulnerabilities in Mail in Apple Mac OS X 10.3.9 and 10.4.6
Type:
Mail
Bulletins:
CVE-2006-1450
CVE-2006-1449
SFBID17951
Severity:
Critical
Description:
Multiple vulnerabilities exist in Mail in Apple Mac OS X 10.3.9 and 10.4.6 which can allow execution of arbitrary code. It is recommended to install Security Update 2006-003 or the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=303737.
Applies to:
Mail
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2005-3705
Title:
SANS06M1: Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, allows remote attackers to execute arbitrary code.
Type:
Web
Bulletins:
CVE-2005-3705
SFBID15647
Severity:
Critical
Description:
WebKit contains a heap overflow that may lead to the execution of arbitrary code. This may be triggered by content downloaded from malicious web sites in applications that use WebKit such as Safari. It is recommended to install Apple Security Update 2005-009 or update to the latest Mac OS X version. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=302847
Applies to:
Safari
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-3498
Title:
SANS06M1: Buffer overflow in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 and earlier
Type:
Services
Bulletins:
CVE-2006-3498
SFBID19289
Severity:
Critical
Description:
Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 and earlier allows remote attackers to execute arbitrary code via a crafted BOOTP request. It is recommended to install Apple Security Update 2006-004 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=304063
Applies to:
Mac OS X
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2005-2518
Title:
SANS06M1: Buffer overflow in servermgrd in Mac OS X Server 10.4.2 and earlier
Type:
Software
Bulletins:
CVE-2005-2518
Severity:
Critical
Description:
A buffer overflow in the handling of authentication can lead to arbitrary code execution by a remote attacker. This vulnerability is present in Mac OS X Server 10.4 to 10.4.2. It is recommended to install Apple Security Update 2005-007 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=302163
Applies to:
servermgrd
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-1987
Title:
SANS06M1: Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag.
Type:
Web
Bulletins:
CVE-2006-1987
SFBID17634
Severity:
Critical
Description:
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. It is recommended to update Safari by installing Apple Security Update 2006-004 or updating to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=304063
Applies to:
Safari
Created:
2007-02-09
Updated:
2020-10-10

ID:
CVE-2006-1469
Title:
SANS06M1: Multiple Vulnerabilities in ImageIO
Type:
Software
Bulletins:
CVE-2006-1469
CVE-2006-1982
CVE-2005-2747
SFBID18731
SFBID17634
SFBID17951
SFBID14914
Severity:
Critical
Description:
Multiple vulnerabilities exist in ImageIO in Mac OS X versions 10.4 to 10.4.6. It is recommended to update to version 10.4.7 or later immediately.
Applies to:
Mac OS X
Created:
2007-02-08
Updated:
2020-10-10

ID:
CVE-2006-0384
Title:
SANS06M1: automount in Mac OS X 10.4.5 and earlier vulnerable to denial of service or execution of arbitrary code.
Type:
Software
Bulletins:
CVE-2006-0384
SFBID16907
Severity:
Critical
Description:
File servers on the local network may be able to cause Mac OS X systems to mount file systems with reserved names. This could cause the systems to become unresponsive, or possibly allow arbitrary code delivered from the file servers to run on the target system. It is recommended to install Security Update 2006-001 or update to the latest Mac OS X version.
Applies to:
automount
Created:
2007-02-08
Updated:
2020-10-10

ID:
CVE-2006-3507
Title:
SANS06M1: Multiple vulnerabilities in AirPort wireless driver
Type:
Software
Bulletins:
CVE-2006-3507
CVE-2006-3508
CVE-2006-3509
SFBID20144
Severity:
Critical
Description:
Multiple vulnerabilities exist in AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 and earlier. It is recommended to install AirPort Update 2006-001 and Security Update 2006-005 on this machine or update to the latest Mac OS X version. More information about these updates can be obtained from http://docs.info.apple.com/article.html?artnum=304420
Applies to:
Mac OS X
Created:
2007-02-07
Updated:
2020-10-10

ID:
REF000409
Title:
Config SSHd: X11 forwarding enabled
Type:
Services
Bulletins: Severity:
Low
Description:
X11 forwarding over ssh is enabled. If you don't need this functionality, set 'X11Forwarding no'.
Applies to:
Created:
2007-02-07
Updated:
2010-08-21

