adobe -- flash_player |
Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors." |
2008-11-17 | 9.3 | CVE-2008-4824 CONFIRM |
apple -- safari |
Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image, related to improper handling of color spaces. |
2008-11-17 | 9.3 | CVE-2008-3623 BID CONFIRM APPLE |
apple -- cups |
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions. |
2008-11-20 | 10.0 | CVE-2008-5184 MLIST MISC CONFIRM |
balabit -- syslog-ng |
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. |
2008-11-17 | 9.3 | CVE-2008-5110 MLIST CONFIRM |
boonex -- orca |
PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gConf[dir][layouts] parameter. |
2008-11-19 | 9.3 | CVE-2008-5167 BID MILW0RM SECUNIA |
citrix -- deterministic_network_enhancer |
dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. |
2008-11-17 | 7.2 | CVE-2008-5121 CERT-VN BID MILW0RM MISC MISC SECUNIA SECUNIA SECUNIA SECUNIA |
clientsoftware -- wincome_mpd_total |
Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to bypass authentication and perform administrative actions via vectors involving "simply skipping the auth stage." |
2008-11-18 | 7.5 | CVE-2008-5158 BID BUGTRAQ FRSIRT SECUNIA MISC MISC |
clientsoftware -- wincome_mpd_total |
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption. |
2008-11-18 | 10.0 | CVE-2008-5159 BID BUGTRAQ FRSIRT SECUNIA MISC MISC |
clientsoftware -- wincom_mpd_total |
Multiple buffer overflows in Client Software WinCom LPD Total 3.0.2.623 and earlier allow remote attackers to execute arbitrary code via (1) a long 0x02 command to the remote administration service on TCP port 13500 or (2) a long invalid control filename to LPDService.exe on TCP port 515. |
2008-11-20 | 9.3 | CVE-2008-5176 BID BUGTRAQ FRSIRT SECUNIA MISC MISC |
dcgrendel -- vmbuilder |
The (1) python-vm-builder and (2) ubuntu-vm-builder implementations in VMBuilder 0.9 in Ubuntu 8.10 omit the -e option when invoking chpasswd with a root:! argument, which configures the root account with a cleartext password of ! (exclamation point) and allows attackers to bypass intended login restrictions. |
2008-11-17 | 7.2 | CVE-2008-5103 BID SECUNIA |
dcgrendel -- vmbuilder |
Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by (1) python-vm-builder or (2) ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! (exclamation point) as the default root password, which allows attackers to bypass intended login restrictions. |
2008-11-17 | 7.2 | CVE-2008-5104 BID SECUNIA |
develop_it_easy -- news_and_article_system |
Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php). |
2008-11-18 | 7.5 | CVE-2008-5131 BID MILW0RM SECUNIA |
easysitenetwork -- riddles_website |
SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote attackers to execute arbitrary SQL commands via the riddleid parameter. |
2008-11-19 | 7.5 | CVE-2008-5166 BID MILW0RM SECUNIA |
easysitenetwork -- tips_complete_website |
SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter. |
2008-11-19 | 7.5 | CVE-2008-5168 BID MILW0RM SECUNIA |
easysitenetwork -- drinks_complete_website |
SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter. |
2008-11-19 | 7.5 | CVE-2008-5169 BID MILW0RM SECUNIA |
easysitenetwork -- cheats_complete_website |
SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter. |
2008-11-19 | 7.5 | CVE-2008-5170 BID MILW0RM SECUNIA |
easysitenetwork -- jokes_complete_website |
SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter. |
2008-11-19 | 7.5 | CVE-2008-5174 BID MILW0RM SECUNIA |
ecryptfs -- ecryptfs_utils |
The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process. |
2008-11-20 | 7.2 | CVE-2008-5188 CONFIRM MLIST MLIST MLIST CONFIRM |
ektron -- cms4000.net |
SQL injection vulnerability in ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter. |
2008-11-17 | 7.5 | CVE-2008-5122 XF BID MISC |
enlightenment -- imlib2 |
The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
2008-11-20 | 7.5 | CVE-2008-5187 MLIST SECUNIA CONFIRM |
eshop100 -- eshop100 |
SQL injection vulnerability in index.php in eSHOP100 allows remote attackers to execute arbitrary SQL commands via the SUB parameter. |
2008-11-21 | 7.5 | CVE-2008-5190 MILW0RM SECUNIA |
eticket -- eticket |
Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php. |
2008-11-19 | 7.5 | CVE-2008-5165 BID CONFIRM MISC SECUNIA |
geshi -- geshi |
** DISPUTED ** The set_language_path function in geshi.php in Generic Syntax Highlighter (GeSHi) before 1.0.8.1 might allow remote attackers to conduct file inclusion attacks via crafted inputs that influence the default language path ($path variable). NOTE: this issue has been disputed by a vendor, stating that only a static value is used, so this is not a vulnerability in GeSHi. Separate CVE identifiers would be created for web applications that integrate GeSHi in a way that allows control of the default language path. |
2008-11-20 | 7.5 | CVE-2008-5186 BID CONFIRM |
hp -- service_manager |
Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors. |
2008-11-17 | 9.0 | CVE-2008-4415 BID HP HP |
hp -- openvms |
Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string. |
2008-11-17 | 10.0 | CVE-2008-5120 BID BUGTRAQ |
insight-tech -- yosemite_backup |
Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform, related to libytlindtb.so; or (2) cause a denial of service (application crash) and possibly execute arbitrary code on a Windows platform, related to ytwindtb.dll; via a long username field during authentication. |
2008-11-20 | 10.0 | CVE-2008-5177 BID MISC MISC SECUNIA OSVDB OSVDB |
jscape -- secure_ftp_applet |
JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH host key, which makes it easier for remote attackers to perform man-in-the-middle attacks. |
2008-11-17 | 7.5 | CVE-2008-5124 XF SECTRACK BID BUGTRAQ CONFIRM SECUNIA |
karjasoft -- sami_ftp_server |
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. NOTE: this may overlap CVE-2006-0441 and CVE-2006-2212. |
2008-11-17 | 10.0 | CVE-2008-5106 BID BUGTRAQ |
linux -- kernel |
Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. |
2008-11-17 | 7.8 | CVE-2008-5025 CONFIRM MLIST MLIST MLIST MLIST MLIST MLIST CONFIRM |
linux -- kernel |
Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response." |
2008-11-18 | 10.0 | CVE-2008-5134 CONFIRM MLIST CONFIRM MLIST |
memht -- memht_portal |
SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header. |
2008-11-18 | 7.5 | CVE-2008-5132 BID MILW0RM SECUNIA |
microsoft -- .net_framework |
The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital signature Public Key Token embedded in the pathname of a DLL file instead of the digital signature of this file itself, which makes it easier for attackers to bypass Global Assembly Cache (GAC) and Code Access Security (CAS) protection mechanisms, aka MSRC ticket MSRC8566gs. |
2008-11-17 | 10.0 | CVE-2008-5100 BUGTRAQ MISC MISC |
opera -- opera |
Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. |
2008-11-20 | 9.3 | CVE-2008-5178 BID FRSIRT SECUNIA OSVDB MILW0RM |
optipng -- optipng |
Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow." |
2008-11-17 | 9.3 | CVE-2008-5101 CONFIRM CONFIRM |
philboard -- philboard |
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920. |
2008-11-21 | 7.5 | CVE-2008-5192 BID MILW0RM SECUNIA |
phpblaster -- phpblaster_cms |
Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin parameters. |
2008-11-19 | 9.3 | CVE-2008-5171 MILW0RM |
sebrac -- sebraccms |
Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4 allow remote attackers to execute arbitrary SQL commands via (1) the recid parameter to cms/form/read.php, (2) the uname parameter to cms/index.php, and other unspecified vectors. |
2008-11-21 | 7.5 | CVE-2008-5195 BID MILW0RM |
seportal -- seportal |
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php. |
2008-11-21 | 7.5 | CVE-2008-5191 BID MILW0RM SECUNIA |
smsclient -- smsclient |
mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/header.##### or (2) /tmp/body.##### temporary file, or append data to arbitrary files via a symlink attack on the (3) /tmp/sms.log temporary file. |
2008-11-18 | 9.3 | CVE-2008-5155 MISC MLIST |
softvisions_software -- online_booking_manager |
SQL injection vulnerability in checkavail.php in SoftVisions Software Online Booking Manager (obm) 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
2008-11-21 | 7.5 | CVE-2008-5194 BID MILW0RM SECUNIA |
sun -- java_system_identity_manager |
Unspecified vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to access files in the local filesystem of the IDM server via unknown vectors. |
2008-11-17 | 7.8 | CVE-2008-5116 SUNALERT |
testmaker -- testmaker |
Unspecified vulnerability in testMaker before 3.0p16 allows remote authenticated users to execute arbitrary PHP code via unspecified attack vectors. |
2008-11-19 | 9.0 | CVE-2008-5173 CONFIRM |
theratstudios -- the_rat_cms |
Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewarticle.php and (2) viewarticle2.php. |
2008-11-19 | 7.5 | CVE-2008-5163 BID BUGTRAQ |
trend_micro -- serverprotect |
Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface." |
2008-11-17 | 10.0 | CVE-2006-5268 XF BID ISS FRSIRT SECUNIA MISC |
trend_micro -- serverprotect |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface. |
2008-11-17 | 10.0 | CVE-2006-5269 XF BID ISS FRSIRT SECUNIA MISC |
trend_micro -- serverprotect |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC. |
2008-11-17 | 10.0 | CVE-2007-0072 XF BID ISS FRSIRT SECUNIA MISC |
trend_micro -- serverprotect |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC. |
2008-11-17 | 10.0 | CVE-2007-0073 XF BID ISS FRSIRT SECUNIA MISC |
trend_micro -- serverprotect |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC. |
2008-11-17 | 10.0 | CVE-2007-0074 XF BID ISS FRSIRT SECUNIA MISC |
trend_micro -- serverprotect |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014. |
2008-11-17 | 10.0 | CVE-2008-0012 XF BID ISS FRSIRT SECUNIA MISC |
trend_micro -- serverprotect |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014. |
2008-11-17 | 10.0 | CVE-2008-0013 XF BID ISS FRSIRT SECUNIA MISC |
trend_micro -- serverprotect |
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013. |
2008-11-17 | 10.0 | CVE-2008-0014 XF BID ISS FRSIRT SECUNIA MISC |
visicommedia -- aceftp |
Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. |
2008-11-19 | 9.3 | CVE-2008-5175 FRSIRT MISC SECUNIA |