LanGuard reports



Supported OVAL Bulletins


More information on 2017 updates



ID:
CVE-2009-4455
Title:
The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended...
Type:
Hardware
Bulletins:
CVE-2009-4455
Severity:
Medium
Description:
The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web sites via a crafted URL obfuscated with ROT13 and a certain encoding. NOTE: this issue was originally reported as a vulnerability related to lack of restrictions to URLs listed in the Cisco WebVPN bookmark component, but the vendor states that "The bookmark feature is not a security feature."
Applies to:
Created:
2009-12-29
Updated:
2017-01-31

ID:
OVAL6716
Title:
ATL COM Initialization Vulnerability
Type:
Mail
Bulletins:
OVAL6716
CVE-2009-2493
Severity:
Low
Description:
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability."
Applies to:
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Internet Explorer 5
Microsoft Internet Explorer 6
Created:
2009-12-26
Updated:
2015-08-10

ID:
OVAL7581
Title:
ATL Uninitialized Object Vulnerability
Type:
Mail
Bulletins:
OVAL7581
CVE-2009-0901
Severity:
Low
Description:
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability."
Applies to:
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Visio Viewer 2002
Microsoft Office Visio Viewer 2003
Microsoft Office Visio Viewer 2007
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio 2005
Created:
2009-12-26
Updated:
2015-08-10

ID:
OVAL5846
Title:
WordPad and Office Text converter Memory Corruption Vulnerability
Type:
Software
Bulletins:
OVAL5846
CVE-2009-2506
Severity:
Low
Description:
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow.
Applies to:
Microsoft Word 2002
Microsoft Word 2003
Microsoft Works 8.5
Microsoft Office Converter Pack
Created:
2009-12-08
Updated:
2015-08-10

ID:
CVE-2009-2631
Title:
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix...
Type:
Hardware
Bulletins:
CVE-2009-2631
SFBID37152
Severity:
Medium
Description:
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design.
Applies to:
SonicWall SSL-VPN
SonicWall SSL-VPN E Class
Created:
2009-12-04
Updated:
2017-01-31

ID:
OVAL6470
Title:
Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
Type:
Web
Bulletins:
OVAL6470
CVE-2009-0519
Severity:
Low
Description:
Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.
Applies to:
Adobe Flash Player
Adobe AIR
Created:
2009-11-30
Updated:
2015-03-16

ID:
OVAL6662
Title:
Adobe Flash Player Settings Manager May Let Remote Users Conduct Clickjacking Attacks
Type:
Web
Bulletins:
OVAL6662
CVE-2009-0114
Severity:
Low
Description:
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."
Applies to:
Adobe Flash Player
Adobe AIR
Created:
2009-11-30
Updated:
2015-03-16

ID:
OVAL6593
Title:
Adobe Flash Player Invalid Object Reference Remote Code Execution
Type:
Web
Bulletins:
OVAL6593
CVE-2009-0520
Severity:
Low
Description:
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."
Applies to:
Adobe Flash Player
Adobe AIR
Created:
2009-11-30
Updated:
2015-03-16

ID:
OVAL6674
Title:
Adobe Flash Player Mouse Pointer Display Issue May Let Remote Users Conduct Clickjacking Attacks
Type:
Web
Bulletins:
OVAL6674
CVE-2009-0522
Severity:
Low
Description:
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."
Applies to:
Adobe Flash Player
Adobe AIR
Created:
2009-11-30
Updated:
2015-03-16

ID:
CVE-2009-2999
Title:
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an...
Type:
Mobile Devices
Bulletins:
CVE-2009-2999
Severity:
Medium
Description:
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.
Applies to:
Created:
2009-10-14
Updated:
2017-01-31

ID:
CVE-2009-3698
Title:
An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.
Type:
Mobile Devices
Bulletins:
CVE-2009-3698
SFBID36590
Severity:
Medium
Description:
An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.
Applies to:
Created:
2009-10-14
Updated:
2017-01-31