ID:
REF000408
Title:
Config SSHd: root login permited
Type:
Services
Bulletins: Severity:
Low
Description:
root SSH logins are permitted. If you don't need this functionality, set 'PermitRootLogin no'.
Applies to:
Created:
2007-02-07
Updated:
2010-08-21

ID:
REF000410
Title:
Config SSHd: empty passwords permited
Type:
Services
Bulletins: Severity:
Low
Description:
SSH logins with empty passwords are permitted. If you don't need this functionality, set 'PermitEmptyPasswords no'.
Applies to:
Created:
2007-02-07
Updated:
2010-08-21

ID:
REF000436
Title:
Config shadow: empty password detected
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
password file /etc/shadow contains an empty password
Applies to:
Created:
2007-02-07
Updated:
2010-08-21

ID:
REF000412
Title:
Config SElinux: not in strict mode
Type:
Services
Bulletins: Severity:
Low
Description:
SElinux is in targeted mode. Consider switching to strict mode.
Applies to:
Created:
2007-02-07
Updated:
2010-08-21

ID:
REF000411
Title:
Config SElinux: not in enforcing mode
Type:
Services
Bulletins: Severity:
Low
Description:
SElinux is disabled or in permissive mode. Consider switching to enforcing mode.
Applies to:
Created:
2007-02-07
Updated:
2010-08-21

ID:
REF000407
Title:
Service running: SSH
Type:
Services
Bulletins: Severity:
Low
Description:
If this computer is not administered via secure shell, the SSH service is most likely unnecessary.
Applies to:
Created:
2007-02-06
Updated:
2010-08-21

ID:
REF000433
Title:
Config BIND: allow-update not specified
Type:
DNS
Bulletins: Severity:
Low
Description:
allow-update keyword specifies who can do zone updates on this dns server.
Applies to:
Created:
2007-02-05
Updated:
2010-08-21

ID:
REF000434
Title:
Config BIND: allow-transfer not specified
Type:
DNS
Bulletins: Severity:
Low
Description:
allow-transfer keyword specifies who can do zone transfers from this dns server.
Applies to:
Created:
2007-02-05
Updated:
2010-08-21

ID:
REF000435
Title:
Config BIND: allow-recursion not specified
Type:
DNS
Bulletins: Severity:
Low
Description:
allow-recursion keyword specifies who can do recursive queries on this dns server. The dns recursive queries are available to everyone by default. It's recomended to restrict access if this is not a public dns server.
Applies to:
Created:
2007-02-05
Updated:
2010-08-21

ID:
REF000432
Title:
Config BIND: allow-query not specified
Type:
DNS
Bulletins: Severity:
Low
Description:
allow-recursion keyword specifies who can do queries on this dns server. The dns service is available to everyone by default. It's recomended to restrict access if this is not an authoritative dns server.
Applies to:
Created:
2007-02-05
Updated:
2010-08-21

ID:
REF000415
Title:
Service running: Telnet
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a Telnet server, this service is most likely unnecessary. Telnet is an obsolete and insecure service, use SSH instead.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000422
Title:
Service running: SWAT
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a SAMBA file server, this service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000416
Title:
Service running: SMTP
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a SMTP mail server, the SMTP service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000425
Title:
Service running: SAMBA SMB
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a SAMBA file server, the SMB service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000426
Title:
Service running: SAMBA NMB
Type:
Services
Bulletins: Severity:
Low
Description:
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000424
Title:
Service running: PostgeSQL
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a database server, the PostgreSQL service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000420
Title:
Service running: POP3
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a POP mail server, the POP3 service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000423
Title:
Service running: MySQL
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a database server, the MySQL service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000421
Title:
Service running: IMAP4
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not an IMAP mail server, the IMAP4 service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000419
Title:
Service running: HTTPS
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a secure web server, the HTTPS service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000406
Title:
Service running: HTTP
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not an web server, the HTTP service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000414
Title:
Service running: FTP
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a FTP server, the FTP service is most likely unnecessary. FTP is very problematic and insecure service, use HTTP, HTTPS or SFTP instead.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000413
Title:
Service running: Finger
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not an Finger server, this service is most likely unnecessary. Finger is an obsolete and insecure service, use LDAP directory services instead.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000417
Title:
Service running: DNS
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a internet domain name server, the DNS service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
REF000418
Title:
Service running: CUPS
Type:
Services
Bulletins: Severity:
Low
Description:
If this is not a CUPS print server, the CUPS server service is most likely unnecessary.
Applies to:
Created:
2007-01-31
Updated:
2010-08-21

