|
261391
|
- |
|
ibm
|
workplace_content_management
|
Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 before CF8, when a Page Navigation Component shows menu entries, allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5228
|
2017-08-8 10:33 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261392
|
- |
|
xine
|
xine-lib
|
xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_v…
|
NVD-CWE-noinfo
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5245
|
2017-08-8 10:33 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261393
|
- |
|
xine
|
xine-lib
|
Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the (1) id3v22_interp_frame and (2) id3v24_interp_fra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5246
|
2017-08-8 10:33 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261394
|
- |
|
virtualox
|
virtualox
|
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary fil…
|
CWE-59
Link Following
|
CVE-2008-5256
|
2017-08-8 10:33 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261395
|
- |
|
ibm
|
tivoli_access_manager_for_e-business
|
webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerabil…
|
CWE-20
Improper Input Validation
|
CVE-2008-5257
|
2017-08-8 10:33 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261396
|
- |
|
toddwoolums
|
todd_woolums_asp_news_management
|
Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct request to (1) rss.asp, (2) viewheadings.asp, or (3) viewnews.asp. NOTE: the provenance of this informa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5274
|
2017-08-8 10:33 |
2008-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261397
|
- |
|
net2ftp
|
net2ftp
|
Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, …
|
CWE-22
Path Traversal
|
CVE-2008-5275
|
2017-08-8 10:33 |
2008-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261398
|
- |
|
powerdns
|
powerdns
|
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
|
NVD-CWE-noinfo
CWE-16
Configuration
|
CVE-2008-5277
|
2017-08-8 10:33 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261399
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5278
|
2017-08-8 10:33 |
2008-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261400
|
- |
|
wordpress
|
wordpress
|
http://wordpress.org/development/2008/11/wordpress-265/
The security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5278
|
2017-08-8 10:33 |
2008-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
