[CLOSE] OSVDB ID : 51226 - Disclosed: 2006-03-03

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 51224 - Disclosed: 2006-03-03

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 51222 - Disclosed: 2006-03-03

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 51220 - Disclosed: 2001-11-08

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 3

Vulnerability Classification

[CLOSE] OSVDB ID : 51218 - Disclosed: 2003-05-12

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 3

Vulnerability Classification

[CLOSE] OSVDB ID : 25257 - Disclosed: 2006-05-04

Description:

Big Webmaster Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'name', 'mail', 'site', 'city', 'state' and 'country' fields upon submission to the 'addguest.cgi' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Comments: 0, Blogs: 0, References: 5

Vulnerability Classification

[CLOSE] OSVDB ID : 40621 - Disclosed: 2007-10-17

Description:

Simple PHP Blog contains a flaw that allows a remote Cross-Site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application does not require multiple steps and/or confirmation for sensitive transactions to delete posts. By using a crafted URL (e.g. a crafted GET request inside an "img" tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

Comments: 0, Blogs: 0, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 44643 - Disclosed: 2008-04-23

Description:

A buffer overflow exists in HD Audio Codec Driver. RTKVHDA.sys and RTKVHDA64.sys fail to validate IOCTL requests resulting in an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Comments: 0, Blogs: 0, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 382 - Disclosed: 1999-07-17

Description:

By default, PostgresSQL installs without a default password for the postgres user account. This username and password combination is publicly known and documented. This allows attackers to trivially access the program or system with administrative priveleges.

Comments: 0, Blogs: 0, References: 28

Vulnerability Classification

[CLOSE] OSVDB ID : 16866 - Disclosed: 2005-05-26

Description:

A remote overflow exists in Terminator 3: War of the Machines. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request containing an overly long CD-key hash, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Comments: 0, Blogs: 0, References: 6

Vulnerability Classification

[CLOSE] OSVDB ID : 49243 - Disclosed: 2008-10-23

Description:

Microsoft Windows Server Service contains a flaw that may allow a malicious user to remotely execute arbitrary code. The issue is triggered when a crafted RPC request is handled. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.

Comments: 0, Blogs: 267, References: 30

Vulnerability Classification

[CLOSE] OSVDB ID : 50611 - Disclosed: 2008-12-09

Description:

(Description Provided by CVE) : Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Parameter Validation Memory Corruption Vulnerability."

Comments: 0, Blogs: 8, References: 8

Vulnerability Classification

[CLOSE] OSVDB ID : 50610 - Disclosed: 2008-12-09

Description:

(Description Provided by CVE) : Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

Comments: 0, Blogs: 7, References: 10

Vulnerability Classification

[CLOSE] OSVDB ID : 50581 - Disclosed: 2008-12-09

Description:

(Description Provided by CVE) : The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "Charts Control Memory Corruption Vulnerability."

Comments: 0, Blogs: 6, References: 9

Vulnerability Classification

[CLOSE] OSVDB ID : 49736 - Disclosed: 2008-11-11

Description:

(Description Provided by CVE) : Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.

Comments: 0, Blogs: 41, References: 10

Vulnerability Classification