ID:
CVE-2007-0648
Title:
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
Type:
Hardware
Bulletins:
CVE-2007-0648
SFBID22330
Severity:
Critical
Description:
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
Applies to:
Created:
2007-01-31
Updated:
2020-10-10

ID:
CVE-2007-0199
Title:
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."
Type:
Hardware
Bulletins:
CVE-2007-0199
SFBID21990
Severity:
Moderate
Description:
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."
Applies to:
Created:
2007-01-11
Updated:
2020-10-10

ID:
CVE-2006-2313
Title:
SANS06C2: PostgreSQL 8.1 SQL injection vulnerability
Type:
Services
Bulletins:
CVE-2006-2313
CVE-2006-2313
SFBID18092
Severity:
Critical
Description:
PostgreSQL 8.1.x before 8.1.4 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
Applies to:
Created:
2006-12-20
Updated:
2020-10-10

ID:
CVE-2006-6538
Title:
D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the...
Type:
Hardware
Bulletins:
CVE-2006-6538
Severity:
Critical
Description:
D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link.
Applies to:
DWL-2000AP
Created:
2006-12-13
Updated:
2020-10-10

ID:
CVE-2006-2753
Title:
SANS06C2: SQL Injection vulnerability in MySQL 5.0.x
Type:
Services
Bulletins:
CVE-2006-2753
SFBID18219
Severity:
Critical
Description:
SQL injection vulnerability in MySQL 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
Applies to:
MySQL 5
Created:
2006-12-12
Updated:
2020-10-10

ID:
CVE-2006-2753
Title:
SANS06C2: SQL Injection vulnerability in MySQL 4.1.x
Type:
Services
Bulletins:
CVE-2006-2753
SFBID18219
Severity:
Critical
Description:
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
Applies to:
MySQL 4.1
Created:
2006-12-12
Updated:
2020-10-10

ID:
CVE-2006-2313
Title:
SANS06C2: PostgreSQL 8.0 SQL injection vulnerability
Type:
Services
Bulletins:
CVE-2006-2313
CVE-2006-2313
SFBID18092
Severity:
Critical
Description:
PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
Applies to:
Created:
2006-12-12
Updated:
2020-10-10

ID:
CVE-2006-2313
Title:
SANC06C2: PostgreSQL 8.0 SQL injection vulnerability
Type:
Services
Bulletins:
CVE-2006-2313
CVE-2006-2313
SFBID18092
Severity:
Critical
Description:
PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
Applies to:
Created:
2006-12-12
Updated:
2020-10-10

ID:
CVE-2005-3641
Title:
SANS06C2: Multiple vulnerabilities in Oracle Database 9i
Type:
Services
Bulletins:
CVE-2005-3641
CVE-2006-0256
CVE-2006-0257
CVE-2006-0258
CVE-2006-0260
CVE-2006-0261
CVE-2006-0262
CVE-2006-0263
CVE-2006-0265
CVE-2006-0266
CVE-2006-0267
CVE-2006-0268
CVE-2006-0271
CVE-2006-0272
CVE-2006-0282
CVE-2006-0290
CVE-2006-0286
CVE-2006-0285
SFBID15450
SFBID16287
SFBID17590
Severity:
Critical
Description:
Multiple vulnerabilities exist in some versions of Oracle Database Server 9i. It is recommended to update to the latest versions or apply the latest patches.
Applies to:
Oracle Database 9
Created:
2006-12-11
Updated:
2020-10-10

ID:
CVE-2005-3641
Title:
SANS06C2: Multiple vulnerabilities in Oracle Database 10g
Type:
Services
Bulletins:
CVE-2005-3641
CVE-2005-3641
CVE-2006-0257
CVE-2006-0259
CVE-2006-0259
CVE-2006-0261
CVE-2006-0262
CVE-2006-0263
CVE-2006-0265
CVE-2006-0266
CVE-2006-0267
CVE-2006-0268
CVE-2006-0269
CVE-2006-0270
CVE-2006-0271
CVE-2006-0271
CVE-2006-0272
CVE-2006-0282
SFBID15450
SFBID16287
SFBID16384
SFBID17590
SFBID16294
SFBID19054
Severity:
Critical
Description:
Multiple vulnerabilities exist in some versions of Oracle Database Server 10g. It is recommended to update to the latest versions or apply the latest patches.
Applies to:
Oracle Database 10
Created:
2006-12-06
Updated:
2020-10-10

