|
312371
|
- |
|
mcafee
|
linuxshield
|
McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client …
|
CWE-287
Improper Authentication
|
CVE-2009-5116
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312372
|
- |
|
mcafee
|
common_management_agent
|
McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5115
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312373
|
- |
|
mysql
oracle
|
mysql
|
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows…
|
CWE-89
SQL Injection
|
CVE-2009-5026
|
2024-11-21 10:11 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312374
|
- |
|
redhat
|
jboss_community_application_server
jboss_enterprise_application_platform
|
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.
|
CWE-255
Credentials Management
|
CVE-2009-5066
|
2024-11-21 10:11 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312375
|
- |
|
trustwave
opensuse
|
modsecurity
opensuse
|
ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2009-5031
|
2024-11-21 10:11 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312376
|
- |
|
uclouvain
|
openjpeg
|
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile informa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5030
|
2024-11-21 10:11 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312377
|
- |
|
iwork
|
webglimpse
|
Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.
|
CWE-22
Path Traversal
|
CVE-2009-5114
|
2024-11-21 10:11 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312378
|
- |
|
iwork
|
webglimpse
|
Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-5113
|
2024-11-21 10:11 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312379
|
- |
|
iwork
|
webglimpse
|
wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request.
|
CWE-200
Information Exposure
|
CVE-2009-5112
|
2024-11-21 10:11 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312380
|
- |
|
goahead
|
goahead_webserver
|
GoAhead WebServer allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
|
CWE-399
Resource Management Errors
|
CVE-2009-5111
|
2024-11-21 10:11 |
2011-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
