CVE-2008-3429

Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URL...

Remote file inclusion

PHP remote file inclusion vulnerability in activities/workflow-activities.php in XRMS CRM 1.99.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via the includedirectory parameter...

CVE-2008-3294

src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it...

Remote file inclusion

PHP remote file inclusion vulnerability in cms/modules/form.lib.php in Pragyan CMS 2.6.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the 1 sourceFolder or 2 moduleFolder parameter...

Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit

No description provided by source. / $Id: raptorlibdthelp.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi [email protected] Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary...

CVE-2008-3169

Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information...

CVE-2008-3162

Stack-based buffer overflow in the strreadpacket function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service application crash or execute arbitrary code via a crafted STR file that interleaves audio and video sectors...

CVE-2008-3155

Stack-based buffer overflow in the ActiveX control as2guiie.dll in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service crash or execute arbitrary code via a long argument to the Update method...

Format string

Format string vulnerability in dx8render.dll in Snail Game aka Suzhou Snail Electronic Company 5th street aka Hot Step or High Street 5 allows remote attackers to execute arbitrary code via format string specifiers in a chat message...

CVE-2008-2371

Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...

CVE-2008-2986

Multiple PHP remote file inclusion vulnerabilities in phpDMCA 1.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the ourlinuxrootpath parameter to 1 adodb-errorpear.inc.php and 2 adodb-pear.inc.php in adodb/...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the CacheLite package in Mambo 4.6.4 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

CVE-2008-2307

Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service application crash or execute arbitrary code via vectors involving JavaScript arrays that...

CVE-2008-2828

Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field...

Stack overflow

Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field...

CVE-2008-2690

Multiple PHP remote file inclusion vulnerabilities in BrowserCRM 5.002.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the bcrmpubroot parameter to 1 kb.php, 2 login.php, 3 index.php, 4 contactview.php, and 5 contact.php in pub/, different...

XFree86 security update

CentOS Errata and Security Advisory CESA-2008:0502 Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the ...

Memory corruption

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from thir...

Design/Logic Flaw

Untrusted search path vulnerability in 1 reportbug 3.8 and 3.31, and 2 reportbug-ng before 0.2008.06.04, allows local users to execute arbitrary code via a malicious module file in the current working directory...

CVE-2008-1584

Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash or execute arbitrary code via crafted Indeo video codec content in a movie file...