ID:
CVE-2006-5478
Title:
SANS07S6: Multiple vulnerabilities in Novell eDirectory 8.x
Type:
Software
Bulletins:
CVE-2006-5478
CVE-2006-4509
CVE-2006-4510
CVE-2006-4177
CVE-2006-2496
SFBID20655
SFBID20853
SFBID20663
SFBID20664
SFBID18026
Severity:
Critical
Description:
Multiple vulnerabilities exist in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8. These include overflow attacks that allow remote code execution and denial of service.
Applies to:
Created:
2006-12-04
Updated:
2020-10-10

ID:
CVE-2006-0992
Title:
SANS07S6: Stack-based buffer overflow in Novell GroupWise Messenger
Type:
Software
Bulletins:
CVE-2006-0992
SFBID17503
Severity:
Critical
Description:
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon.
Applies to:
Created:
2006-12-01
Updated:
2020-10-10

ID:
CVE-2005-1928
Title:
SANS07C6: Multiple vulnerabilities in Trend Micro ServerProtect EarthAgent 5.58 and earlier
Type:
Software
Bulletins:
CVE-2005-1928
CVE-2005-1929
SFBID15865
SFBID15866
SFBID15868
Severity:
Critical
Description:
Multiple vulnerabilities exist in Trend Micro ServerProtect EarthAgent versions 5.58 and earlier. These include multiple heap-based buffer overflows and denial of service.
Applies to:
Trend Micro ServerProtect
Created:
2006-11-30
Updated:
2020-10-10

ID:
CVE-2006-0323
Title:
SANS06C5: Buffer overflow in swfformat.dll in Real Rhapsody 3
Type:
Software
Bulletins:
CVE-2006-0323
SFBID17202
Severity:
Critical
Description:
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including Rhapsody 3 allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a a size value that is less than the actual size, or (2) other unspecified manipulations.
Applies to:
RealNetworks Rhapsody
Created:
2006-11-30
Updated:
2020-10-10

ID:
CVE-2005-2628
Title:
SANS06C5: Multiple vulnerabilities in Macromedia Flash
Type:
Software
Bulletins:
CVE-2005-2628
CVE-2005-3591
SFBID15332
SFBID15334
Severity:
Critical
Description:
Multiple vulnerabilities exist in Macromedia Flash versions 7.0.19.0 and earlier. These include denial of service and remote execution.
Applies to:
Created:
2006-11-28
Updated:
2020-10-10

ID:
CVE-2006-1370
Title:
SANS06C5: Multiple Vulnerabilities in RealPlayer
Type:
Software
Bulletins:
CVE-2006-1370
CVE-2005-2922
CVE-2005-4126
CVE-2005-3677
CVE-2005-2936
SFBID17202
SFBID15691
SFBID15398
SFBID15448
Severity:
Critical
Description:
Multiple vulnerabilities exist in RealNetworks RealPlayer in versions 10.5 6.0.12.1348 and earlier. These include buffer overflows, and possibility of remote code execution and denial of service. It is suggested to update to the latest version.
Applies to:
RealNetworks RealPlayer
Created:
2006-11-27
Updated:
2020-10-10

ID:
CVE-2006-1249
Title:
SANS06C5: Multiple iTunes and QuickTime Vulnerabilities
Type:
Software
Bulletins:
CVE-2006-1249
CVE-2005-4092
CVE-2005-3713
CVE-2006-2238
CVE-2006-1456
CVE-2005-3711
CVE-2005-3710
CVE-2005-3709
CVE-2005-3708
CVE-2005-3707
CVE-2005-2340
CVE-2005-2743
SFBID17074
SFBID15732
SFBID17953
SFBID16202
Severity:
Critical
Description:
Multiple vulnerabilities exist in QuickTime Player versions before 7.0.4, and in iTunes 6.0.2 and earlier. These include integer overflow, and heap-based buffer overflows. It is recommended to update to the latest versions of these products.
Applies to:
iTunes and QuickTime
Created:
2006-11-27
Updated:
2020-10-10

