Design/Logic Flaw

Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mtrand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681...

perl-Crypt-CBC weaker encryption with some ciphers

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

Coppermine Photo Gallery <= 1.4.18 LFI / Remote Code Execution Exploit

Exploit for unknown platform in category web applications ====================================================================== Coppermine Photo Gallery authenticate; ... 301. // Process language selection if present in URI or in user profile or try 302. // autodetection if default charset is...

poppler library DoS

Problem with PDF file widgets initialization...

kernel security update

CentOS Errata and Security Advisory CESA-2008:0607 Updated kernel packages that fix a security issue and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain...

RHEL 4 : kernel (RHSA-2008:0607)

Updated kernel packages that fix a security issue and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix a security issue and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating...

CVE-2008-2807

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file...

CVE-2008-1576

Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service application crash, or obtain sensitive information memory contents in opportunistic circumstances, b...

CVE-2008-1576

CVE-2008-1576 affects Mac OS X Mail prior to 10.5 when connecting to an IPv6 SMTP server. It involves an uninitialized memory buffer in the SMTP path that could allow remote code execution, memory disclosure, or a crash. The related OpenVAS/Nessus entries confirm Mail as the affected component an...

CVE-2008-1576

Mail in Apple Mac OS X before 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote attackers to execute arbitrary code or cause a denial of service application crash, or obtain sensitive information memory contents in opportunistic circumstances, b...

[NSG_28-5-08] CA Internet Security Suite 2008 &#40;UmxEventCli.dll/SaveToFile&#40;&#41;&#41; remote file corruption poc

!-- CA Internet Security Suite 2008 UmxEventCli.dll/SaveToFile remote file corruption poc by Nine:Situations:Group::surfista this control is safe for scripting and safe for initialize original one: http://retrogod.altervista.org/9sgCApoc.html -- htmlobject...

Stack overflow

Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control PSPUploader.ocx allow remote attackers to execute arbitrary code via unspecified initialization parameters...

DEBIAN-CVE-2008-2004

The driveinit function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted...

IPSec ESP kernel panics

The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service crash via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV...

Information disclosure

db2dasrrm in the DB2 Administration Server DAS in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization...

Apache-SSL multiple security vulnerabilities

Multiple vulnerabilities on environment variable initialization from client certificates data...

Design/Logic Flaw

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...

CVE-2008-1302

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...

NULL dereference in iwl driver

The iwlsetrate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwlgethwmode return value without checking for NULL, which might allow remote attackers to cause a denial of service kernel panic via unspecified vectors during module initialization...