|
261701
|
- |
|
file-transfer
|
file_transfer
|
Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the filename.
|
CWE-22
Path Traversal
|
CVE-2008-1564
|
2017-08-8 10:30 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261702
|
- |
|
manageengine
|
applications_manager
|
Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine Applications Manager 8.x allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: the prove…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1566
|
2017-08-8 10:30 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261703
|
- |
|
comix
|
comix
|
comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs.
|
CWE-20
Improper Input Validation
|
CVE-2008-1568
|
2017-08-8 10:30 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261704
|
- |
|
policyd-weight
|
policyd-weight
|
policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket.
|
CWE-59
Link Following
|
CVE-2008-1569
|
2017-08-8 10:30 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261705
|
- |
|
policyd-weight
|
policyd-weight
|
Race condition in the create_lockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the …
|
CWE-362
Race Condition
|
CVE-2008-1570
|
2017-08-8 10:30 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261706
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the UR…
|
CWE-22
Path Traversal
|
CVE-2008-1571
|
2017-08-8 10:30 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261707
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Image Capture in Apple Mac OS X before 10.5 does not properly use temporary files, which allows local users to overwrite arbitrary files, and display images that are being resized by this application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1572
|
2017-08-8 10:30 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261708
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, whic…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1573
|
2017-08-8 10:30 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261709
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Integer overflow in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image that trigge…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1574
|
2017-08-8 10:30 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261710
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a…
|
CWE-399
Resource Management Errors
|
CVE-2008-1575
|
2017-08-8 10:30 |
2008-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