ID:
OVAL5967
Title:
GDI+ WMF Integer Overflow Vulnerability
Type:
Web
Bulletins:
OVAL5967
CVE-2009-2500
Severity:
Low
Description:
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Visual Studio 2008
Microsoft SQL Server 2005
Created:
2009-10-13
Updated:
2015-08-10

ID:
OVAL6134
Title:
GDI+ PNG Integer Overflow Vulnerability
Type:
Software
Bulletins:
OVAL6134
CVE-2009-3126
Severity:
Low
Description:
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability."
Applies to:
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Visual Studio 2008
Microsoft SQL Server 2005
Created:
2009-10-13
Updated:
2015-08-10

ID:
OVAL5898
Title:
GDI+ TIFF Buffer Overflow Vulnerability
Type:
Web
Bulletins:
OVAL5898
CVE-2009-2502
Severity:
Low
Description:
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Visual Studio 2008
Microsoft SQL Server 2005
Created:
2009-10-13
Updated:
2015-08-10

ID:
OVAL6407
Title:
Windows Media Runtime Voice Sample Rate Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL6407
CVE-2009-0555
Severity:
Low
Description:
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability."
Applies to:
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Windows Media Format Runtime 11
Created:
2009-10-13
Updated:
2015-08-10

ID:
OVAL6491
Title:
GDI+ TIFF Buffer Overflow Vulnerability
Type:
Web
Bulletins:
OVAL6491
CVE-2009-2503
Severity:
Low
Description:
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer 6
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Visual Studio 2008
Microsoft SQL Server 2005
Created:
2009-10-13
Updated:
2015-08-10

ID:
OVAL6484
Title:
Windows Media Runtime Heap Corruption Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL6484
CVE-2009-2525
Severity:
Low
Description:
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability."
Applies to:
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Windows Media Format Runtime 11
Created:
2009-10-13
Updated:
2015-08-10

ID:
OVAL6282
Title:
GDI+ .NET API Vulnerability
Type:
Software
Bulletins:
OVAL6282
CVE-2009-2504
Severity:
Low
Description:
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability."
Applies to:
Microsoft Office XP
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Visio 2002
Microsoft Visual Studio 2008
Microsoft SQL Server 2005
Created:
2009-10-13
Updated:
2015-08-10

ID:
OVAL6290
Title:
Apple iTunes '.pls' File Buffer Overflow Vulnerability
Type:
Software
Bulletins:
OVAL6290
CVE-2009-2817
Severity:
Low
Description:
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.
Applies to:
Apple iTunes
Created:
2009-10-01
Updated:
2015-06-22

ID:
CVE-2009-3485
Title:
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI.
Type:
Hardware
Bulletins:
CVE-2009-3485
SFBID36537
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI.
Applies to:
Created:
2009-09-30
Updated:
2017-01-31

ID:
CVE-2009-3486
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the...
Type:
Hardware
Bulletins:
CVE-2009-3486
SFBID36537
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the diagnose program; or (2) the traceroute program, reachable through the diagnose program; or (3) the probe-limit parameter to the configuration program; the (4) wizard-ids or (5) pager-new-identifier parameter in a firewall-filters action to the configuration program; (6) the cos-physical-interface-name parameter in a cos-physical-interfaces-edit action to the configuration program; the (7) wizard-args or (8) wizard-ids parameter in an snmp action to the configuration program; the (9) username or (10) fullname parameter in a users action to the configuration program; or the (11) certname or (12) certbody parameter in a local-cert (aka https) action to the configuration program.
Applies to:
Created:
2009-09-30
Updated:
2017-01-31

ID:
CVE-2009-3487
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the...
Type:
Hardware
Bulletins:
CVE-2009-3487
SFBID36537
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3) refresh-time, or (4) ifid parameter to scripter.php; (5) the revision parameter in a rollback action to the configuration program; the m[] parameter to the (6) monitor, (7) manage, (8) events, (9) configuration, or (10) alarms program; (11) the m[] parameter to the default URI; (12) the m[] parameter in a browse action to the default URI; (13) the wizard-next parameter in an https action to the configuration program; or the (14) Contact Information, (15) System Description, (16) Local Engine ID, (17) System Location, or (18) System Name Override SNMP parameter, related to the configuration program.
Applies to:
Created:
2009-09-30
Updated:
2017-01-31