ID:
CVE-2005-2310
Title:
SANS06C5: Multiple buffer overflows in NullSoft Winamp 5.13 and earlier
Type:
Software
Bulletins:
CVE-2005-2310
CVE-2005-3188
CVE-2005-3188
SFBID16623
SFBID16462
SFBID14276
Severity:
Critical
Description:
Multiple buffer overflow vulnerabilities exist in Winamp 5.13 and earlier which allow remote code execution. It is recommended to update to the latest version.
Applies to:
Nullsoft Winamp
Created:
2006-11-27
Updated:
2020-10-10

ID:
CVE-2006-6055
Title:
Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).
Type:
Hardware
Bulletins:
CVE-2006-6055
SFBID21032
Severity:
Critical
Description:
Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).
Applies to:
DWL-G132
Created:
2006-11-21
Updated:
2020-10-10

ID:
SFBID715
Title:
Sendmail 8-8-4
Type:
Mail
Bulletins:
SFBID715
Severity:
High
Description:
Berkeley Sendmail is prone to a group permissions vulnerability. When delivering mail to a program which is listed in a .forward or :include: file, this program will be run the group permissions possessed by the owner of the .forward or :include: file. The owner of the file is used to initialize the list of group permissions obtained by scanning the /etc/group file, that are in force when the program is run. In such an environment it is possible to attain group permissions one should not have by linking to a file that is owned by someone else who has group write permissions. In order to solve such a problem one should upgrade to at least version 8.8.4 of sendmail or else install a vendor supplied patch.
Applies to:
Sendmail
Created:
2006-11-10
Updated:
2010-08-21

ID:
MITRE:100
Title:
oval:org.mitre.oval:def:100: VML Buffer Overrun Vulnerability
Type:
Web
Bulletins:
MITRE:100
CVE-2006-4868
Severity:
Critical
Description:
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
Applies to:
Microsoft Internet Explorer
Created:
2006-10-31
Updated:
2020-10-10

ID:
CVE-2006-5537
Title:
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection...
Type:
Hardware
Bulletins:
CVE-2006-5537
Severity:
Moderate
Description:
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection parameters.
Applies to:
DSL-G624T
Created:
2006-10-26
Updated:
2020-10-10

ID:
CVE-2006-5536
Title:
Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter.
Type:
Hardware
Bulletins:
CVE-2006-5536
SFBID20689
Severity:
Moderate
Description:
Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter.
Applies to:
DSL-G624T
Created:
2006-10-26
Updated:
2020-10-10

ID:
CVE-2006-5538
Title:
D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request.
Type:
Hardware
Bulletins:
CVE-2006-5538
Severity:
Moderate
Description:
D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request.
Applies to:
DSL-G624T
Created:
2006-10-26
Updated:
2020-10-10

ID:
CVE-2006-5553
Title:
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan...
Type:
Hardware
Bulletins:
CVE-2006-5553
SFBID20737
Severity:
Critical
Description:
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
Applies to:
Unified Callmanager
Created:
2006-10-26
Updated:
2020-10-10

ID:
CVE-2006-5382
Title:
3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that...
Type:
Hardware
Bulletins:
CVE-2006-5382
SFBID20736
Severity:
Critical
Description:
3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned.
Applies to:
3Com SS3-4400-24PWR
Created:
2006-10-25
Updated:
2020-10-10

