|
272351
|
- |
|
ibm
|
os_400
|
Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.
|
CWE-79
Cross-site Scripting
|
CVE-2008-0694
|
2011-03-8 12:05 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272352
|
- |
|
ibm
|
db2
|
IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0696
|
2011-03-8 12:05 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272353
|
- |
|
ibm
|
db2
|
Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0697
|
2011-03-8 12:05 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272354
|
- |
|
ibm
|
db2
|
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0698
|
2011-03-8 12:05 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272355
|
- |
|
acdsee
|
photo_manager
|
Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0715
|
2011-03-8 12:05 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272356
|
- |
|
symantec
|
altiris_notification_server
|
The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 allows local users to gain privileges via a "Shatter" style attack.
|
NVD-CWE-Other
|
CVE-2008-0716
|
2011-03-8 12:05 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272357
|
- |
|
ibm
|
websphere_edge_server
|
Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0717
|
2011-03-8 12:05 |
2008-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272358
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix Pack 15 (6.1.0.15) writes unspecified cleartext information to http_plugin.log, which might allow local u…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0740
|
2011-03-8 12:05 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272359
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors.
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0741
|
2011-03-8 12:05 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272360
|
- |
|
horde
|
groupware
groupware_webmail_edition
turba_contact_manager
|
lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition bef…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0807
|
2011-03-8 12:05 |
2008-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
