| ID: CVE-2009-4455 |
Title: The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended... |
Type: Hardware |
Bulletins:
CVE-2009-4455 |
Severity: Medium |
| Description: The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web sites via a crafted URL obfuscated with ROT13 and a certain encoding. NOTE: this issue was originally reported as a vulnerability related to lack of restrictions to URLs listed in the Cisco WebVPN bookmark component, but the vendor states that "The bookmark feature is not a security feature." | ||||
| Applies to: |
Created: 2009-12-29 |
Updated: 2020-08-14 |
||
| ID: MITRE:6407 |
Title: oval:org.mitre.oval:def:6407: Windows Media Runtime Voice Sample Rate Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6407 CVE-2009-0555 |
Severity: High |
| Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability." | ||||
| Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-12-07 |
Updated: 2020-08-13 |
||
| ID: MITRE:6484 |
Title: oval:org.mitre.oval:def:6484: Windows Media Runtime Heap Corruption Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6484 CVE-2009-2525 |
Severity: High |
| Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability." | ||||
| Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-12-07 |
Updated: 2020-08-13 |
||
| ID: CVE-2009-2631 |
Title: Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix... |
Type: Hardware |
Bulletins:
CVE-2009-2631 SFBID37152 |
Severity: Medium |
| Description: Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design. | ||||
| Applies to: SonicWall SSL-VPN SonicWall SSL-VPN E Class |
Created: 2009-12-04 |
Updated: 2020-08-14 |
||
| ID: MITRE:6282 |
Title: oval:org.mitre.oval:def:6282: GDI+ .NET API Vulnerability |
Type: Software |
Bulletins:
MITRE:6282 CVE-2009-2504 |
Severity: High |
| Description: Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability." | ||||
| Applies to: Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2020-08-13 |
||
| ID: MITRE:6290 |
Title: oval:org.mitre.oval:def:6290: Apple iTunes '.pls' File Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6290 CVE-2009-2817 |
Severity: High |
| Description: Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. | ||||
| Applies to: Apple iTunes |
Created: 2009-11-30 |
Updated: 2018-09-11 |
||
| ID: MITRE:6134 |
Title: oval:org.mitre.oval:def:6134: GDI+ PNG Integer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6134 CVE-2009-3126 |
Severity: High |
| Description: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability." | ||||
| Applies to: Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2020-08-13 |
||
| ID: MITRE:5898 |
Title: oval:org.mitre.oval:def:5898: GDI+ TIFF Buffer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:5898 CVE-2009-2502 |
Severity: High |
| Description: Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2020-08-13 |
||
| ID: MITRE:5967 |
Title: oval:org.mitre.oval:def:5967: GDI+ WMF Integer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:5967 CVE-2009-2500 |
Severity: High |
| Description: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2020-08-13 |
||
| ID: MITRE:6491 |
Title: oval:org.mitre.oval:def:6491: GDI+ TIFF Buffer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:6491 CVE-2009-2503 |
Severity: High |
| Description: GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2020-08-13 |
||
| ID: MITRE:6257 |
Title: oval:org.mitre.oval:def:6257: Windows Media Header Parsing Invalid Free Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6257 CVE-2009-2498 |
Severity: High |
| Description: Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability." | ||||
| Applies to: Microsoft Media Services 9 Microsoft Media Services 9.1 Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-10-19 |
Updated: 2020-08-13 |
||
| ID: MITRE:6316 |
Title: oval:org.mitre.oval:def:6316: JScript Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:6316 CVE-2009-1920 |
Severity: High |
| Description: The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability." | ||||
| Applies to: JScript Scripting Engine |
Created: 2009-10-19 |
Updated: 2020-08-13 |
||
| ID: CVE-2009-2999 |
Title: The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2999 |
Severity: Medium |
| Description: The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656. | ||||
| Applies to: |
Created: 2009-10-14 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3698 |
Title: An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3698 SFBID36590 |
Severity: Medium |
| Description: An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. | ||||
| Applies to: |
Created: 2009-10-14 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3485 |
Title: Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI. |
Type: Hardware |
Bulletins:
CVE-2009-3485 SFBID36537 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI. | ||||
| Applies to: |
Created: 2009-09-30 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3486 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the... |
Type: Hardware |
Bulletins:
CVE-2009-3486 SFBID36537 |
Severity: Low |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the diagnose program; or (2) the traceroute program, reachable through the diagnose program; or (3) the probe-limit parameter to the configuration program; the (4) wizard-ids or (5) pager-new-identifier parameter in a firewall-filters action to the configuration program; (6) the cos-physical-interface-name parameter in a cos-physical-interfaces-edit action to the configuration program; the (7) wizard-args or (8) wizard-ids parameter in an snmp action to the configuration program; the (9) username or (10) fullname parameter in a users action to the configuration program; or the (11) certname or (12) certbody parameter in a local-cert (aka https) action to the configuration program. | ||||
| Applies to: |
Created: 2009-09-30 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3487 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the... |
Type: Hardware |
Bulletins:
CVE-2009-3487 SFBID36537 |