ID:
MITRE:783
Title:
oval:org.mitre.oval:def:783: Windows Server 2003 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:783
CVE-2005-1983
Severity:
Critical
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:618
Title:
oval:org.mitre.oval:def:618: Windows XP,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:618
CVE-2005-1218
Severity:
Moderate
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:609
Title:
oval:org.mitre.oval:def:609: Windows Server 2003 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:609
CVE-2005-1218
Severity:
Moderate
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:497
Title:
oval:org.mitre.oval:def:497: Windows XP,SP2 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:497
CVE-2005-1983
Severity:
Critical
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:474
Title:
oval:org.mitre.oval:def:474: Windows 2000 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:474
CVE-2005-1983
Severity:
Critical
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:376
Title:
oval:org.mitre.oval:def:376: Windows XP,SP2 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:376
CVE-2005-1218
Severity:
Moderate
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:346
Title:
oval:org.mitre.oval:def:346: Windows Server 2003,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:346
CVE-2005-1218
Severity:
Moderate
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:267
Title:
oval:org.mitre.oval:def:267: Windows XP Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:267
CVE-2005-1983
Severity:
Critical
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:256
Title:
oval:org.mitre.oval:def:256: Windows XP,SP2 Print Spooler Service Buffer Overflow
Type:
Miscellaneous
Bulletins:
MITRE:256
CVE-2005-1984
Severity:
Critical
Description:
Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:180
Title:
oval:org.mitre.oval:def:180: Windows 2000,SP4 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:180
CVE-2005-1218
Severity:
Moderate
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
MITRE:160
Title:
oval:org.mitre.oval:def:160: Windows Server 2003 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
MITRE:160
CVE-2005-1983
Severity:
Critical
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-10-24
Updated:
2020-10-10

ID:
REF000190
Title:
Webmin running
Type:
Information
Bulletins: Severity:
Information
Description:
Webmin installed and running on this computer (port 10000)
Applies to:
Webmin
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000197
Title:
VNC server listening on port 5901
Type:
Information
Bulletins: Severity:
Information
Description:
The remote server is running VNC. VNC permits a console to be displayed remotely and should be disabled if not required. VNC can be blocked using a firewall or simply by stopping the VNC service.
Applies to:
VNC
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000245
Title:
Upnp helper is running
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
This service is not recommended to be running production machines.
Applies to:
UPnP
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000188
Title:
Sub7 server passworded
Type:
Information
Bulletins: Severity:
Information
Description:
Verify if the Sub7 server is passworded or not
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000185
Title:
Squid running
Type:
Information
Bulletins: Severity:
Information
Description:
Squid Web Proxy Cache is running on this computer.
Applies to:
Squid
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000196
Title:
Some POP3 server banners providing information to attacker
Type:
Information
Bulletins: Severity:
Information
Description:
The script displays the information provided by the POP3 server. This information could help an attacker choose the best attack vector for the server.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000252
Title:
Sasser worm
Type:
Miscellaneous
Bulletins: Severity:
High
Description:
Sasser worm leaves a backdoor on port 5554 which allows transfer of files. Make sure you run an Antivirus on the infected computer.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000182
Title:
Oracle HTTP Server running
Type:
Information
Bulletins: Severity:
Information
Description:
Oracle HTTP server running on this computer.
Applies to:
Oracle
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000181
Title:
MySQL (open source database) running
Type:
Information
Bulletins: Severity:
Information
Description:
MySQL is running on this computer.
Applies to:
MySQL
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000180
Title:
Microsoft SQL server
Type:
Information
Bulletins: Severity:
Information
Description:
Microsoft SQL server is installed on this computer.
Applies to:
Microsoft SQL
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000192
Title:
List of modems installed
Type:
Information
Bulletins: Severity:
Information
Description:
lists the installed modem drivers
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000195
Title:
IMAP4 server banner provides information to attacker
Type:
Information
Bulletins: Severity:
Information
Description:
Imap banners with information such as server versions and types should be omitted where possible. Instead you can change them to something more generic that will hide such information from potential intruders.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000161
Title:
Ftp Exposing Full Path
Type:
FTP
Bulletins: Severity:
Medium
Description:
Anonymous FTP is exposing full path. This might give out sensitive information or mean that the ftp server is misconfigured.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000194
Title:
Finger service running
Type:
Information
Bulletins: Severity:
Information
Description:
Using a finger server a remote user can get a wide range of information regarding users on the local machine.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000193
Title:
Citrix server running on this host
Type:
Information
Bulletins: Severity:
Information
Description:
For information only
Applies to:
Citrix
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000240
Title:
BugBear-B backdoor
Type:
Miscellaneous
Bulletins: Severity:
High
Description:
BugBear.B (worm) leaves a backdoor which allows hackers remote access to your computer.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000177
Title:
Apache Tomcat running
Type:
Information
Bulletins: Severity:
Information
Description:
Apache Tomcat running on port 8080
Applies to:
Apache Tomcat
Created:
2006-10-17
Updated:
2010-08-21