ID:
CVE-2009-2862
Title:
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114,...
Type:
Hardware
Bulletins:
CVE-2009-2862
SFBID36495
Severity:
Medium
Description:
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2863
Title:
Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.
Type:
Hardware
Bulletins:
CVE-2009-2863
SFBID36491
Severity:
High
Description:
Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2864
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP...
Type:
Hardware
Bulletins:
CVE-2009-2864
SFBID36496
Severity:
High
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423.
Applies to:
Unified Communications Manager
Unified Callmanager
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2865
Title:
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a...
Type:
Hardware
Bulletins:
CVE-2009-2865
SFBID36498
Severity:
High
Description:
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2866
Title:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.
Type:
Hardware
Bulletins:
CVE-2009-2866
SFBID36494
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2867
Title:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP...
Type:
Hardware
Bulletins:
CVE-2009-2867
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2868
Title:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
Type:
Hardware
Bulletins:
CVE-2009-2868
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2869
Title:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
Type:
Hardware
Bulletins:
CVE-2009-2869
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2870
Title:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.
Type:
Hardware
Bulletins:
CVE-2009-2870
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2871
Title:
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
Type:
Hardware
Bulletins:
CVE-2009-2871
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2872
Title:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from...
Type:
Hardware
Bulletins:
CVE-2009-2872
Severity:
Medium
Description:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-2873
Title:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.
Type:
Hardware
Bulletins:
CVE-2009-2873
Severity:
High
Description:
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.
Applies to:
Created:
2009-09-28
Updated:
2017-01-31

ID:
CVE-2009-3341
Title:
Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this...
Type:
Hardware
Bulletins:
CVE-2009-3341
Severity:
High
Description:
Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
Applies to:
wrt54gl
Created:
2009-09-24
Updated:
2017-01-31

ID:
CVE-2009-3347
Title:
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this...
Type:
Hardware
Bulletins:
CVE-2009-3347
SFBID36237
Severity:
High
Description:
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
Applies to:
DIR-400
Created:
2009-09-24
Updated:
2017-01-31

ID:
CVE-2009-3271
Title:
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.
Type:
Mobile Devices
Bulletins:
CVE-2009-3271
SFBID36386
Severity:
Medium
Description:
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.
Applies to:
Created:
2009-09-21
Updated:
2017-01-31

ID:
CVE-2009-3273
Title:
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate.
Type:
Mobile Devices
Bulletins:
CVE-2009-3273
SFBID36370
Severity:
High
Description:
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate.
Applies to:
Created:
2009-09-21
Updated:
2017-01-31

ID:
CVE-2009-2206
Title:
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial...
Type:
Mobile Devices
Bulletins:
CVE-2009-2206
SFBID36338
Severity:
Medium
Description:
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table.
Applies to:
Created:
2009-09-10
Updated:
2017-01-31

ID:
CVE-2009-2207
Title:
The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these...
Type:
Mobile Devices
Bulletins:
CVE-2009-2207
SFBID36337
Severity:
Low
Description:
The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages.
Applies to:
Created:
2009-09-10
Updated:
2017-01-31

ID:
CVE-2009-2794
Title:
The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended...
Type:
Mobile Devices
Bulletins:
CVE-2009-2794
SFBID36342
Severity:
Medium
Description:
The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value.
Applies to:
Created:
2009-09-10
Updated:
2017-01-31

ID:
CVE-2009-2795
Title:
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related...
Type:
Mobile Devices
Bulletins:
CVE-2009-2795
SFBID36341
Severity:
High
Description:
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing."
Applies to:
Created:
2009-09-10
Updated:
2017-01-31

ID:
CVE-2009-2796
Title:
The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.
Type:
Mobile Devices
Bulletins:
CVE-2009-2796
SFBID36335
Severity:
Low
Description:
The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password.
Applies to:
Created:
2009-09-10
Updated:
2017-01-31

