CVE-2009-3720 – expat: buffer over-read and crash on XML with malformed UTF-8 sequences
https://notcve.org/view.php?id=CVE-2009-3720
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. La función updatePosition en lib/xmltok_impl.c en libexpat en Expat v2.0.1, usado en Python, PyXML, w3c-libwww, ay otros programas, permite a atacantes dependientes de contexto, provocar una denegación de servicio (caída de aplicación) a través de un documento XML con una secuencia de caracteres UTF-8 manipulada que provoca un desbordamiento de búfer fuera de límite (over-read). Vulnerabilidad distinta de CVE-2009-2625. • http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051367.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051405. •
CVE-2008-2384 – mod_auth_mysql: character encoding SQL injection flaw
https://notcve.org/view.php?id=CVE-2008-2384
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request. Vulnerabilidad de inyección SQL en mod_auth_mysql.c en el módulo mod-auth-mysql (alias libapache2-mod-auth-mysql) para Apache HTTP Server 2.x, permite a atacantes remotos ejecutar comandos SQL de su elección a través de codificaciones de caracteres multibyte para entradas no especificadas. • http://klecker.debian.org/~white/mod-auth-mysql/CVE-2008-2384_mod-auth-mysql.patch http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053899.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053903.html http://openwall.com/lists/oss-security/2009/01/21/10 http://secunia.com/advisories/33627 http://secunia.com/advisories/43302 http://www.redhat.com/support/errata/RHSA-2009-0259.html http://www.redhat.com/support/errata/RHSA-2010-1002. • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0455 – Apache 2.2.6 mod_negotiation - HTML Injection / HTTP Response Splitting
https://notcve.org/view.php?id=CVE-2008-0455
Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo mod_negotiation de Apache HTTP Server 2.2.6 y anteriores en las series 2.2.x, 2.0.61 y anteriores en las series 2.0.x, y 1.3.39 y anteriores en las series 1.3.x permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML de su elección subiendo un fichero con un nombre que contiene secuencias XSS y una extensión de fichero, lo cual conduce conduce a la inyección en respuestas HTTP (1) "406 Not Acceptable" o (2) "300 Multiple Choices" cuando se omite la extensión en la petición del fichero. • https://www.exploit-db.com/exploits/31052 http://rhn.redhat.com/errata/RHSA-2012-1591.html http://rhn.redhat.com/errata/RHSA-2012-1592.html http://rhn.redhat.com/errata/RHSA-2012-1594.html http://rhn.redhat.com/errata/RHSA-2013-0130.html http://secunia.com/advisories/29348 http://secunia.com/advisories/51607 http://security.gentoo.org/glsa/glsa-200803-19.xml http://securityreason.com/securityalert/3575 http://securitytracker.com/id?1019256 http://www.mindedsecurity.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-5000 – httpd: mod_imagemap XSS
https://notcve.org/view.php?id=CVE-2007-5000
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en los módulos (1) mod_imap en Apache HTTP Server 1.3.0 hasta 1.3.39 y 2.0.35 hasta 2.0.61, y (2) mod_imagemap en Apache HTTP Server 2.2.0 hasta 2.2.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante vectores no especificados. • http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 http://httpd.apache.org/security/vulnerabilities_13.html http://httpd.apache.org/security/vulnerabilities_20.html http://httpd.apache.org/security/vulnerabilities_22.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-0435
https://notcve.org/view.php?id=CVE-2006-0435
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html http://secunia.com/advisories/18621 http://secunia.com/advisories/19712 http://secunia.com/advisories/19859 http://securityreason.com/securityalert/402 http://securityreason.com/securityalert/403 http://securitytracker.com/id?1015544 http://securitytracker.com/id?10 •