268841
|
- |
|
apple
|
iphone
|
Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-3876
|
2008-09-17 14:35 |
2008-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268842
|
- |
|
six_apart
|
movable_type
|
Cross-site scripting (XSS) vulnerability in Movable Type (MT) 4.x through 4.20, and 3.36 and earlier; Movable Type Enterprise 4.x through 4.20, and 1.54 and earlier; and Movable Type Community Soluti…
|
CWE-79
Cross-site Scripting
|
CVE-2008-4079
|
2008-09-16 00:14 |
2008-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268843
|
- |
|
texmedia
|
million_pixel_script
|
SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
|
CWE-89
SQL Injection
|
CVE-2008-4055
|
2008-09-12 13:00 |
2008-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268844
|
- |
|
apple
|
itunes
|
Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow re…
|
CWE-200
Information Exposure
|
CVE-2008-3634
|
2008-09-11 13:00 |
2008-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268845
|
- |
|
opensuse
|
opensuse
|
Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem."
|
NVD-CWE-noinfo CWE-189
Numeric Errors
|
CVE-2008-2388
|
2008-09-11 10:10 |
2008-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268846
|
- |
|
opensuse
|
opensuse
|
opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack.
|
CWE-59
Link Following
|
CVE-2008-2389
|
2008-09-11 10:10 |
2008-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268847
|
- |
|
xine
|
xine-lib
|
Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0238
|
2008-09-11 10:04 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268848
|
- |
|
xine
|
xine-lib
|
Please see the following link for more information regarding the exploit:
http://aluigi.altervista.org/adv/xinermffhof-adv.txt
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0238
|
2008-09-11 10:04 |
2008-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268849
|
- |
|
softartisans
|
xfile
|
Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-1682
|
2008-09-11 09:51 |
2008-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268850
|
- |
|
php
|
php
|
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path speci…
|
NVD-CWE-Other
|
CVE-2007-0448
|
2008-09-11 09:49 |
2007-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|