ID:
CVE-2009-2797
Title:
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive...
Type:
Mobile Devices
Bulletins:
CVE-2009-2797
SFBID36339
Severity:
Medium
Description:
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server.
Applies to:
Created:
2009-09-10
Updated:
2017-01-31

ID:
CVE-2009-2815
Title:
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted...
Type:
Mobile Devices
Bulletins:
CVE-2009-2815
Severity:
High
Description:
The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message.
Applies to:
Created:
2009-09-10
Updated:
2017-01-31

ID:
OVAL6316
Title:
JScript Remote Code Execution Vulnerability
Type:
Software
Bulletins:
OVAL6316
CVE-2009-1920
Severity:
Low
Description:
The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability."
Applies to:
JScript Scripting Engine
Created:
2009-09-08
Updated:
2015-08-10

ID:
OVAL6257
Title:
Windows Media Header Parsing Invalid Free Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL6257
CVE-2009-2498
Severity:
Low
Description:
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."
Applies to:
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Windows Media Format Runtime 11
Microsoft Media Services 9.1
Microsoft Media Services 9
Created:
2009-09-08
Updated:
2015-08-10

ID:
CVE-2009-0627
Title:
Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation,"...
Type:
Hardware
Bulletins:
CVE-2009-0627
Severity:
High
Description:
Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609.
Applies to:
Cisco Nexus 7000
Cisco Nexus 5000 Series
Created:
2009-09-08
Updated:
2017-01-31

ID:
CVE-2009-2050
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466.
Type:
Hardware
Bulletins:
CVE-2009-2050
SFBID36152
Severity:
High
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2017-01-31

ID:
CVE-2009-2051
Title:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote...
Type:
Hardware
Bulletins:
CVE-2009-2051
SFBID36152
Severity:
High
Description:
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2017-01-31

ID:
CVE-2009-2052
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote...
Type:
Hardware
Bulletins:
CVE-2009-2052
SFBID36152
Severity:
High
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote attackers to cause a denial of service (TCP services outage) via a large number of TCP connections, related to "tracking of network connections," aka Bug IDs CSCsq22534 and CSCsw52371.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2017-01-31

ID:
CVE-2009-2053
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP...
Type:
Hardware
Bulletins:
CVE-2009-2053
SFBID36152
Severity:
High
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2017-01-31

ID:
CVE-2009-2054
Title:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and...
Type:
Hardware
Bulletins:
CVE-2009-2054
SFBID36152
Severity:
High
Description:
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689.
Applies to:
Unified Communications Manager
Created:
2009-08-27
Updated:
2017-01-31

ID:
CVE-2009-2861
Title:
The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-2861
SFBID36145
Severity:
High
Description:
The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664.
Applies to:
Cisco Aironet Ap1200
Cisco Aironet Ap1100
Created:
2009-08-27
Updated:
2017-01-31

ID:
CVE-2009-2976
Title:
Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by...
Type:
Hardware
Bulletins:
CVE-2009-2976
Severity:
High
Description:
Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network.
Applies to:
Cisco Aironet Ap1200
Cisco Aironet Ap1100
Created:
2009-08-27
Updated:
2017-01-31

ID:
CVE-2009-1154
Title:
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.
Type:
Hardware
Bulletins:
CVE-2009-1154
Severity:
Low
Description:
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.
Applies to:
Created:
2009-08-21
Updated:
2017-01-31

ID:
CVE-2009-2056
Title:
Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.
Type:
Hardware
Bulletins:
CVE-2009-2056
Severity:
Low
Description:
Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.
Applies to:
Created:
2009-08-21
Updated:
2017-01-31

ID:
CVE-2009-2055
Title:
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
Type:
Hardware
Bulletins:
CVE-2009-2055
Severity:
Medium
Description:
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.
Applies to:
Created:
2009-08-19
Updated:
2017-01-31

ID:
CVE-2009-2199
Title:
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and...
Type:
Mobile Devices
Bulletins:
CVE-2009-2199
SFBID36026
Severity:
Medium
Description:
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs.
Applies to:
Created:
2009-08-12
Updated:
2017-01-31

