CVE-2010-3197
IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unspecified vectors. Date published...
IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unspecified vectors. Date published...
IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view. Date published :...
Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and...
The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an...
Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 has unknown impact and attack vectors. Date published : 2010-08-31 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65408 http://www-01.ibm.com/support/docview.wss?uid=swg1IC65703
Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that...
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010;...
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer. Date...
SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page. Date published : 2010-08-31 http://www.securityfocus.com/archive/1/513385/100/0/threaded http://sourceforge.net/projects/btnet/files/btnet_3_4_4_release_notes.txt/view
Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2010-08-31 http://common1.biz/cgi_bug.html http://jvn.jp/en/jp/JVN75101998/index.html
Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2010-08-31 http://common1.biz/cgi_bug.html http://jvn.jp/en/jp/JVN24423311/index.html
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer. Date...
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. Date published : 2010-08-30 http://www.ibm.com/support/docview.wss?uid=isg1IZ83252 http://www.ibm.com/support/docview.wss?uid=isg1IZ83274
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, when a JAX-WS application is used, does not properly handle an IncludeTimestamp setting in...