Max CVSS | 10.0 | Min CVSS | 5.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-5415 | 10.0 |
The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.
|
07-04-2021 - 18:13 | 11-12-2008 - 15:30 | |
CVE-2006-0301 | 7.5 |
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted
|
19-10-2018 - 15:44 | 30-01-2006 - 22:03 | |
CVE-2007-1511 | 7.1 |
Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name.
|
16-10-2018 - 16:38 | 20-03-2007 - 10:19 | |
CVE-2007-6478 | 6.8 |
Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a .M3U file. NOTE: some of these de
|
15-10-2018 - 21:54 | 20-12-2007 - 20:46 | |
CVE-2008-5416 | 9.0 |
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 an
|
12-10-2018 - 21:49 | 10-12-2008 - 14:00 | |
CVE-2008-5403 | 10.0 |
Heap-based buffer overflow in the XML parser in the AIM plugin in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a malformed XML tag.
|
11-10-2018 - 20:55 | 10-12-2008 - 06:44 | |
CVE-2008-5402 | 10.0 |
Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID."
|
11-10-2018 - 20:55 | 10-12-2008 - 06:44 | |
CVE-2008-5401 | 10.0 |
Stack-based buffer overflow in the image tooltip implementation in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a long image filename, related to "AIM IMG Tag Parsing."
|
11-10-2018 - 20:55 | 10-12-2008 - 06:44 | |
CVE-2008-5420 | 7.8 |
The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files. http://secunia.com/advisories/32801
Apply Patch
|
11-10-2018 - 20:55 | 10-12-2008 - 14:00 | |
CVE-2010-4963 | 7.5 |
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.
|
10-10-2018 - 20:08 | 09-10-2011 - 10:55 | |
CVE-2008-4687 | 9.0 |
manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php.
|
13-05-2018 - 01:29 | 22-10-2008 - 18:00 | |
CVE-2008-5406 | 9.3 |
Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by o
|
29-09-2017 - 01:32 | 10-12-2008 - 06:44 | |
CVE-2008-5418 | 5.1 |
Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
|
29-09-2017 - 01:32 | 10-12-2008 - 14:00 | |
CVE-2008-5405 | 9.3 |
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
|
29-09-2017 - 01:32 | 10-12-2008 - 06:44 | |
CVE-2006-4450 | 5.1 |
usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.
|
20-07-2017 - 01:33 | 30-08-2006 - 01:04 | |
CVE-2008-4418 | 7.8 |
Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors. http://marc.info/?l=bugtraq&m=122893704624601&w=2
HP has made the following software patches avail
|
08-03-2011 - 03:12 | 11-12-2008 - 15:30 |