|
263771
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list.
|
CWE-189
Numeric Errors
|
CVE-2008-0057
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263772
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Race condition in the NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via unspecified manipulations that caus…
|
CWE-362
Race Condition
|
CVE-2008-0058
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263773
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Race condition in NSXML in Foundation for Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a crafted XML file, related to "error handling logic."
|
CWE-362
Race Condition
|
CVE-2008-0059
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263774
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstr…
|
CWE-94
Code Injection
|
CVE-2008-0060
|
2017-08-8 10:29 |
2008-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263775
|
- |
|
winamp
|
nullsoft_winamp
|
Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-0065
|
2017-08-8 10:29 |
2008-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263776
|
- |
|
orb_networks
|
orb
|
Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to execute arbitrary code via an RPC request that specifies a large number of array dimensions, which tri…
|
CWE-189
Numeric Errors
|
CVE-2008-0070
|
2017-08-8 10:29 |
2008-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263777
|
- |
|
xine
|
xine-lib
|
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
|
CWE-189
Numeric Errors
|
CVE-2008-0073
|
2017-08-8 10:29 |
2008-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263778
|
- |
|
eticket
|
eticket
|
Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the (1) Name and (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0093
|
2017-08-8 10:29 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263779
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the "Real name" field in Personal Setti…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0124
|
2017-08-8 10:29 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263780
|
- |
|
instantsoftwares
|
dating_site
|
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Username parameter, a different vulnerability than CVE…
|
CWE-89
SQL Injection
|
CVE-2008-0130
|
2017-08-8 10:29 |
2008-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
