CVE-2009-4149

Cross-site scripting (XSS) vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

Publication date: Thu, 10 Dec 2009 00:30:00 +0000

Cyber News related to CVE-2009-4149

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2015-4149 - SecurityCenter contains multiple flaws that may allow an authenticated user to execute remote commands on the device. The issue is due to four separate pages not fully sanitizing user-supplied files during upload functions, allowing for the injection ...
55 years ago Tenable.com

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago

CVE-2009-4149 - Cross-site scripting (XSS) vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. ...
15 years ago

CVE-2012-2051 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4147, ...
7 years ago

CVE-2012-4153 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4151 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4149 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4160 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4147 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4154 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4156 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4150 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4148 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4158 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4159 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4157 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4155 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2012-4152 - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, ...
7 years ago

CVE-2015-4150 - SecurityCenter contains multiple flaws that may allow an authenticated user to execute remote commands on the device. The issue is due to four separate pages not fully sanitizing user-supplied files during upload functions, allowing for the injection ...
55 years ago Tenable.com

CVE-2016-4149 - Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs ...
2 years ago

CVE-2007-4149 - The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authentication for (1) the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; (2) the SETTINGSFILE command, which ...
12 years ago

CVE-2008-4149 - Cross-site scripting (XSS) vulnerability in the Greg Holsclaw Link to Us module 5.x before 5.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link page header" field. ...
7 years ago

Latest Cyber News

Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack - 32 minutes ago
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware - 43 minutes ago
Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released - 1 hour ago
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast - 1 hour ago
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries - 1 hour ago
PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability - 1 hour ago
Google Unveils Quantum-Safe Digital Signatures in Cloud KMS - 2 hours ago
Nagios XI Vulnerability Allows Unauthenticated Users to View Other User Details & Email - 2 hours ago
Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks - 2 hours ago
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks - 3 hours ago
CVE-2025-1594 - 12 hours ago
CVE-2025-1593 - 13 hours ago
CVE-2025-1592 - 13 hours ago
CVE-2025-1591 - 14 hours ago
CVE-2025-1590 - 14 hours ago
CVE-2025-1589 - 15 hours ago
10 Best Ransomware Protection Tools - 2025 - 15 hours ago
10 Best Email Security Gateways in 2025 - 16 hours ago
CVE-2025-1467 - 17 hours ago
CVE-2025-1588 - 17 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
Kimsuky - 1 year ago
23andMe - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack - 32 minutes ago
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware - 43 minutes ago
Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released - 1 hour ago
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast - 1 hour ago
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries - 1 hour ago
PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability - 1 hour ago
Google Unveils Quantum-Safe Digital Signatures in Cloud KMS - 2 hours ago
Nagios XI Vulnerability Allows Unauthenticated Users to View Other User Details & Email - 2 hours ago
Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks - 2 hours ago
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks - 3 hours ago
CVE-2025-1575 - 1 day ago
CVE-2025-1576 - 1 day ago
CVE-2024-13728 - 1 day ago
CVE-2025-1577 - 1 day ago
CVE-2025-1578 - 1 day ago
CVE-2025-1579 - 1 day ago
CVE-2025-1580 - 23 hours ago
CVE-2025-1581 - 22 hours ago
CVE-2025-1582 - 21 hours ago
CVE-2025-1583 - 21 hours ago