Severity: Low |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3) refresh-time, or (4) ifid parameter to scripter.php; (5) the revision parameter in a rollback action to the configuration program; the m[] parameter to the (6) monitor, (7) manage, (8) events, (9) configuration, or (10) alarms program; (11) the m[] parameter to the default URI; (12) the m[] parameter in a browse action to the default URI; (13) the wizard-next parameter in an https action to the configuration program; or the (14) Contact Information, (15) System Description, (16) Local Engine ID, (17) System Location, or (18) System Name Override SNMP parameter, related to the configuration program. | ||||
| Applies to: |
Created: 2009-09-30 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2862 |
Title: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114,... |
Type: Hardware |
Bulletins:
CVE-2009-2862 SFBID36495 |
Severity: Medium |
| Description: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2863 |
Title: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. |
Type: Hardware |
Bulletins:
CVE-2009-2863 SFBID36491 |
Severity: High |
| Description: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2864 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP... |
Type: Hardware |
Bulletins:
CVE-2009-2864 SFBID36496 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2865 |
Title: Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a... |
Type: Hardware |
Bulletins:
CVE-2009-2865 SFBID36498 |
Severity: High |
| Description: Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2866 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. |
Type: Hardware |
Bulletins:
CVE-2009-2866 SFBID36494 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2867 |
Title: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP... |
Type: Hardware |
Bulletins:
CVE-2009-2867 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2868 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997. |
Type: Hardware |
Bulletins:
CVE-2009-2868 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2869 |
Title: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. |
Type: Hardware |
Bulletins:
CVE-2009-2869 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2870 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. |
Type: Hardware |
Bulletins:
CVE-2009-2870 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2871 |
Title: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. |
Type: Hardware |
Bulletins:
CVE-2009-2871 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2872 |
Title: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from... |
Type: Hardware |
Bulletins:
CVE-2009-2872 |
Severity: Medium |
| Description: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2873 |
Title: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. |
Type: Hardware |
Bulletins:
CVE-2009-2873 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3341 |
Title: Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this... |
Type: Hardware |
Bulletins:
CVE-2009-3341 |
Severity: High |
| Description: Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: wrt54gl |
Created: 2009-09-24 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3347 |
Title: Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this... |
Type: Hardware |
Bulletins:
CVE-2009-3347 SFBID36237 |
Severity: High |
| Description: Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: DIR-400 |
Created: 2009-09-24 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3271 |
Title: Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3271 SFBID36386 |
Severity: Medium |
| Description: Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element. | ||||
| Applies to: |
Created: 2009-09-21 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-3273 |
Title: iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3273 SFBID36370 |
Severity: High |
| Description: iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. | ||||
| Applies to: |
Created: 2009-09-21 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2206 |
Title: Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2206 SFBID36338 |
Severity: Medium |
| Description: Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2207 |
Title: The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2207 SFBID36337 |
Severity: Low |
| Description: The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2794 |
Title: The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2794 SFBID36342 |
Severity: Medium |
| Description: The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2795 |
Title: Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2795 SFBID36341 |
Severity: High |
| Description: Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing." | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2796 |
Title: The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password. |
Type: Mobile Devices |
Bulletins:
CVE-2009-2796 SFBID36335 |
Severity: Low |
| Description: The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2797 |
Title: The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2797 SFBID36339 |
Severity: Medium |
| Description: The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2815 |
Title: The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2815 |
Severity: High |
| Description: The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0627 |
Title: Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation,"... |
Type: Hardware |
Bulletins:
CVE-2009-0627 |
Severity: High |
| Description: Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609. | ||||
| Applies to: Cisco Nexus 5000 Series Cisco Nexus 7000 |
Created: 2009-09-08 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2050 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. |
Type: Hardware |
Bulletins:
CVE-2009-2050 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2051 |
Title: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote... |
Type: Hardware |
Bulletins:
CVE-2009-2051 SFBID36152 |
Severity: High |
| Description: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2052 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-2052 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote attackers to cause a denial of service (TCP services outage) via a large number of TCP connections, related to "tracking of network connections," aka Bug IDs CSCsq22534 and CSCsw52371. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2053 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP... |
Type: Hardware |
Bulletins:
CVE-2009-2053 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2054 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and... |
Type: Hardware |
Bulletins:
CVE-2009-2054 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2861 |
Title: The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-2861 SFBID36145 |
Severity: High |
| Description: The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | ||||
| Applies to: Cisco Aironet Ap1100 Cisco Aironet Ap1200 |
Created: 2009-08-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2976 |
Title: Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by... |
Type: Hardware |
Bulletins:
CVE-2009-2976 |
Severity: High |
| Description: Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network. | ||||
| Applies to: Cisco Aironet Ap1100 Cisco Aironet Ap1200 |
Created: 2009-08-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2056 |
Title: Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path. |
Type: Hardware |
Bulletins:
CVE-2009-2056 |
Severity: Low |
| Description: Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path. | ||||
| Applies to: |
Created: 2009-08-21 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1154 |
Title: Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. |
Type: Hardware |
Bulletins:
CVE-2009-1154 |
Severity: Low |
| Description: Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. | ||||
| Applies to: |
Created: 2009-08-21 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2055 |
Title: Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009. |
Type: Hardware |
Bulletins:
CVE-2009-2055 |
Severity: Medium |
| Description: Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009. | ||||
| Applies to: |
Created: 2009-08-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2199 |
Title: Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2199 SFBID36026 |
Severity: Medium |
| Description: Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs. | ||||
| Applies to: |
Created: 2009-08-12 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2656 |
Title: Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2656 SFBID35886 |
Severity: Medium |
| Description: Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009. | ||||
| Applies to: |
Created: 2009-08-03 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2204 |
Title: Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2204 SFBID35569 |
Severity: High |
| Description: Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. | ||||
| Applies to: |
Created: 2009-08-03 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1168 |
Title: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through... |
Type: Hardware |
Bulletins:
CVE-2009-1168 SFBID35862 |
Severity: High |
| Description: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. | ||||
| Applies to: |
Created: 2009-07-30 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2049 |
Title: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t... |
Type: Hardware |
Bulletins:
CVE-2009-2049 SFBID35860 |
Severity: Medium |
| Description: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973. | ||||
| Applies to: |
Created: 2009-07-30 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1164 |
Title: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services... |
Type: Hardware |
Bulletins:
CVE-2009-1164 |
Severity: High |
| Description: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a malformed response to a (1) HTTP or (2) HTTPS authentication request, aka Bug ID CSCsx03715. | ||||
| Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1165 |
Title: Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless... |
Type: Hardware |
Bulletins:
CVE-2009-1165 SFBID35817 |
Severity: High |
| Description: Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789. | ||||
| Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1166 |
Title: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services... |
Type: Hardware |
Bulletins:
CVE-2009-1166 |
Severity: High |
| Description: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708. | ||||
| Applies to: Cisco Catalyst 3750G |
Created: 2009-07-29 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1167 |
Title: Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules... |
Type: Hardware |
Bulletins:
CVE-2009-1167 |
Severity: High |
| Description: Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672. | ||||
| Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-2348 |
Title: Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2348 SFBID35717 |
Severity: Medium |
| Description: Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone. | ||||
| Applies to: |
Created: 2009-07-17 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1724 |
Title: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1724 SFBID35441 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects. | ||||
| Applies to: |
Created: 2009-07-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1725 |
Title: WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1725 SFBID35607 |
Severity: High |
| Description: WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
| Applies to: |
Created: 2009-07-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1201 |
Title: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct... |
Type: Hardware |
Bulletins:
CVE-2009-1201 SFBID35476 |
Severity: Medium |
| Description: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694. | ||||
| Applies to: |
Created: 2009-06-25 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1202 |
Title: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS)... |
Type: Hardware |
Bulletins:
CVE-2009-1202 SFBID35480 |
Severity: Medium |
| Description: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705. | ||||
| Applies to: |
Created: 2009-06-25 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1203 |
Title: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it... |
Type: Hardware |
Bulletins:
CVE-2009-1203 SFBID35475 |
Severity: Medium |
| Description: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709. | ||||
| Applies to: |
Created: 2009-06-25 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0958 |
Title: Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0958 SFBID35414 |
Severity: Medium |
| Description: Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0959 |
Title: The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0959 SFBID35414 |
Severity: High |
| Description: The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue." | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0960 |
Title: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0960 SFBID35414 |
Severity: Medium |
| Description: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an e-mail is read via an HTML email containing an image URL. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0961 |
Title: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0961 SFBID35414 |
Severity: Medium |
| Description: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1679 |
Title: The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1679 SFBID35414 |
Severity: Low |
| Description: The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1680 |
Title: Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1680 SFBID35414 |
Severity: Low |
| Description: Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1683 |
Title: The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1683 SFBID35414 |
Severity: High |
| Description: The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue." | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1692 |
Title: WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1692 SFBID35414 |
Severity: High |
| Description: WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1690 |
Title: Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1690 SFBID35260 |
Severity: High |
| Description: Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1698 |
Title: WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1698 SFBID35260 |
Severity: High |
| Description: WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1699 |
Title: The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1699 SFBID35260 |
Severity: High |
| Description: The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack." | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1700 |
Title: The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1700 SFBID35260 |
Severity: Medium |
| Description: The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1701 |
Title: Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1701 SFBID35260 |
Severity: High |
| Description: Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1702 |
Title: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1702 SFBID35260 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1754 |
Title: The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1754 SFBID35090 |
Severity: Medium |
| Description: The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application. | ||||
| Applies to: |
Created: 2009-05-26 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1561 |
Title: Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator... |
Type: Hardware |
Bulletins:
CVE-2009-1561 SFBID34616 |
Severity: Medium |
| Description: Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters. | ||||
| Applies to: wrt54gc |
Created: 2009-05-06 |
Updated: 2020-08-14 |
||
| ID: MITRE:5336 |
Title: oval:org.mitre.oval:def:5336: Apple iTunes Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:5336 CVE-2009-0143 |
Severity: Medium |
| Description: Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast. | ||||
| Applies to: Apple iTunes |
Created: 2009-05-04 |
Updated: 2018-09-11 |
||
| ID: MITRE:5868 |
Title: oval:org.mitre.oval:def:5868: Microsoft Malformed BMP Filter Vulnerability |
Type: Software |
Bulletins:
MITRE:5868 CVE-2008-3020 |
Severity: High |
| Description: Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability." | ||||
| Applies to: Microsoft Office 2000 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2009-05-04 |
Updated: 2018-09-11 |
||
| ID: MITRE:6001 |
Title: oval:org.mitre.oval:def:6001: Apple iTunes Denial of Service Vulnerability |
Type: Software |
Bulletins:
MITRE:6001 CVE-2009-0016 |
Severity: Medium |
| Description: Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header. | ||||
| Applies to: Apple iTunes |
Created: 2009-05-04 |
Updated: 2018-09-11 |
||
| ID: CVE-2009-1155 |
Title: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field,... |
Type: Hardware |
Bulletins:
CVE-2009-1155 SFBID34429 |
Severity: High |
| Description: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1156 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload)... |
Type: Hardware |
Bulletins:
CVE-2009-1156 SFBID34429 |
Severity: Medium |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1157 |
Title: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-1157 SFBID34429 |
Severity: High |
| Description: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1158 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-1158 SFBID34429 |
Severity: High |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1159 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2009-1159 SFBID34429 |
Severity: High |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-1160 |
Title: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote... |
Type: Hardware |
Bulletins:
CVE-2009-1160 SFBID34429 |
Severity: Medium |
| Description: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2008-6576 |
Title: Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion... |
Type: Hardware |
Bulletins:
CVE-2008-6576 SFBID28691 |
Severity: High |
| Description: Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions. | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2020-08-14 |
||
| ID: CVE-2008-6577 |
Title: Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges. |
Type: Hardware |
Bulletins:
CVE-2008-6577 SFBID28691 |
Severity: High |
| Description: Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges. | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2020-08-14 |
||
| ID: CVE-2008-6578 |
Title: Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2008-6578 SFBID28691 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2020-08-14 |
||
| ID: CVE-2008-6579 |
Title: Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." |
Type: Hardware |
Bulletins:
CVE-2008-6579 SFBID28691 |
Severity: Medium |
| Description: Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0626 |