ID:
CVE-2009-2656
Title:
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and...
Type:
Mobile Devices
Bulletins:
CVE-2009-2656
SFBID35886
Severity:
Medium
Description:
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.
Applies to:
Created:
2009-08-03
Updated:
2017-01-31

ID:
CVE-2009-2204
Title:
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory...
Type:
Mobile Devices
Bulletins:
CVE-2009-2204
SFBID35569
Severity:
High
Description:
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore.
Applies to:
Created:
2009-08-03
Updated:
2017-01-31

ID:
CVE-2009-1168
Title:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through...
Type:
Hardware
Bulletins:
CVE-2009-1168
SFBID35862
Severity:
High
Description:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021.
Applies to:
Created:
2009-07-30
Updated:
2017-01-31

ID:
CVE-2009-2049
Title:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t...
Type:
Hardware
Bulletins:
CVE-2009-2049
SFBID35860
Severity:
Medium
Description:
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973.
Applies to:
Created:
2009-07-30
Updated:
2017-01-31

ID:
CVE-2009-1164
Title:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services...
Type:
Hardware
Bulletins:
CVE-2009-1164
Severity:
High
Description:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a malformed response to a (1) HTTP or (2) HTTPS authentication request, aka Bug ID CSCsx03715.
Applies to:
Cisco WLC 4100
Cisco WLC 2100
Cisco WLC 2000
Cisco Catalyst 3750G
Created:
2009-07-29
Updated:
2017-01-31

ID:
CVE-2009-1165
Title:
Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless...
Type:
Hardware
Bulletins:
CVE-2009-1165
SFBID35817
Severity:
High
Description:
Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789.
Applies to:
Cisco WLC 2100
Cisco WLC 4100
Cisco WLC 2000
Cisco Catalyst 3750G
Created:
2009-07-29
Updated:
2017-01-31

ID:
CVE-2009-1166
Title:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services...
Type:
Hardware
Bulletins:
CVE-2009-1166
Severity:
High
Description:
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708.
Applies to:
Cisco Catalyst 3750G
Created:
2009-07-29
Updated:
2017-01-31

ID:
CVE-2009-1167
Title:
Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules...
Type:
Hardware
Bulletins:
CVE-2009-1167
Severity:
High
Description:
Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672.
Applies to:
Cisco WLC 2100
Cisco WLC 4100
Cisco WLC 2000
Cisco Catalyst 3750G
Created:
2009-07-29
Updated:
2017-01-31

ID:
CVE-2009-2348
Title:
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and...
Type:
Mobile Devices
Bulletins:
CVE-2009-2348
SFBID35717
Severity:
Medium
Description:
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone.
Applies to:
Created:
2009-07-17
Updated:
2017-01-31

ID:
CVE-2009-1724
Title:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or...
Type:
Mobile Devices
Bulletins:
CVE-2009-1724
SFBID35441
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.
Applies to:
Created:
2009-07-09
Updated:
2017-01-31

ID:
CVE-2009-1725
Title:
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle...
Type:
Mobile Devices
Bulletins:
CVE-2009-1725
SFBID35607
Severity:
High
Description:
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Applies to:
Created:
2009-07-09
Updated:
2017-01-31

ID:
CVE-2009-1201
Title:
Cisco ASA WebVPN /+CSCOL+/cte.js csco_wrap_js Function DOM Wrapper Bypass XSS
Type:
Hardware
Bulletins:
CVE-2009-1201
SFBID35476
Severity:
Medium
Description:
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.
Applies to:
Created:
2009-06-25
Updated:
2017-01-31

ID:
CVE-2009-1202
Title:
Cisco ASA WebVPN URL/HTML Rewriting Hex-encoded /+CSCO+ URI XSS
Type:
Hardware
Bulletins:
CVE-2009-1202
SFBID35480
Severity:
Medium
Description:
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705.
Applies to:
Created:
2009-06-25
Updated:
2017-01-31

ID:
CVE-2009-1203
Title:
Cisco ASA WebVPN Third Party Login Screen Display Weakness
Type:
Hardware
Bulletins:
CVE-2009-1203
SFBID35475
Severity:
Medium
Description:
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709.
Applies to:
Created:
2009-06-25
Updated:
2017-01-31

