Lucene search
K

825 matches found

Prion
Prion
added 2008/12/10 2:0 p.m.12 views

Design/Logic Flaw

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name SPN identifier when validating replies to authentication requests, which allows remote servers to execute arbitrary code via...

10CVSS7.9AI score0.1583EPSS
Exploits1References8Affected Software3
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.30 views

CVE-2008-3009

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name SPN identifier when validating replies to authentication requests, which allows remote servers to execute arbitrary code via...

7.6AI score0.1583EPSS
Exploits1References8
CVE
CVE
added 2008/12/10 1:33 p.m.51 views

CVE-2008-3010

CVE-2008-3010 relates to ISATAP handling in Windows Media components (Windows Media Player 6.4, Windows Media Format Runtime 7.1–11, Windows Media Services 4.1 and 9) where ISATAP addresses are misclassified in the Local Intranet zone, risking NTLM credential leakage and potential remote code exe...

10CVSS7.5AI score0.15194EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2008/12/05 12:30 a.m.21 views

CVE-2008-5329

ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a client's submissions and changes to an arbitrary database by specifying multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties file...

7.5CVSS6.5AI score0.01594EPSS
Exploits0References3
Prion
Prion
added 2008/12/05 12:30 a.m.22 views

Design/Logic Flaw

ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a client's submissions and changes to an arbitrary database by specifying multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties file...

7.5CVSS7.1AI score0.01594EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/12/05 12:0 a.m.20 views

CVE-2008-5329

ClearQuest Web in IBM Rational ClearQuest MultiSite before 7.1 allows remote servers to direct a client's submissions and changes to an arbitrary database by specifying multiple comma-separated server identifiers on the JTLRMIREGISTRYSERVERS line in a jtl.properties file...

6.5AI score0.01594EPSS
Exploits0References3
OSV
OSV
added 2008/10/22 6:0 p.m.4 views

CVE-2008-4677

autoload/netrw.vim aka the Netrw Plugin 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts, which allows remote...

6.1AI score
Exploits0References15
Cvelist
Cvelist
added 2008/10/22 5:0 p.m.27 views

CVE-2008-4677

autoload/netrw.vim aka the Netrw Plugin 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts, which allows remote...

7.4AI score0.01953EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2008/10/14 3:28 p.m.1 views

CVE-2008-4546

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service NULL pointer dereference and browser crash by returning a different response when an HTTP request is sent a second time, as demonstrated by two...

4.3CVSS5.6AI score0.16769EPSS
Exploits1References34
Cvelist
Cvelist
added 2008/09/29 7:0 p.m.22 views

CVE-2008-4321

Buffer overflow in FlashGet formerly JetCar FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command...

7.6AI score0.05737EPSS
Exploits5References8
CVE
CVE
added 2008/09/25 7:0 p.m.40 views

CVE-2008-4246

Affected software: Denora IRC Stats Server (before 1.4.1). Vulnerability: Unspecified issue allowing remote IRC servers to trigger a denial of service (application crash) via a crafted CTCP response. Root cause / vectors: Documented across multiple sources; CTCP response handling is the trigger. ...

5CVSS6.5AI score0.01196EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.26 views

FreeBSD Ports: ez-ipupdate

The remote host is missing an update to the system as announced in the referenced advisory. VID e69ba632-326f-11d9-b5b7-000854d03344 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

10CVSS6.3AI score0.03818EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.15 views

FreeBSD Ports: openvpn-devel

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.6CVSS6.7AI score0.02117EPSS
Exploits0References2
Prion
Prion
added 2008/08/27 3:21 p.m.25 views

Null pointer dereference

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

4.3CVSS6.6AI score0.02266EPSS
Exploits0References18Affected Software1
UbuntuCve
UbuntuCve
added 2008/08/27 3:21 p.m.30 views

CVE-2008-3746

neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...

4.3CVSS5.9AI score0.02266EPSS
Exploits0References2
NVD
NVD
added 2008/08/18 5:41 p.m.28 views

CVE-2008-2233

The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers to replay SSL sessions via unspecified vectors...

7.5CVSS6.5AI score0.01207EPSS
Exploits1References4
Prion
Prion
added 2008/08/18 5:41 p.m.21 views

Code injection

The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers to replay SSL sessions via unspecified vectors...

7.5CVSS7AI score0.01207EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/08/18 5:15 p.m.34 views

CVE-2008-2233

The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, allows remote Openwsman servers to replay SSL sessions via unspecified vectors...

6.5AI score0.01207EPSS
Exploits1References4
NVD
NVD
added 2008/08/04 7:41 p.m.18 views

CVE-2008-3459

Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via crafted 1 lladdr and 2 iproute configuration directives, probably related to shell metacharacters...

7.6CVSS7.4AI score0.02117EPSS
Exploits0References5
Prion
Prion
added 2008/07/28 5:41 p.m.16 views

Design/Logic Flaw

setup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which allows remote Cygwin mirror servers or man-in-the-middle attackers to execute arbitrary code via a package list containing the MD5 checksum of a Trojan horse package...

7.6CVSS8AI score0.02649EPSS
Exploits2References9Affected Software1
Rows per page
Query Builder