|
261561
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Foundation in Apple Mac OS X 10.4.11 creates world-writable directories while NSFileManager copies files recursively and only modifies the permissions afterward, which allows local users to modify co…
|
CWE-362
Race Condition
|
CVE-2008-0055
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261562
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0056
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261563
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list.
|
CWE-189
Numeric Errors
|
CVE-2008-0057
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261564
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that caus…
|
CWE-362
Race Condition
|
CVE-2008-0058
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261565
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
|
CWE-362
Race Condition
|
CVE-2008-0059
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261566
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstr…
|
CWE-94
Code Injection
|
CVE-2008-0060
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261567
|
- |
|
winamp
|
nullsoft_winamp
|
Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0065
|
2017-08-8 10:29 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261568
|
- |
|
orb_networks
|
orb
|
Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to execute arbitrary code via an RPC request that specifies a large number of array dimensions, which tri…
|
CWE-189
Numeric Errors
|
CVE-2008-0070
|
2017-08-8 10:29 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261569
|
- |
|
xine
|
xine-lib
|
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
|
CWE-189
Numeric Errors
|
CVE-2008-0073
|
2017-08-8 10:29 |
2008-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261570
|
- |
|
eticket
|
eticket
|
Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the (1) Name and (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0093
|
2017-08-8 10:29 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
