|
294061
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary co…
|
CWE-94
Code Injection
|
CVE-2009-3077
|
2017-09-19 10:29 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294062
|
- |
|
mozilla
|
firefox
|
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a…
|
CWE-20
Improper Input Validation
|
CVE-2009-3078
|
2017-09-19 10:29 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294063
|
- |
|
mozilla
|
firefox
|
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the…
|
CWE-94
Code Injection
|
CVE-2009-3079
|
2017-09-19 10:29 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294064
|
- |
|
pidgin
|
libpurple
pidgin
|
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer derefe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-3083
|
2017-09-19 10:29 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294065
|
- |
|
pidgin
|
pidgin
libpurple
|
The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denia…
|
CWE-20
Improper Input Validation
|
CVE-2009-3084
|
2017-09-19 10:29 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294066
|
- |
|
pidgin
|
libpurple
pidgin
|
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial …
|
NVD-CWE-Other
|
CVE-2009-3085
|
2017-09-19 10:29 |
2009-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294067
|
- |
|
freeradius
|
freeradius
|
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module…
|
NVD-CWE-Other
|
CVE-2009-3111
|
2017-09-19 10:29 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294068
|
- |
|
solarwinds
|
tftp_server
|
SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are …
|
CWE-20
Improper Input Validation
|
CVE-2009-3115
|
2017-09-19 10:29 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294069
|
- |
|
uiga
|
church_portal
|
SQL injection vulnerability in index.php in Uiga Church Portal allows remote attackers to execute arbitrary SQL commands via the year parameter in a calendar action.
|
CWE-89
SQL Injection
|
CVE-2009-3116
|
2017-09-19 10:29 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294070
|
- |
|
snowhall
|
silurus_system
|
SQL injection vulnerability in category.php in Snow Hall Silurus System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
|
CWE-89
SQL Injection
|
CVE-2009-3117
|
2017-09-19 10:29 |
2009-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