ID:
MITRE:738
Title:
oval:org.mitre.oval:def:738: Redirect Cross-Domain Information Disclosure Vulnerability
Type:
Web
Bulletins:
MITRE:738
CVE-2006-3280
Severity:
Critical
Description:
Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:719
Title:
oval:org.mitre.oval:def:719: COM Object Instantiation Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:719
CVE-2006-3638
Severity:
Critical
Description:
Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:694
Title:
oval:org.mitre.oval:def:694: Visual Basic for Applications Vulnerability
Type:
Software
Bulletins:
MITRE:694
CVE-2006-3649
Severity:
Moderate
Description:
Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute arbitrary code via unspecified document properties that are not verified when VBA is invoked to open documents.
Applies to:
Microsoft Visual Basic 6.0
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:5
Title:
oval:org.mitre.oval:def:5: CSS Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:5
CVE-2006-3451
Severity:
Critical
Description:
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors.
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:577
Title:
oval:org.mitre.oval:def:577: Source Element Cross-Domain Vulnerability
Type:
Web
Bulletins:
MITRE:577
CVE-2006-3639
Severity:
Critical
Description:
Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:502
Title:
oval:org.mitre.oval:def:502: HTML Rendering Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:502
CVE-2006-3637
Severity:
Moderate
Description:
Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:462
Title:
oval:org.mitre.oval:def:462: FTP Server Command Injection Vulnerability
Type:
Web
Bulletins:
MITRE:462
CVE-2004-1166
Severity:
Critical
Description:
CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:433
Title:
oval:org.mitre.oval:def:433: HTML Layout and Positioning Memory Corruption Vulnerability
Type:
Web
Bulletins:
MITRE:433
CVE-2006-3450
Severity:
Critical
Description:
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
MITRE:171
Title:
oval:org.mitre.oval:def:171: Window Location Information Disclosure Vulnerability
Type:
Web
Bulletins:
MITRE:171
CVE-2006-3640
Severity:
Moderate
Description:
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-10-16
Updated:
2020-10-10

ID:
CVE-2006-5202
Title:
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout...
Type:
Hardware
Bulletins:
CVE-2006-5202
SFBID19347
Severity:
Moderate
Description:
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.
Applies to:
wrt54g
Created:
2006-10-10
Updated:
2020-10-10

ID:
MITRE:1987
Title:
oval:org.mitre.oval:def:1987: Remote Code Execution Vulnerability in Flash Player 6 and 7
Type:
Web
Bulletins:
MITRE:1987
CVE-2005-2628
Severity:
Moderate
Description:
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
Applies to:
Adobe Flash Player
Created:
2006-10-07
Updated:
2020-10-10

ID:
MITRE:1922
Title:
oval:org.mitre.oval:def:1922: Remote Code Execution Vulnerability in Flash Player 8
Type:
Web
Bulletins:
MITRE:1922
CVE-2006-0024
Severity:
Moderate
Description:
Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
Applies to:
Adobe Flash Player
Created:
2006-10-07
Updated:
2020-10-10

ID:
CVE-2006-4950
Title:
Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting...
Type:
Hardware
Bulletins:
CVE-2006-4950
SFBID20125
Severity:
Critical
Description:
Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables.
Applies to:
Created:
2006-09-23
Updated:
2020-10-10

ID:
CVE-2006-4775
Title:
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a...
Type:
Hardware
Bulletins:
CVE-2006-4775
SFBID19998
Severity:
Critical
Description:
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.
Applies to:
Created:
2006-09-13
Updated:
2020-10-10

ID:
CVE-2006-4774
Title:
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.
Type:
Hardware
Bulletins:
CVE-2006-4774
SFBID19998
Severity:
Critical
Description:
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.
Applies to:
Created:
2006-09-13
Updated:
2020-10-10

ID:
CVE-2006-4776
Title:
Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement.
Type:
Hardware
Bulletins:
CVE-2006-4776
SFBID19998
Severity:
Critical
Description:
Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement.
Applies to:
Created:
2006-09-13
Updated:
2020-10-10

ID:
CVE-2006-4662
Title:
SANS06C4: ICQ 2003b Buffer Overflow
Type:
Software
Bulletins:
CVE-2006-4662
SFBID19897
Severity:
Critical
Description:
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.
Applies to:
AOL ICQ
Created:
2006-09-12
Updated:
2020-10-10