ID:
CVE-2009-0958
Title:
Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in...
Type:
Mobile Devices
Bulletins:
CVE-2009-0958
SFBID35414
Severity:
Medium
Description:
Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials.
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-0959
Title:
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input...
Type:
Mobile Devices
Bulletins:
CVE-2009-0959
SFBID35414
Severity:
High
Description:
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue."
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-0960
Title:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device...
Type:
Mobile Devices
Bulletins:
CVE-2009-0960
SFBID35414
Severity:
Medium
Description:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an e-mail is read via an HTML email containing an image URL.
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-0961
Title:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a...
Type:
Mobile Devices
Bulletins:
CVE-2009-0961
SFBID35414
Severity:
Medium
Description:
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-1679
Title:
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password...
Type:
Mobile Devices
Bulletins:
CVE-2009-1679
SFBID35414
Severity:
Low
Description:
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy.
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-1680
Title:
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to...
Type:
Mobile Devices
Bulletins:
CVE-2009-1680
SFBID35414
Severity:
Low
Description:
Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history.
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-1683
Title:
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an...
Type:
Mobile Devices
Bulletins:
CVE-2009-1683
SFBID35414
Severity:
High
Description:
The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue."
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-1692
Title:
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via...
Type:
Mobile Devices
Bulletins:
CVE-2009-1692
SFBID35414
Severity:
High
Description:
WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.
Applies to:
Created:
2009-06-19
Updated:
2017-01-31

ID:
CVE-2009-1690
Title:
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to...
Type:
Mobile Devices
Bulletins:
CVE-2009-1690
SFBID35260
Severity:
High
Description:
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
Applies to:
Created:
2009-06-10
Updated:
2017-01-31

ID:
CVE-2009-1698
Title:
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical...
Type:
Mobile Devices
Bulletins:
CVE-2009-1698
SFBID35260
Severity:
High
Description:
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
Applies to:
Created:
2009-06-10
Updated:
2017-01-31

ID:
CVE-2009-1699
Title:
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read...
Type:
Mobile Devices
Bulletins:
CVE-2009-1699
SFBID35260
Severity:
High
Description:
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack."
Applies to:
Created:
2009-06-10
Updated:
2017-01-31

ID:
CVE-2009-1700
Title:
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from...
Type:
Mobile Devices
Bulletins:
CVE-2009-1700
SFBID35260
Severity:
Medium
Description:
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document.
Applies to:
Created:
2009-06-10
Updated:
2017-01-31

ID:
CVE-2009-1701
Title:
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or...
Type:
Mobile Devices
Bulletins:
CVE-2009-1701
SFBID35260
Severity:
High
Description:
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute.
Applies to:
Created:
2009-06-10
Updated:
2017-01-31

ID:
CVE-2009-1702
Title:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors...
Type:
Mobile Devices
Bulletins:
CVE-2009-1702
SFBID35260
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects.
Applies to:
Created:
2009-06-10
Updated:
2017-01-31

ID:
CVE-2009-1754
Title:
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an...
Type:
Mobile Devices
Bulletins:
CVE-2009-1754
SFBID35090
Severity:
Medium
Description:
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application.
Applies to:
Created:
2009-05-26
Updated:
2017-01-31

ID:
CVE-2009-1561
Title:
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator...
Type:
Hardware
Bulletins:
CVE-2009-1561
SFBID34616
Severity:
Medium
Description:
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters.
Applies to:
wrt54gc
Created:
2009-05-06
Updated:
2017-01-31

ID:
CVE-2009-1155
Title:
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field,...
Type:
Hardware
Bulletins:
CVE-2009-1155
SFBID34429
Severity:
High
Description:
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
Applies to:
Created:
2009-04-09
Updated:
2017-01-31

ID:
CVE-2009-1156
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload)...
Type:
Hardware
Bulletins:
CVE-2009-1156
SFBID34429
Severity:
Medium
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
Applies to:
Created:
2009-04-09
Updated:
2017-01-31

ID:
CVE-2009-1157
Title:
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-1157
SFBID34429
Severity:
High
Description:
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet.
Applies to:
Created:
2009-04-09
Updated:
2017-01-31

