Lucene search
K

3127 matches found

Prion
Prion
added 2008/08/18 5:41 p.m.18 views

Authentication flaw

The management console in the Volume Manager Scheduler Service aka VxSchedService.exe in Symantec Veritas Storage Foundation for Windows SFW 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that...

10CVSS8.2AI score0.12246EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2008/08/18 5:41 p.m.24 views

CVE-2008-3703

The management console in the Volume Manager Scheduler Service aka VxSchedService.exe in Symantec Veritas Storage Foundation for Windows SFW 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that...

10CVSS7.8AI score0.12246EPSS
Exploits0References11
NVD
NVD
added 2008/07/18 4:41 p.m.22 views

CVE-2008-3215

libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713...

5CVSS6.5AI score0.04708EPSS
Exploits1References17
Cvelist
Cvelist
added 2008/07/18 4:0 p.m.22 views

CVE-2008-3215

libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713...

6.5AI score0.04708EPSS
Exploits1References17
Debian CVE
Debian CVE
added 2008/07/18 4:0 p.m.29 views

CVE-2008-3215

libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713...

5CVSS6.2AI score0.04708EPSS
Exploits1
Debian CVE
Debian CVE
added 2008/04/28 6:21 p.m.61 views

CVE-2008-1930

The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string containing USERNAME and EXPIRYTIME, which allows remote attackers to forge cookies by registering a username that results in the same concatenated string, as demonstrated by registering usernames beginning...

7.5CVSS3.3AI score0.05001EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2008/04/23 4:5 p.m.26 views

CVE-2008-1897

The IAX2 channel driver chaniax2 in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow...

4.3CVSS5.9AI score0.02743EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2008/04/22 4:41 a.m.26 views

CVE-2008-1679

Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965...

6.8CVSS6.2AI score0.04033EPSS
Exploits0References2
Prion
Prion
added 2008/04/22 4:41 a.m.31 views

Integer overflow

Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965...

6.8CVSS7.6AI score0.12488EPSS
Exploits1References29Affected Software1
Prion
Prion
added 2008/04/17 11:5 p.m.29 views

Stack overflow

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...

6.8CVSS8.1AI score0.17358EPSS
Exploits6References13Affected Software1
UbuntuCve
UbuntuCve
added 2008/04/17 11:5 p.m.25 views

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...

6.8CVSS6.2AI score0.11778EPSS
Exploits1References1
NVD
NVD
added 2008/04/17 11:5 p.m.30 views

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...

6.8CVSS7.8AI score0.11778EPSS
Exploits1References13
CVE
CVE
added 2008/04/17 11:0 p.m.67 views

CVE-2008-1881

VLC 0.8.6e contains a stack-based buffer overflow in ParseSSA (modules/demux/subtitle.c) that can be triggered by a long SSA subtitle, allowing remote code execution. This CVE is CVE-2008-1881; related OpenVAS and Debian advisories document the issue as a real vulnerability and note Debian/ Gento...

6.8CVSS7.7AI score0.11778EPSS
Exploits1References13Affected Software1
Debian CVE
Debian CVE
added 2008/04/17 11:0 p.m.55 views

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...

6.8CVSS7.2AI score0.11778EPSS
Exploits1
Cvelist
Cvelist
added 2008/04/17 11:0 p.m.30 views

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...

7.7AI score0.11778EPSS
Exploits1References13
Prion
Prion
added 2008/04/04 12:44 a.m.44 views

Integer overflow

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888...

6.8CVSS7.6AI score0.09334EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2008/04/04 12:44 a.m.26 views

CVE-2008-1374

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888...

6.8CVSS7.6AI score0.03873EPSS
Exploits0References8
CVE
CVE
added 2008/04/04 12:0 a.m.81 views

CVE-2008-1374

CVE-2008-1374 describes an integer overflow in the CUPS pdftops filter on 64-bit Red Hat Enterprise Linux 3/4, allowing remote code execution via a crafted PDF. It is noted as a follow-up to an incomplete fix for CVE-2004-0888. The vulnerability affects 64-bit builds and could let an attacker run...

6.8CVSS7.6AI score0.03873EPSS
Exploits0References8Affected Software1
RedHat Linux
RedHat Linux
added 2008/04/01 2:23 p.m.3 views

cups: incomplete fix for CVE-2004-0888 / CVE-2005-0206

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888...

10CVSS6.3AI score0.09334EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/03/31 10:44 p.m.18 views

CVE-2008-1570

Race condition in the createlockpath function in policyd-weight 0.1.14 beta-16 allows local users to modify or delete arbitrary files by creating the LOCKPATH directory, then modifying it after the symbolic link check occurs. NOTE: this is due to an incomplete fix for CVE-2008-1569...

6.9CVSS6AI score0.00224EPSS
Exploits0References1
Rows per page
Query Builder