| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager (CM) 3.1.x, 4.0.3, and 5.x allow remote attackers to read (1) configuration files, (2) log files, (3) binary image files, and (4) help files via unknown vectors. |
| The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services. |
| Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors. |
| The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree. |
| The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation. |
| Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected. |
| ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), have (1) "user" as their default password for the "user" account and (2) "1234" as their default password for the "admin" account, which makes it easier for remote attackers to obtain access. |
| The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP requests from any source IP address. |
| Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list." |
| The default configuration of TekRADIUS 3.0 uses the sa account to communicate with Microsoft SQL Server, which makes it easier for remote attackers to obtain privileged access to the database and the underlying Windows operating system. |
| PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. |
| includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header. |
| The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote attackers to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka "ActiveX Object Vulnerability." |
| The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote attackers to make copies of video content via stream-capture software. |
| hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack. |
| The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet Explorer. NOTE: it could be argued that if an attacker already has control over WINS/DNS, then web traffic could already be intercepted by modifying WINS or DNS records, so this would not cross privilege boundaries and would not be a vulnerability. It has also been reported that DHCP is an alternate attack vector. |
| zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges. |
| WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle the interaction between International Domain Name (IDN) support and Unicode fonts, which allows remote attackers to create a URL containing "look-alike characters" (homographs) and possibly perform phishing attacks. |
| The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply. |
| Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration. |