|
261671
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
|
CWE-362
Race Condition
|
CVE-2008-0059
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261672
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstr…
|
CWE-94
Code Injection
|
CVE-2008-0060
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261673
|
- |
|
winamp
|
nullsoft_winamp
|
Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0065
|
2017-08-8 10:29 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261674
|
- |
|
orb_networks
|
orb
|
Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to execute arbitrary code via an RPC request that specifies a large number of array dimensions, which tri…
|
CWE-189
Numeric Errors
|
CVE-2008-0070
|
2017-08-8 10:29 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261675
|
- |
|
xine
|
xine-lib
|
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
|
CWE-189
Numeric Errors
|
CVE-2008-0073
|
2017-08-8 10:29 |
2008-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261676
|
- |
|
eticket
|
eticket
|
Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the (1) Name and (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0093
|
2017-08-8 10:29 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261677
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the "Real name" field in Personal Setti…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0124
|
2017-08-8 10:29 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261678
|
- |
|
instantsoftwares
|
dating_site
|
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE…
|
CWE-89
SQL Injection
|
CVE-2008-0130
|
2017-08-8 10:29 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261679
|
- |
|
php
|
php
|
Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-…
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0145
|
2017-08-8 10:29 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261680
|
- |
|
pragma_systems
|
pragma_telnetserver
|
telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which trigge…
|
CWE-399
Resource Management Errors
|
CVE-2008-0153
|
2017-08-8 10:29 |
2008-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
