courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters. Date published : 2009-08-19...
The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man’s Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service...
Skalfa Software SkaLinks Exchange Script 1.5 allows remote attackers to add new administrators and gain privileges via a direct request to admin/register.php. Date published : 2009-08-19 http://www.securityfocus.com/bid/31158 https://www.exploit-db.com/exploits/6445
Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details...
HyperStop Web Host Directory 1.2 allows remote attackers to bypass authentication and download a database backup via a direct request to admin/backup/db. Date published : 2009-08-19 http://www.securityfocus.com/bid/31249 http://packetstorm.linuxsecurity.com/0809-exploits/webhost-database.txt
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and gain administrative access by setting the (1) admin_name and (2) admin_pass cookie values to 1. Date published : 2009-08-19 http://www.securityfocus.com/bid/31174 https://www.exploit-db.com/exploits/6457
Free PHP VX Guestbook 1.06 allows remote attackers to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php. Date published : 2009-08-19 http://www.securityfocus.com/bid/31174 https://www.exploit-db.com/exploits/6456
include/modules/top/1-random_quote.php in Minb Is Not a Blog (minb) 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotes_to_edit parameter. NOTE: this issue has been reported as an unrestricted file upload by some...
Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c. Date published : 2009-08-19 https://midas.psi.ch/elog/download/ChangeLog http://www.osvdb.org/41684
Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via "malicious packets." Date published : 2009-08-19 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ52433 ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access via a das command. Date published : 2009-08-19 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ34149 ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the...
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service...
kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. Date published : 2009-08-19 http://www.securityfocus.com/archive/1/505881/100/0/threaded https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665