Total
1251 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2559 | 1 Damian Frizza | 1 Borland Interbase | 2017-08-07 | 7.5 HIGH | N/A |
| Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NOTE: this issue might be related to CVE-2008-0467. | |||||
| CVE-2008-3217 | 1 Powerdns | 1 Recursor | 2017-08-07 | 6.8 MEDIUM | N/A |
| PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637. | |||||
| CVE-2008-2654 | 1 Lavrsen | 1 Motion | 2017-08-07 | 10.0 HIGH | N/A |
| Off-by-one error in the read_client function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and compiler. | |||||
| CVE-2008-1685 | 1 Gnu | 1 Gcc | 2017-08-07 | 6.8 MEDIUM | N/A |
| ** DISPUTED ** gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer overflow attacks, and provide no diagnostic message about this removal. NOTE: the vendor has determined that this compiler behavior is correct according to section 6.5.6 of the C99 standard (aka ISO/IEC 9899:1999). | |||||
| CVE-2008-1617 | 1 Interwoven | 1 Worksite Web | 2017-08-07 | 9.3 HIGH | N/A |
| Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null. | |||||
| CVE-2008-1667 | 2 Eps, Hp | 2 Probe Builder, Openview Internet Services | 2017-08-07 | 7.8 HIGH | N/A |
| The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode. | |||||
| CVE-2008-1771 | 1 Fireflymediaserver | 1 Fireflymediaserver | 2017-08-07 | 7.5 HIGH | N/A |
| Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a large Content-Length. | |||||
| CVE-2008-2322 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2017-08-07 | 9.3 HIGH | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow. | |||||
| CVE-2008-0051 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-07 | 6.9 MEDIUM | N/A |
| Integer overflow in CoreFoundation in Apple Mac OS X 10.4.11 might allow local users to execute arbitrary code via crafted time zone data. | |||||
| CVE-2007-6353 | 1 Exiv2 | 1 Exiv2 | 2017-08-07 | 7.5 HIGH | N/A |
| Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. | |||||
| CVE-2008-0550 | 1 Radio Toolbox | 1 Steamcast | 2017-08-07 | 10.0 HIGH | N/A |
| Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header. | |||||
| CVE-2007-6359 | 1 Apple | 1 Mac Os X | 2017-08-07 | 4.9 MEDIUM | N/A |
| The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL. | |||||
| CVE-2008-0549 | 1 Radio Toolbox | 1 Steamcast | 2017-08-07 | 5.0 MEDIUM | N/A |
| Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via a long Ogg tag. | |||||
| CVE-2007-6261 | 1 Apple | 1 Mac Os X | 2017-08-07 | 4.9 MEDIUM | N/A |
| Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary. | |||||
| CVE-2007-6336 | 1 Clam Anti-virus | 1 Clamav | 2017-08-07 | 6.8 MEDIUM | N/A |
| Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file. | |||||
| CVE-2008-1034 | 1 Apple | 1 Mac Os X | 2017-08-07 | 9.3 HIGH | N/A |
| Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow. | |||||
| CVE-2008-0073 | 2 Redhat, Xine | 2 Fedora, Xine-lib | 2017-08-07 | 6.8 MEDIUM | N/A |
| Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. | |||||
| CVE-2008-0548 | 1 Radio Toolbox | 1 Steamcast | 2017-08-07 | 5.0 MEDIUM | N/A |
| Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc fails. | |||||
| CVE-2008-0070 | 1 Orb Networks | 1 Orb | 2017-08-07 | 4.6 MEDIUM | N/A |
| Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to execute arbitrary code via an RPC request that specifies a large number of array dimensions, which triggers a heap-based buffer overflow. | |||||
| CVE-2008-0057 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-07 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in a "legacy serialization format" parser in AppKit in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via a crafted serialized property list. | |||||