|
303081
|
- |
|
dhttpd
|
dhttpd
|
dhttpd allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
|
CWE-399
Resource Management Errors
|
CVE-2009-5110
|
2024-11-21 10:11 |
2011-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303082
|
- |
|
mini-stream
|
ripper
|
Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5109
|
2024-11-21 10:11 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303083
|
- |
|
namazu
|
namazu
|
Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty ur…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5028
|
2024-11-21 10:11 |
2011-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303084
|
- |
|
atcom
|
netvolution
|
Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable.
|
CWE-79
Cross-site Scripting
|
CVE-2009-5103
|
2024-11-21 10:11 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303085
|
- |
|
atcom
|
netvolution
|
SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpe_nid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-5102
|
2024-11-21 10:11 |
2011-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303086
|
- |
|
pentaho
|
bi_server
|
Pentaho BI Server 1.7.0.1062 and earlier includes the session ID (JSESSIONID) in the URL, which allows attackers to obtain it from session history, referer headers, or sniffing of web traffic.
|
CWE-200
Information Exposure
|
CVE-2009-5101
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303087
|
- |
|
pentaho
|
bi_server
|
Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete tag to off on web pages using a password field, which might allow physically proximate attackers to obtain the password.
|
CWE-200
Information Exposure
|
CVE-2009-5100
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303088
|
- |
|
pentaho
|
bi_server
|
Cross-site scripting (XSS) vulnerability in ViewAction in Pentaho BI Server 1.7.0.1062 and earlier allows remote attackers to inject arbitrary web script or HTML via the outputType parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-5099
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303089
|
- |
|
hp
|
palm_pre_webos
|
The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long s…
|
CWE-399
Resource Management Errors
|
CVE-2009-5098
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303090
|
- |
|
hp
|
palm_pre_webos
|
Palm Pre WebOS 1.1 and earlier processes JavaScript in email messages, which allows remote attackers to execute arbitrary JavaScript, as demonstrated by reading PalmDatabase.db3.
|
CWE-94
Code Injection
|
CVE-2009-5097
|
2024-11-21 10:11 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