ID:
CVE-2009-1158
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote...
Type:
Hardware
Bulletins:
CVE-2009-1158
SFBID34429
Severity:
High
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet.
Applies to:
Created:
2009-04-09
Updated:
2017-01-31

ID:
CVE-2009-1159
Title:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a...
Type:
Hardware
Bulletins:
CVE-2009-1159
SFBID34429
Severity:
High
Description:
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets.
Applies to:
Created:
2009-04-09
Updated:
2017-01-31

ID:
CVE-2009-1160
Title:
Cisco PIX / ASA Implicit Deny ACE Unspecified ACL Bypass
Type:
Hardware
Bulletins:
CVE-2009-1160
SFBID34429
Severity:
Medium
Description:
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
Applies to:
Created:
2009-04-09
Updated:
2017-01-31

ID:
CVE-2008-6576
Title:
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion...
Type:
Hardware
Bulletins:
CVE-2008-6576
SFBID28691
Severity:
High
Description:
Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions.
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2017-01-31

ID:
CVE-2008-6577
Title:
Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.
Type:
Hardware
Bulletins:
CVE-2008-6577
SFBID28691
Severity:
High
Description:
Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges.
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2017-01-31

ID:
CVE-2008-6578
Title:
Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2008-6578
SFBID28691
Severity:
High
Description:
Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors.
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2017-01-31

ID:
CVE-2008-6579
Title:
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators."
Type:
Hardware
Bulletins:
CVE-2008-6579
SFBID28691
Severity:
Medium
Description:
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators."
Applies to:
CS 1000
Created:
2009-04-01
Updated:
2017-01-31

ID:
CVE-2009-0633
Title:
Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6...
Type:
Hardware
Bulletins:
CVE-2009-0633
SFBID34241
Severity:
High
Description:
Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0634
Title:
Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge...
Type:
Hardware
Bulletins:
CVE-2009-0634
SFBID34241
Severity:
High
Description:
Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0635
Title:
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a...
Type:
Hardware
Bulletins:
CVE-2009-0635
SFBID34246
Severity:
High
Description:
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0636
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.
Type:
Hardware
Bulletins:
CVE-2009-0636
SFBID34243
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0637
Title:
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite...
Type:
Hardware
Bulletins:
CVE-2009-0637
SFBID34247
Severity:
High
Description:
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0626
Title:
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
Type:
Hardware
Bulletins:
CVE-2009-0626
SFBID34239
Severity:
High
Description:
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0628
Title:
Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control...
Type:
Hardware
Bulletins:
CVE-2009-0628
SFBID34239
Severity:
High
Description:
Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0629
Title:
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging...
Type:
Hardware
Bulletins:
CVE-2009-0629
SFBID34238
Severity:
Medium
Description:
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0630
Title:
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission...
Type:
Hardware
Bulletins:
CVE-2009-0630
SFBID34242
Severity:
High
Description:
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
CVE-2009-0631
Title:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol...
Type:
Hardware
Bulletins:
CVE-2009-0631
SFBID34245
Severity:
High
Description:
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet.
Applies to:
Created:
2009-03-27
Updated:
2017-01-31

ID:
OVAL6001
Title:
Apple iTunes Denial of Service Vulnerability
Type:
Software
Bulletins:
OVAL6001
CVE-2009-0016
Severity:
Low
Description:
Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.
Applies to:
Apple iTunes
Created:
2009-03-17
Updated:
2015-06-22

ID:
OVAL5336
Title:
Apple iTunes Information Disclosure Vulnerability
Type:
Software
Bulletins:
OVAL5336
CVE-2009-0143
Severity:
Low
Description:
Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast.
Applies to:
Apple iTunes
Created:
2009-03-17
Updated:
2015-06-22

ID:
OVAL5868
Title:
Microsoft Malformed BMP Filter Vulnerability
Type:
Software
Bulletins:
OVAL5868
CVE-2008-3020
Severity:
Low
Description:
Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."
Applies to:
Microsoft Office 2000
Microsoft Office XP
Microsoft Office Project 2002
Microsoft Office Converter Pack
Microsoft Works
Created:
2009-03-16
Updated:
2015-08-10

