|
303191
|
- |
|
php
|
php
|
Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanism…
|
CWE-189
Numeric Errors
|
CVE-2009-5016
|
2024-11-21 10:10 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303192
|
- |
|
turbogears
|
turbogears2
|
The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-5015
|
2024-11-21 10:10 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303193
|
- |
|
turbogears
|
turbogears2
|
The default quickstart configuration of TurboGears2 (aka tg2) before 2.0.2 has a weak cookie salt, which makes it easier for remote attackers to bypass repoze.who authentication via a forged authoriz…
|
CWE-310
Cryptographic Issues
|
CVE-2009-5014
|
2024-11-21 10:10 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303194
|
- |
|
g.rodola
|
pyftpdlib
|
Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service (memory consumption) by sending a QUIT command during…
|
CWE-399
Resource Management Errors
|
CVE-2009-5013
|
2024-11-21 10:10 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303195
|
- |
|
g.rodola
|
pyftpdlib
|
ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5012
|
2024-11-21 10:10 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303196
|
- |
|
g.rodola
|
pyftpdlib
|
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TC…
|
CWE-362
Race Condition
|
CVE-2009-5011
|
2024-11-21 10:10 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303197
|
- |
|
g.rodola
|
pyftpdlib
|
Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TC…
|
CWE-362
Race Condition
|
CVE-2009-5010
|
2024-11-21 10:10 |
2010-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303198
|
- |
|
apache
redhat
|
qpid
enterprise_mrg
|
The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and o…
|
NVD-CWE-Other
|
CVE-2009-5006
|
2024-11-21 10:10 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303199
|
- |
|
apache
redhat
|
qpid
enterprise_mrg
|
The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daem…
|
NVD-CWE-Other
|
CVE-2009-5005
|
2024-11-21 10:10 |
2010-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303200
|
- |
|
infradead
|
openconnect
|
Double free vulnerability in OpenConnect before 1.40 might allow remote AnyConnect SSL VPN servers to cause a denial of service (application crash) or possibly have unspecified other impact via a cra…
|
CWE-399
Resource Management Errors
|
CVE-2009-5009
|
2024-11-21 10:10 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
