265031
|
- |
|
bea
|
weblogic_server
|
Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a st…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0897
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265032
|
- |
|
bea
|
weblogic_server
|
The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0898
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265033
|
- |
|
bea
|
weblogic_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0899
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265034
|
- |
|
bea bea_systems
|
weblogic_server weblogic_express
|
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0900
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265035
|
- |
|
bea bea_systems
|
weblogic_server
|
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOT…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0902
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265036
|
- |
|
bea_systems
|
weblogic_express weblogic_server
|
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2008-0903
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265037
|
- |
|
bea_systems
|
aqualogic_interaction plumtree_collaboration
|
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted…
|
CWE-200
Information Exposure
|
CVE-2008-0904
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265038
|
- |
|
the_sword_project
|
diatheke_front_end sword
|
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.
|
CWE-20
Improper Input Validation
|
CVE-2008-0932
|
2011-03-8 12:05 |
2008-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265039
|
- |
|
novell
|
iprint iprint_client
|
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0935
|
2011-03-8 12:05 |
2008-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265040
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer ove…
|
CWE-189
Numeric Errors
|
CVE-2008-0988
|
2011-03-8 12:05 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|