|
257791
|
- |
|
xensource
|
xen
|
Possible solution and more infomation located here: http://rhn.redhat.com/errata/RHSA-2008-0194.html
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1943
|
2017-09-29 10:30 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257792
|
- |
|
xensource
|
xen
|
Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly exec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1944
|
2017-09-29 10:30 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257793
|
- |
|
xensource
|
xen
|
https://bugzilla.redhat.com/show_bug.cgi?id=443078
"The PVFB backend is a user space program running as root in dom0"
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1944
|
2017-09-29 10:30 |
2008-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257794
|
- |
|
gnu
|
coreutils
|
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command li…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-1946
|
2017-09-29 10:30 |
2008-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257795
|
- |
|
xensource
|
xen_para_virtualized_frame_buffer
|
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mappin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1952
|
2017-09-29 10:30 |
2008-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257796
|
- |
|
webcalendar
|
web_calendar_pro
|
SQL injection vulnerability in one_day.php in Web Calendar Pro 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1954
|
2017-09-29 10:30 |
2008-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257797
|
- |
|
easyscripts
|
tr_script_news
|
SQL injection vulnerability in news.php in Tr Script News 2.1 allows remote attackers to execute arbitrary SQL commands via the nb parameter in voir mode.
|
CWE-89
SQL Injection
|
CVE-2008-1957
|
2017-09-29 10:30 |
2008-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257798
|
- |
|
easyscripts
|
tr_script_news
|
Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with a .php extens…
|
CWE-94
Code Injection
|
CVE-2008-1958
|
2017-09-29 10:30 |
2008-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257799
|
- |
|
php_resource
|
voice_of_web_allmyguests
|
SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMG_id parameter in a comments action.
|
CWE-89
SQL Injection
|
CVE-2008-1961
|
2017-09-29 10:30 |
2008-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257800
|
- |
|
chimaera
|
aterr
|
Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) class parameter to include/functions.inc.…
|
CWE-22
Path Traversal
|
CVE-2008-1962
|
2017-09-29 10:30 |
2008-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
