zeroday.info

Vulnerability Bulletin
Home    Find by year

Vulnerabilities in 2008


January 03, 2008

Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.12 Enterprise

Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 allows remote attackers to inject arbitrary web script or HTML, which is not properly handled when generating error messages, as demonstrated by input originally sent in the URI to secure/CreateIssue. NOTE: some of these details are obtained from third party information.
Reference    Comments


January 03, 2008

Atlassian JIRA 3.12 Enterprise

JIRA Enterprise Edition before 3.12.1 allows remote attackers to delete another user's shared filter via a modified filter ID.
Reference    Comments


January 03, 2008

Permissions, privileges, and access control vulnerability in Atlassian JIRA 3.12 Enterprise

The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup attempts after setup is complete, which allows remote attackers to change the default language.
Reference    Comments


January 03, 2008

Debian Unp 1.0.12

unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product.
Reference    Comments


January 03, 2008

Buffer overflow vulnerability in GNU libcdio 0.79

Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.
Reference    Comments


January 03, 2008

Buffer overflow vulnerability in Microsoft Internet Explorer 7

A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method.
Reference    Comments


January 03, 2008

Format string vulnerability in Novell Novell Identity Manager 3.5.1

The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan.
Reference    Comments


January 04, 2008

SQL injection vulnerability in CMS Made Simple 1.2.2

SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter.
Reference    Comments


January 04, 2008

SQL injection vulnerability in Zenphoto zenphoto 1.1.2

SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter.
Reference    Comments


January 08, 2008

Cross-site scripting (XSS) vulnerability in Apache Software Foundation Apache HTTP Server 2.2

Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Reference    Comments


January 08, 2008

Microsoft Windows XP Service Pack 2 x64 (64-bit)

The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability."
Reference    Comments


January 08, 2008

Permissions, privileges, and access control vulnerability in Novell ZENworks Endpoint Security Management 3.5

STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versions before 3.5.0.82, dynamically creates scripts in a world-writable directory when generating diagnostic reports, which allows local users to gain privileges, as demonstrated by creating a cmd.exe binary in the diagnostic report directory.
Reference    Comments


January 08, 2008

Permissions, privileges, and access control vulnerability in PHP PHP 4.4.7

Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663.
Reference    Comments


January 08, 2008

Cross-site scripting (XSS) vulnerability in Snitz Communications Snitz Forums 2000 3.3.03

Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter.
Reference    Comments


January 08, 2008

Permissions, privileges, and access control vulnerability in Snitz Communications Snitz Forums 2000 3.3.03

Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb.
Reference    Comments


January 08, 2008

Information leak/disclosure vulnerability in Snitz Communications Snitz Forums 2000 3.4.05

Snitz Forums 2000 3.4.05 allows remote attackers to obtain sensitive information via a direct request to forum/whereami.asp, which reveals the database path.
Reference    Comments


January 09, 2008

IBM WebSphere Application Server 6.1.0.2 (Fix Pack 2)

Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected.
Reference    Comments


January 09, 2008

Buffer overflow vulnerability in McAfee e-Business Server 8.5.2

The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet.
Reference    Comments


January 09, 2008

Input validation vulnerability in Novell Netware Client 4.91 SP4

NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
Reference    Comments


January 09, 2008

Numeric errors vulnerability in PostgreSQL 8.1.1

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
Reference    Comments

Privacy Policy    Glossary