Lucene search
+L

1205 matches found

UbuntuCve
UbuntuCve
added 2008/08/01 2:41 p.m.53 views

CVE-2008-3440

Sun Java 1.6.003 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS6.2AI score0.02409EPSS
Exploits0References1
NVD
NVD
added 2008/08/01 2:41 p.m.28 views

CVE-2008-3438

Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

8.1CVSS7.9AI score0.00829EPSS
Exploits0References3
Prion
Prion
added 2008/08/01 2:41 p.m.13 views

Design/Logic Flaw

The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.9AI score0.0184EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2008/08/01 2:41 p.m.22 views

CVE-2008-3433

SpeedBit Download Accelerator Plus DAP before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.4AI score0.0184EPSS
Exploits0References3
NVD
NVD
added 2008/08/01 2:41 p.m.30 views

CVE-2008-3434

Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7AI score0.02617EPSS
Exploits1References6
Prion
Prion
added 2008/08/01 2:41 p.m.15 views

Design/Logic Flaw

OpenOffice.org OOo before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.9AI score0.01893EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2008/08/01 2:41 p.m.18 views

CVE-2008-3436

The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.4AI score0.0184EPSS
Exploits0References3
NVD
NVD
added 2008/08/01 2:41 p.m.25 views

CVE-2008-3440

Sun Java 1.6.003 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.5AI score0.02409EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/08/01 2:41 p.m.32 views

CVE-2008-3437

OpenOffice.org OOo before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS6AI score0.01893EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.27 views

CVE-2008-3438

Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.9AI score0.00829EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.27 views

CVE-2008-3434

Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7AI score0.02617EPSS
Exploits1References6
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.22 views

CVE-2008-3437

OpenOffice.org OOo before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.4AI score0.01893EPSS
Exploits0References4
CVE
CVE
added 2008/08/01 2:0 p.m.42 views

CVE-2008-3435

The CVE-2008-3435 issue affects the LinkedIn Browser Toolbar (version 3.0.3.1100 and earlier) where the update mechanism does not properly verify authenticity, enabling a man-in-the-middle to deliver a Trojan horse update and execute arbitrary code. Documented impact is arbitrary code execution v...

7.5CVSS7.4AI score0.0184EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2008/08/01 2:0 p.m.40 views

CVE-2008-3437

OpenOffice.org before 2.1.0 does not properly verify the authenticity of updates, allowing man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. Affected: OOo up to 2.0.x; root cause is failing update verification. Impact: arbitrary code execution through malicious upda...

7.5CVSS7.4AI score0.01893EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2008/08/01 2:0 p.m.49 views

CVE-2008-3433

CVE-2008-3433 affects SpeedBit Download Accelerator Plus (DAP) prior to 8.6.3.9. The issue is that DAP does not properly verify update authenticity, enabling a man-in-the-middle to substitute a Trojan-horse update and allow arbitrary code execution. The vulnerability is demonstrated by references...

7.5CVSS7.5AI score0.0184EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.21 views

CVE-2008-3435

LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.4AI score0.0184EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.30 views

CVE-2008-3440

Sun Java 1.6.003 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5AI score0.02409EPSS
Exploits0References4
CVE
CVE
added 2008/08/01 2:0 p.m.50 views

CVE-2008-3441

Winamp prior to 5.24 fails to verify update authenticity, enabling MITM attackers to run arbitrary code through Trojan horse updates. The vulnerability is demonstrated by use of evilgrade and DNS cache poisoning. Affected component is the update verification process; root cause relates to insuffi...

7.5CVSS7.5AI score0.02534EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.24 views

CVE-2008-3436

The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.4AI score0.0184EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.19 views

CVE-2008-3441

Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.4AI score0.02534EPSS
Exploits0References5
Rows per page
Query Builder