Lucene search
+L

27 matches found

saint
saint
added 2011/10/31 12:0 a.m.25 views

Symantec IM Manager IMAdminLDAPConfig.asp SQL injection

Added: 10/31/2011 CVE: CVE-2011-0553 BID: 49738 OSVDB: 75984 Background Symantec IM Manager is a solution for managing and securing instant-messaging traffic in an enterprise. Problem An SQL injection vulnerability in IMAdminLDAPConfig.asp allows remote, authenticated attackers to execute arbitra...

7.5CVSS7.8AI score0.01854EPSS
Exploits4
nvd
nvd
added 2008/08/18 5:41 p.m.20 views

CVE-2008-3324

The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of updates, which allows remote man-in-the-middle attackers to execute arbitrary code via a Trojan horse update...

8.1CVSS8.3AI score0.0136EPSS
Exploits0References4
prion
prion
added 2008/08/01 2:41 p.m.17 views

Design/Logic Flaw

Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS8AI score0.02534EPSS
Exploits0References5Affected Software1
prion
prion
added 2008/08/01 2:41 p.m.21 views

Design/Logic Flaw

Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.6AI score0.00829EPSS
Exploits0References3Affected Software1
prion
prion
added 2008/08/01 2:41 p.m.19 views

Design/Logic Flaw

WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS8AI score0.03758EPSS
Exploits0References4Affected Software1
cve
cve
added 2008/08/01 2:0 p.m.51 views

CVE-2008-3442

WinZip before 11.0 is affected. The vulnerability arises because updates are not properly authenticated, enabling a man‑in‑the‑middle to run arbitrary code via a Trojan horse update. Demonstrations referenced include evilgrade and DNS cache poisoning. No patch/version remediation details are prov...

7.5CVSS7.5AI score0.03758EPSS
Exploits0References4Affected Software1
cve
cve
added 2008/08/01 2:0 p.m.38 views

CVE-2008-3439

CVE-2008-3439 affects SpeedBit Video Acceleration prior to 2.2.1.8. The vulnerability arises from improper verification of update authenticity, enabling a man‑in‑the‑middle to run arbitrary code via a Trojan‑horse update. Demonstrations linked to evilgrade and DNS cache poisoning illustrate the i...

7.5CVSS7.5AI score0.0184EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder