Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."
Publication date: Wed, 19 Aug 2009 03:30:00 +0000
Cyber News related to CVE-2009-1876
CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago
CVE-2012-1544 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-1876. Reason: This candidate is a duplicate of CVE-2012-1876. Notes: All CVE users should reference CVE-2012-1876 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago
CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com
CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago
CVE-2009-1876 - Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability." ...
15 years ago
CVE-2013-1876 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2615. Reason: This candidate is a duplicate of CVE-2013-2615. Notes: All CVE users should reference CVE-2013-2615 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2021-1876 - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing maliciously crafted web content may lead to arbitrary code ...
3 years ago
CVE-2005-1876 - Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file. ...
1 year ago
CVE-2016-1876 - The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. ...
7 years ago
CVE-2004-1876 - The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name. ...
7 years ago
CVE-2010-1876 - SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action. ...
7 years ago
CVE-2015-1876 - Directory traversal vulnerability in ES File Explorer 3.2.4.1. ...
7 years ago
CVE-2008-1876 - PHP remote file inclusion vulnerability in index.php in VisualPic 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the _CONFIG[files][functions_page] parameter. ...
7 years ago
CVE-2014-1876 - The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot ...
7 years ago
CVE-2007-1876 - VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction." ...
6 years ago
CVE-2006-1876 - Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly ...
6 years ago
CVE-2018-1876 - IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707. ...
5 years ago
CVE-2019-1876 - A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient authentication ...
5 years ago
CVE-2020-1876 - NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the ...
5 years ago
CVE-2002-1876 - Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS. ...
4 years ago
CVE-2011-1876 - Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local ...
4 years ago
CVE-2012-1876 - Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer ...
3 years ago
CVE-2022-1876 - Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. ...
2 years ago
CVE-2017-1876 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com