|
306691
|
- |
|
mcafee
|
host_data_loss_prevention
|
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive inf…
|
CWE-200
Information Exposure
|
CVE-2009-5117
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306692
|
- |
|
mcafee
|
linuxshield
|
McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client …
|
CWE-287
Improper Authentication
|
CVE-2009-5116
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306693
|
- |
|
mcafee
|
common_management_agent
|
McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5115
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306694
|
- |
|
mysql
oracle
|
mysql
|
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows…
|
CWE-89
SQL Injection
|
CVE-2009-5026
|
2024-11-21 10:11 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306695
|
- |
|
redhat
|
jboss_community_application_server
jboss_enterprise_application_platform
|
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.
|
CWE-255
Credentials Management
|
CVE-2009-5066
|
2024-11-21 10:11 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306696
|
- |
|
trustwave
opensuse
|
modsecurity
opensuse
|
ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2009-5031
|
2024-11-21 10:11 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306697
|
- |
|
uclouvain
|
openjpeg
|
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile informa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5030
|
2024-11-21 10:11 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306698
|
- |
|
iwork
|
webglimpse
|
Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.
|
CWE-22
Path Traversal
|
CVE-2009-5114
|
2024-11-21 10:11 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306699
|
- |
|
iwork
|
webglimpse
|
Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-5113
|
2024-11-21 10:11 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306700
|
- |
|
iwork
|
webglimpse
|
wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request.
|
CWE-200
Information Exposure
|
CVE-2009-5112
|
2024-11-21 10:11 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