ID:
CVE-2009-0632
Title:
The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2)...
Type:
Hardware
Bulletins:
CVE-2009-0632
SFBID34082
Severity:
High
Description:
The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x.
Applies to:
Unified Communications Manager
Created:
2009-03-12
Updated:
2017-01-31

ID:
CVE-2009-0621
Title:
Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform...
Type:
Hardware
Bulletins:
CVE-2009-0621
SFBID33900
Severity:
High
Description:
Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2017-01-31

ID:
CVE-2009-0622
Title:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute...
Type:
Hardware
Bulletins:
CVE-2009-0622
SFBID33900
Severity:
High
Description:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI).
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2017-01-31

ID:
CVE-2009-0742
Title:
The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers...
Type:
Hardware
Bulletins:
CVE-2009-0742
Severity:
High
Description:
The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2017-01-31

ID:
CVE-2009-0623
Title:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-0623
SFBID33900
Severity:
High
Description:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2017-01-31

ID:
CVE-2009-0624
Title:
Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote...
Type:
Hardware
Bulletins:
CVE-2009-0624
SFBID33900
Severity:
Medium
Description:
Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2017-01-31

ID:
CVE-2009-0625
Title:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of...
Type:
Hardware
Bulletins:
CVE-2009-0625
SFBID33900
Severity:
High
Description:
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet.
Applies to:
Cisco Ace 4710
Created:
2009-02-26
Updated:
2017-01-31

ID:
CVE-2008-6096
Title:
Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet...
Type:
Hardware
Bulletins:
CVE-2008-6096
SFBID31528
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page.
Applies to:
Created:
2009-02-09
Updated:
2017-01-31

ID:
CVE-2009-0470
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different...
Type:
Hardware
Bulletins:
CVE-2009-0470
SFBID33625
Severity:
Medium
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821.
Applies to:
Created:
2009-02-06
Updated:
2017-01-31

ID:
CVE-2009-0471
Title:
Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request.
Type:
Hardware
Bulletins:
CVE-2009-0471
Severity:
Medium
Description:
Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request.
Applies to:
Created:
2009-02-06
Updated:
2017-01-31

ID:
CVE-2009-0058
Title:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial...
Type:
Hardware
Bulletins:
CVE-2009-0058
SFBID33608
Severity:
Medium
Description:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner.
Applies to:
Cisco WLC 4400
Created:
2009-02-04
Updated:
2017-01-31

ID:
CVE-2009-0059
Title:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a...
Type:
Hardware
Bulletins:
CVE-2009-0059
SFBID33608
Severity:
High
Description:
The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html.
Applies to:
Cisco WLC 4400
Created:
2009-02-04
Updated:
2017-01-31

ID:
CVE-2009-0061
Title:
Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before...
Type:
Hardware
Bulletins:
CVE-2009-0061
SFBID33608
Severity:
High
Description:
Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets.
Applies to:
Cisco WLC 4400
Created:
2009-02-04
Updated:
2017-01-31

ID:
CVE-2009-0062
Title:
Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain...
Type:
Hardware
Bulletins:
CVE-2009-0062
SFBID33608
Severity:
High
Description:
Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.
Applies to:
Created:
2009-02-04
Updated:
2017-01-31

ID:
CVE-2009-0057
Title:
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a...
Type:
Hardware
Bulletins:
CVE-2009-0057
SFBID33379
Severity:
Medium
Description:
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely."
Applies to:
Unified Communications Manager
Created:
2009-01-22
Updated:
2017-01-31

ID:
CVE-2008-3818
Title:
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
Type:
Hardware
Bulletins:
CVE-2008-3818
SFBID33261
Severity:
High
Description:
Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.
Applies to:
Created:
2009-01-16
Updated:
2017-01-31

ID:
CVE-2008-3821
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
Type:
Hardware
Bulletins:
CVE-2008-3821
SFBID33260
Severity:
Medium
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
Applies to:
Created:
2009-01-16
Updated:
2017-01-31