ID:
CVE-2006-4650
Title:
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect...
Type:
Hardware
Bulletins:
CVE-2006-4650
SFBID19878
Severity:
Low
Description:
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs.
Applies to:
Created:
2006-09-08
Updated:
2020-10-10

ID:
CVE-2006-4352
Title:
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
Type:
Hardware
Bulletins:
CVE-2006-4352
Severity:
Moderate
Description:
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
Applies to:
Cisco CSS 11100 Content Services Switch Series
Created:
2006-08-25
Updated:
2020-10-10

ID:
CVE-2006-2113
Title:
The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not...
Type:
Hardware
Bulletins:
CVE-2006-2113
SFBID19716
Severity:
Moderate
Description:
The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server.
Applies to:
Laser Printer 3100cn
Laser Printer 5100cn
Created:
2006-08-24
Updated:
2020-10-10

ID:
CVE-2006-2112
Title:
Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP...
Type:
Hardware
Bulletins:
CVE-2006-2112
SFBID19711
Severity:
Critical
Description:
Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted.
Applies to:
Laser Printer 3100cn
Laser Printer 5100cn
Created:
2006-08-24
Updated:
2020-10-10

ID:
CVE-2006-4312
Title:
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user...
Type:
Hardware
Bulletins:
CVE-2006-4312
SFBID19681
Severity:
Moderate
Description:
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.
Applies to:
Created:
2006-08-23
Updated:
2020-10-10

ID:
CVE-2006-4143
Title:
Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums.
Type:
Hardware
Bulletins:
CVE-2006-4143
SFBID19468
Severity:
Critical
Description:
Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums.
Applies to:
FVG318 Router
Created:
2006-08-14
Updated:
2020-10-10

ID:
CVE-2006-4015
Title:
Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2006-4015
SFBID19310
Severity:
Moderate
Description:
Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors.
Applies to:
ProCurve Switch 3500yl
Procurve Switch 5400zl
Procurve Switch 6200yl
Created:
2006-08-07
Updated:
2020-10-10

ID:
CVE-2006-3906
Title:
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the...
Type:
Hardware
Bulletins:
CVE-2006-3906
SFBID19176
Severity:
Moderate
Description:
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.
Applies to:
Cisco PIX 501 Firewall
Cisco PIX 506 Firewall
Cisco PIX 515 Firewall
Cisco PIX 515E Firewall
Cisco PIX 520 Firewall
Cisco PIX 525 Firewall
Cisco PIX 535 Firewall
Created:
2006-07-27
Updated:
2020-10-10

ID:
CVE-2006-3687
Title:
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows...
Type:
Hardware
Bulletins:
CVE-2006-3687
SFBID19006
Severity:
Critical
Description:
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.
Applies to:
DI-524
DI-604
DI-624
DI-784
EBR-2310
WBR-1310
WBR-2310
Created:
2006-07-21
Updated:
2020-10-10

ID:
CVE-2006-3592
Title:
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI...
Type:
Hardware
Bulletins:
CVE-2006-3592
SFBID18952
Severity:
Moderate
Description:
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005.
Applies to:
Unified Callmanager
Created:
2006-07-18
Updated:
2020-10-10

ID:
CVE-2006-3593
Title:
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
Type:
Hardware
Bulletins:
CVE-2006-3593
SFBID18952
Severity:
Moderate
Description:
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
Applies to:
Unified Callmanager
Created:
2006-07-18
Updated:
2020-10-10

ID:
CVE-2006-3594
Title:
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542.
Type:
Hardware
Bulletins:
CVE-2006-3594
SFBID18952
Severity:
Critical
Description:
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542.
Applies to:
Unified Callmanager
Created:
2006-07-18
Updated:
2020-10-10

ID:
CVE-2006-3529
Title:
Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed.
Type:
Hardware
Bulletins:
CVE-2006-3529
SFBID18930
Severity:
Moderate
Description:
Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed.
Applies to:
Created:
2006-07-11
Updated:
2020-10-10

ID:
CVE-2006-3291
Title:
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all...
Type:
Hardware
Bulletins:
CVE-2006-3291
SFBID18704
Severity:
Critical
Description:
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.
Applies to:
Created:
2006-06-28
Updated:
2020-10-10

ID:
CVE-2006-3109
Title:
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in...
Type:
Hardware
Bulletin