Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5826 | 1 Nokia | 1 6131 Nfc | 2017-08-07 | 7.8 HIGH | N/A |
| The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers to cause a denial of service (device crash) via (1) a large value in the payload length field in an NDEF record, or a certain length for a (2) tel: or (3) sms: NDEF URI. | |||||
| CVE-2008-5827 | 1 Nokia | 1 6131 Nfc | 2017-08-07 | 7.5 HIGH | N/A |
| The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware automatically installs software upon completing the download of a JAR file, which makes it easier for remote attackers to execute arbitrary code via a crafted URI record in an NDEF tag. | |||||
| CVE-2008-5839 | 1 Foxmail | 1 Foxmail | 2017-08-07 | 9.3 HIGH | N/A |
| Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element. | |||||
| CVE-2008-5846 | 1 Sixapart | 1 Movable Type | 2017-08-07 | 4.0 MEDIUM | N/A |
| Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for posts to bypass intended access restrictions and publish posts via a "system-wide entry listing screen." | |||||
| CVE-2008-5849 | 1 Checkpoint | 1 Vpn-1 | 2017-08-07 | 5.0 MEDIUM | N/A |
| Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. | |||||
| CVE-2008-5857 | 1 Knowledgetree Document Management | 1 Knowledgetree Document Management | 2017-08-07 | 6.5 MEDIUM | N/A |
| The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests. | |||||
| CVE-2008-5858 | 1 Knowledgetree Document Management | 1 Knowledgetree Document Management | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-4281. | |||||
| CVE-2008-5867 | 1 Yerba | 1 Yerba | 2017-08-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Yerba SACphp 6.3 allows remote attackers to read arbitrary files, and possibly have other impact, via directory traversal sequences in the mod field contained in the base64-encoded SID parameter to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-5871 | 1 Nortel | 1 Multimedia Communication Server 5100 | 2017-08-07 | 6.4 MEDIUM | N/A |
| Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command. | |||||
| CVE-2008-5872 | 1 Nortel | 1 Multimedia Communication Server 5100 | 2017-08-07 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attackers to cause a denial of service (device outage) via a UFTP message that has a negative block size or other crafted Connection Details values. | |||||
| CVE-2008-5876 | 1 Irrlicht | 1 Irrlicht | 2017-08-07 | 9.3 HIGH | N/A |
| Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors in the B3D loader. | |||||
| CVE-2008-5903 | 1 Xrdp | 1 Xrdp | 2017-08-07 | 7.5 HIGH | N/A |
| Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member. | |||||
| CVE-2008-5904 | 1 Xrdp | 1 Xrdp | 2017-08-07 | 7.5 HIGH | N/A |
| The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow. | |||||
| CVE-2008-5905 | 1 Ktorrent | 1 Ktorrent | 2017-08-07 | 4.3 MEDIUM | N/A |
| The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request. | |||||
| CVE-2008-5906 | 1 Ktorrent | 1 Ktorrent | 2017-08-07 | 6.8 MEDIUM | N/A |
| Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts. | |||||
| CVE-2008-5908 | 1 Sun | 1 Opensolaris | 2017-08-07 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the root/boot archive tool in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653455. | |||||
| CVE-2008-5909 | 1 Sun | 1 Opensolaris | 2017-08-07 | 7.2 HIGH | N/A |
| Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors, related to improper handling of temporary files, aka Bug ID 6655641. | |||||
| CVE-2008-5910 | 1 Sun | 1 Opensolaris | 2017-08-07 | 7.2 HIGH | N/A |
| Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653462. | |||||
| CVE-2008-5912 | 1 Microsoft | 1 Internet Explorer | 2017-08-07 | 2.1 LOW | N/A |
| An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-5916 | 1 Git | 1 Git | 2017-08-07 | 4.6 MEDIUM | N/A |
| gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query. | |||||