|
263811
|
- |
|
google
|
google_apps
|
The SAML Single Sign-On (SSO) Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a r…
|
NVD-CWE-noinfo
CWE-287
Improper Authentication
|
CVE-2008-3891
|
2008-09-6 06:44 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263812
|
- |
|
suspend2
|
software_suspend_2
|
Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local u…
|
CWE-200
Information Exposure
|
CVE-2008-3901
|
2008-09-6 06:44 |
2008-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263813
|
- |
|
speedbit
|
download_accelerator_plus
|
SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse upd…
|
CWE-94
Code Injection
|
CVE-2008-3433
|
2008-09-6 06:43 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263814
|
- |
|
linkedin
|
browser_toolbar
|
LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as …
|
CWE-94
Code Injection
|
CVE-2008-3435
|
2008-09-6 06:43 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263815
|
- |
|
notepad\+\+
|
notepad\+\+
|
The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse up…
|
CWE-94
Code Injection
|
CVE-2008-3436
|
2008-09-6 06:43 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263816
|
- |
|
openoffice
|
openoffice.org
|
OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated b…
|
CWE-94
Code Injection
|
CVE-2008-3437
|
2008-09-6 06:43 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263817
|
- |
|
speedbit
|
speedbit_video_accelerator
|
SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demon…
|
CWE-94
Code Injection
|
CVE-2008-3439
|
2008-09-6 06:43 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263818
|
- |
|
winzip
|
winzip
|
WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and…
|
CWE-94
Code Injection
|
CVE-2008-3442
|
2008-09-6 06:43 |
2008-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263819
|
- |
|
egi_zaberl
|
e.z._poll
|
Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provena…
|
CWE-89
SQL Injection
|
CVE-2008-3590
|
2008-09-6 06:43 |
2008-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263820
|
- |
|
acronis
|
true_image_echo_server
|
Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this…
|
CWE-310
Cryptographic Issues
|
CVE-2008-3671
|
2008-09-6 06:43 |
2008-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
