The vulnerability allows a remote user to carry out an XSS attack and gain access to potentially critical data of other users. Example: Program: Drupal Outline Designer Module 5.x 1) The vulnerability results from insufficient input processing in the "pm_title" parameter. A remote user can execute an arbitrary PHP script on a target system with Web server privileges. The vulnerability results from an error in input verification when PROCESS_DUP_HANDLE is used. By using the "_SERVER[DOCUMENT_ROOT] " parameter by using the poll.php and pollarchive.php scripts, the remote user can execute an arbitrary PHP script on a target system with Web server privileges. The vulnerability results from insufficient input processing in the "u1", "m1", "m2", "m3" and "m4" parameters by using the include/pmpopup.php script. Program: Microsoft Windows Server 2003 Program: Mozilla Firefox 3.5.3 Program:  The HTTP TRACE method is reportedly enabled by default and cannot be disabled. Program: ProFTPD up until version 1.2.9rc3 Example: A remote user can employ a specially crafted query to view arbitrary files on the system. A remote user can execute an arbitrary PHP script on the target system with the privileges of the Web server. The vulnerability allows a remote user to hide script code in the ViewSource window when viewing the page source. For the name of the user: Exploit: The vulnerability can be used for DoS attacks, or to redirect packets to another location.  Program: Barracuda Spam & Virus Firewall 4.x Example: The vulnerability results from improper handling of SIP messages. The vulnerability allows a local attacker to execute malicious actions with escalated privileges on the target system. The vulnerability allows a remote user to execute an arbitrary PHP script on the target system. Program: ActSoft DVD-Tools dvdtools.ocx 3.8.5.0 The vulnerability allows a remote user to execute arbitrary SQL commands in the application database. The vulnerability exists due to an error in the validation of input data when processing the maximum size of the TCP segment. The vulnerability results from an error in generating an absolute path to a queried resource. A found vulnerability allows overwriting arbitrary files on a target system. A remote user can send a specially crafted request to run arbitrary code in the victim’s browser within a vulnerable website’s security context. A vulnerability allows a local user to gain access to important data on the system. The vulnerability results from insufficient input processing. Program: Micronet SP1910 Network Access Controller The vulnerability exists due to an error in the validation of input data in xDb.XDB_PITRIG_PKG.PITRIG_TRUNCATE. Example: Program: OES (Open Educational System) 0.1beta Program: Microsoft Internet Explorer 1) The vulnerability exists due to an error in the validation of input data when processing the DR7 debug register. Exploit When a user, the malicious website’s victim, visits the website, the attacker can feed the browser an improperly created file to cause heap overflow and arbitrary code execution. A vulnerability allows a remote intruder to make a DoS attack on a target system. The vulnerability can allow a remote user to cause a denial of service by the system or overflow the buffer. A remote attacker can gain complete control over the client system. An authentication vulnerability was found in OpenBSD login_radius(8) RADIUS. Program: Mozilla Firefox 1.5.0.6 for Windows, possibly other versions. An attacker can send specially crafted data to cause arbitrary code execution with elevated privileges. A remote user can employ a specially crafted value to view arbitrary files on the system. Example: An attacker can send specially crafted data to run arbitrary code.