Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value. Date published : 2009-07-14 http://www.securityfocus.com/bid/32028 https://www.exploit-db.com/exploits/6902
mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors. Date published : 2009-07-14 http://www.securityfocus.com/archive/1/504919/100/0/threaded http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors. Date published : 2009-07-14 http://www.securityfocus.com/archive/1/504919/100/0/threaded http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578
Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) environ, (2) input, and (3) counter TeX directives. Date published : 2009-07-14 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html http://scary.beasts.org/security/CESA-2009-009.html
Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100 graphic cards on system boards with part number 375-3463 and a hardware dash level -04 or later, allows remote attackers to cause a denial...
The DSNDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet. Date published : 2009-07-14 http://www.securityfocus.com/bid/35666 http://www.novell.com/support/viewContent.do?externalId=3426981
The DSNDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative...
Multiple cross-site scripting (XSS) vulnerabilities in webadmin/admin.php in @mail 5.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) type and (2) func parameters. NOTE: the provenance of this information...
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, 5.0, and 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2009-07-14 http://www.securityfocus.com/bid/34761 http://support.citrix.com/article/CTX120697
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access...
Multiple unspecified vulnerabilities in Citrix Licensing 11.5 have unknown impact and attack vectors, related to "underlying components of the License Management Console." Date published : 2009-07-14 http://www.securityfocus.com/bid/34759 http://support.citrix.com/article/CTX120742
Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or...
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height...
Unspecified vulnerability in the PeopleSoft Enterprise FMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1, 8.9 Bundle 33, and 9.0 Bundle 24 allows remote authenticated users to affect confidentiality and integrity...