|
256541
|
- |
|
xmlsoft
|
libxml
|
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
|
CWE-189
Numeric Errors
|
CVE-2008-4225
|
2017-09-29 10:32 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256542
|
- |
|
xmlsoft
|
libxml
|
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large …
|
CWE-399
Resource Management Errors
|
CVE-2008-4226
|
2017-09-29 10:32 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256543
|
- |
|
cj
|
ultra_plus
|
SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie.
|
CWE-89
SQL Injection
|
CVE-2008-4241
|
2017-09-29 10:32 |
2008-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256544
|
- |
|
epic_games
|
unreal_tournament_3
|
Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a .. (dot …
|
CWE-22
Path Traversal
|
CVE-2008-4243
|
2017-09-29 10:32 |
2008-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256545
|
- |
|
rianxosencabos_cms
|
rianxosencabos_cms
|
Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
|
CWE-287
Improper Authentication
|
CVE-2008-4244
|
2017-09-29 10:32 |
2008-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256546
|
- |
|
rianxosencabos_cms
|
rianxosencabos_cms
|
The Admin Control Panel in Rianxosencabos CMS 0.9 does not require administrator privileges, which allows remote authenticated users to (1) change a user's privileges, (2) delete a user account, or p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4245
|
2017-09-29 10:32 |
2008-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256547
|
- |
|
microsoft
|
windows_mobile
|
Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote at…
|
CWE-20
Improper Input Validation
|
CVE-2008-4295
|
2017-09-29 10:32 |
2008-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256548
|
- |
|
redhat
|
enterprise_linux
enterprise_linux_desktop
|
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and sen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4313
|
2017-09-29 10:32 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256549
|
- |
|
redhat
|
enterprise_linux
enterprise_linux_desktop
|
tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier f…
|
NVD-CWE-Other
|
CVE-2008-4315
|
2017-09-29 10:32 |
2008-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256550
|
- |
|
project-observer
|
observer
|
Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
|
CWE-20
Improper Input Validation
|
CVE-2008-4318
|
2017-09-29 10:32 |
2008-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
