|
274261
|
- |
|
bea
bea_systems
|
weblogic_server
weblogic_express
|
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0900
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274262
|
- |
|
bea
bea_systems
|
weblogic_server
|
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOT…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0902
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274263
|
- |
|
bea_systems
|
weblogic_express
weblogic_server
|
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2008-0903
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274264
|
- |
|
bea_systems
|
aqualogic_interaction
plumtree_collaboration
|
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted…
|
CWE-200
Information Exposure
|
CVE-2008-0904
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274265
|
- |
|
the_sword_project
|
diatheke_front_end
sword
|
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.
|
CWE-20
Improper Input Validation
|
CVE-2008-0932
|
2011-03-8 12:05 |
2008-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274266
|
- |
|
novell
|
iprint
iprint_client
|
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0935
|
2011-03-8 12:05 |
2008-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274267
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer ove…
|
CWE-189
Numeric Errors
|
CVE-2008-0988
|
2011-03-8 12:05 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274268
|
- |
|
fujitsu
|
interstage_application_server_enterprise
interstage_application_server_standard_j
interstage_apworks_enterprise
interstage_apworks_standard_j
interstage_studio_enterprise
interstage_st…
|
Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote at…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1040
|
2011-03-8 12:05 |
2008-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274269
|
- |
|
internet_security_systems
|
internet_scanner
|
Cross-site scripting (XSS) vulnerability in the report interface in Internet Security Systems (ISS) Internet Scanner 7.0 Service Pack 2 Build 7.2.2005.52 allows remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1073
|
2011-03-8 12:05 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274270
|
- |
|
icq
|
mirabilis_icq
|
Format string vulnerability in the embedded Internet Explorer component for Mirabilis ICQ 6 build 6043 allows remote servers to execute arbitrary code or cause a denial of service (crash) via unspeci…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-1120
|
2011-03-8 12:05 |
2008-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