Title: The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. |
Type: Hardware |
Bulletins:
CVE-2009-0626 SFBID34239 |
Severity: High |
| Description: The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0628 |
Title: Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control... |
Type: Hardware |
Bulletins:
CVE-2009-0628 SFBID34239 |
Severity: High |
| Description: Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0629 |
Title: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging... |
Type: Hardware |
Bulletins:
CVE-2009-0629 SFBID34238 |
Severity: Medium |
| Description: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0630 |
Title: The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission... |
Type: Hardware |
Bulletins:
CVE-2009-0630 SFBID34242 |
Severity: High |
| Description: The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0631 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol... |
Type: Hardware |
Bulletins:
CVE-2009-0631 SFBID34245 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0633 |
Title: Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6... |
Type: Hardware |
Bulletins:
CVE-2009-0633 SFBID34241 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0634 |
Title: Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge... |
Type: Hardware |
Bulletins:
CVE-2009-0634 SFBID34241 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0635 |
Title: Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a... |
Type: Hardware |
Bulletins:
CVE-2009-0635 SFBID34246 |
Severity: High |
| Description: Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0636 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. |
Type: Hardware |
Bulletins:
CVE-2009-0636 SFBID34243 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0637 |
Title: The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite... |
Type: Hardware |
Bulletins:
CVE-2009-0637 SFBID34247 |
Severity: High |
| Description: The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0632 |
Title: The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2)... |
Type: Hardware |
Bulletins:
CVE-2009-0632 SFBID34082 |
Severity: High |
| Description: The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-03-12 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0623 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-0623 SFBID33900 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0624 |
Title: Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-0624 SFBID33900 |
Severity: Medium |
| Description: Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0625 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-0625 SFBID33900 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0621 |
Title: Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform... |
Type: Hardware |
Bulletins:
CVE-2009-0621 SFBID33900 |
Severity: High |
| Description: Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0622 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute... |
Type: Hardware |
Bulletins:
CVE-2009-0622 SFBID33900 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI). | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0742 |
Title: The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers... |
Type: Hardware |
Bulletins:
CVE-2009-0742 |
Severity: High |
| Description: The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2020-08-14 |
||
| ID: CVE-2008-6096 |
Title: Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet... |
Type: Hardware |
Bulletins:
CVE-2008-6096 SFBID31528 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page. | ||||
| Applies to: |
Created: 2009-02-09 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0470 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different... |
Type: Hardware |
Bulletins:
CVE-2009-0470 SFBID33625 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821. | ||||
| Applies to: |
Created: 2009-02-06 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0471 |
Title: Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. |
Type: Hardware |
Bulletins:
CVE-2009-0471 |
Severity: Medium |
| Description: Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. | ||||
| Applies to: |
Created: 2009-02-06 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0058 |
Title: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial... |
Type: Hardware |
Bulletins:
CVE-2009-0058 SFBID33608 |
Severity: Medium |
| Description: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner. | ||||
| Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0059 |
Title: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2009-0059 SFBID33608 |
Severity: High |
| Description: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html. | ||||
| Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0061 |
Title: Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before... |
Type: Hardware |
Bulletins:
CVE-2009-0061 SFBID33608 |
Severity: High |
| Description: Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets. | ||||
| Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0062 |
Title: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain... |
Type: Hardware |
Bulletins:
CVE-2009-0062 SFBID33608 |
Severity: High |
| Description: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels. | ||||
| Applies to: |
Created: 2009-02-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2009-0057 |
Title: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a... |
Type: Hardware |
Bulletins:
CVE-2009-0057 SFBID33379 |
Severity: Medium |
| Description: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely." | ||||
| Applies to: Unified Communications Manager |
Created: 2009-01-22 |
Updated: 2020-08-14 |
||
| ID: CVE-2008-3818 |
Title: Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. |
Type: Hardware |
Bulletins:
CVE-2008-3818 SFBID33261 |
Severity: High |
| Description: Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. | ||||
| Applies to: |
Created: 2009-01-16 |
Updated: 2020-08-14 |
||
| ID: CVE-2008-3821 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. |
Type: Hardware |
Bulletins:
CVE-2008-3821 SFBID33260 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. | ||||
| Applies to: |
Created: 2009-01-16 |
Updated: 2020-08-14 |
||
