single software vulnerabilities
vulnerabilities.aspcode.net
Searching single software vulnerabilities
common.inc.php in phpWebLog 0.4.2 does not prop
commonincphp
|
phpWebLog
|
common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.
The OpenPGP PGP standard allows an attacker to
cryptanalytic
|
determine
|
signature
|
encrypted
|
attacker
|
standard
|
captures
|
message
|
OpenPGP
|
private
|
alters
|
signed
|
single
|
allows
|
attack
|
which
|
file
|
PGP
|
key
|
via
|
The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.
Allied Telesyn AT-AR220e cable/DSL router firmw
portmappings
|
portmapper
|
cable/DSL
|
AT-AR220e
|
disabled
|
'Virtual
|
attacker
|
services
|
firmware
|
enabled
|
Server'
|
Telesyn
|
mapped
|
access
|
Allied
|
single
|
though
|
remote
|
router
|
allow
|
108a
|
RC14
|
gain
|
even
|
may
|
can
|
Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled.
Spytech SpyAnywhere 1.50 allows remote attacker
SpyAnywhere
|
Spytech
|
Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a a single character in the "loginpass" field.
IBM DB2 7.0 allows a remote attacker to cause a
attacker
|
service
|
denial
|
remote
|
allows
|
cause
|
IBM
|
DB2
|
IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.
Transparent Network Substrate (TNS) Listener in
Transparent
|
Substrate
|
Network
|
Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521.
advserver.exe in Advanced Web Server (AdvServer
advserverexe
|
Advanced
|
Server
|
Web
|
advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence.
hash.c in Ganglia gmond 2.5.3 allows remote att
Ganglia
|
gmond
|
hashc
|
hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index.
msxml3.dll in Internet Explorer 6.0.2600.0 allo
msxml3dll
|
Explorer
|
Internet
|
msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a
link, which triggers a parsing error, possibly due to missing portions of the URI.
Red-M Red-Alert 2.7.5 with software 3.1 build 2
Red-Alert
|
Red-M
|
Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single space, which prevents Red-Alert from correctly identifying the SSID.
efFingerD 0.2.12 allows remote attackers to cau
efFingerD
|
efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a packet with a single byte, which triggers a "Wrong protocol or connection state" error.
The ij_untrusted_url function in JunkBuster 2.0
ij_untrusted_url
|
single-threaded
|
JunkBuster
|
overwrite
|
attackers
|
referrer
|
function
|
request
|
crafted
|
enabled
|
202-r2
|
allows
|
remote
|
field
|
HTTP
|
mode
|
via
|
The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request.
shop_display_products.php in Naxtor Shopping Ca
shop_display_productsphp
|
information
|
attackers
|
sensitive
|
Shopping
|
allows
|
Naxtor
|
cat_id
|
remote
|
obtain
|
Cart
|
"'"
|
via
|
shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability.
index.php in ECW-Shop 6.0.2 allows remote attac
ECW-Shop
|
indexphp
|
index.php in ECW-Shop 6.0.2 allows remote attackers to obtain sensitive information via the (1) min or (2) max parameter with a "'" (single quote), which reveals the path in an error message, possibly due to a SQL injection vulnerability.
Unspecified vulnerability in Single Sign-On in
vulnerability
|
Unspecified
|
Database
|
Sign-On
|
Server
|
Single
|
Oracle
|
10g
|
Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 and AS08.
index.php in VUBB alpha rc1 allows remote attac
installation
|
application
|
attackers
|
parameter
|
viewforum
|
indexphp
|
single
|
action
|
remote
|
allows
|
obtain
|
quote
|
alpha
|
path
|
VUBB
|
rc1
|
via
|
set
|
index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote (').
Phex before 2.8.6 allows remote attackers to ca
before
|
Phex
|
Phex before 2.8.6 allows remote attackers to cause a denial of service (application hang) by initiating multiple chat requests to a single user and then logging off.
Mozilla Firefox 2.0, possibly only when running
representing
|
Protection
|
attackers
|
mechanism
|
Phishing
|
possibly
|
Firefox
|
Mozilla
|
address
|
Windows
|
running
|
allows
|
remote
|
bypass
|
only
|
Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.
Integer overflow in the str_replace function in
str_replace
|
function
|
overflow
|
Integer
|
PHP
|
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
Unspecified vulnerability in Oracle Application
vulnerability
|
Application
|
Unspecified
|
Server
|
Oracle
|
Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01.
Software vulnerabilities results 1 to 20 of 70
Page:
1
2
3
4
►