|
297861
|
- |
|
cecilia
|
cecilia
|
lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.
|
CWE-59
Link Following
|
CVE-2008-1832
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297862
|
- |
|
clam_anti-virus
|
clamav
|
Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-1833
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297863
|
- |
|
clam_anti-virus
|
clamav
|
ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.
|
CWE-20
Improper Input Validation
|
CVE-2008-1835
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297864
|
- |
|
clam_anti-virus
|
clamav
|
The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null termina…
|
NVD-CWE-Other
|
CVE-2008-1836
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297865
|
- |
|
clam_anti-virus
|
clamav
|
libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite f…
|
NVD-CWE-noinfo
CWE-399
Resource Management Errors
|
CVE-2008-1837
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297866
|
- |
|
work_system_e-commerce
|
work_system_e-commerce
|
Multgiple cross-site scripting (XSS) vulnerabilities in module/main.php in WORK system e-commerce 4.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) day, (2) month, and (…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1839
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297867
|
- |
|
w2b
|
dating_club
|
SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action.
|
CWE-89
SQL Injection
|
CVE-2008-1843
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297868
|
- |
|
w2b
|
phphotresources
|
SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter.
|
CWE-89
SQL Injection
|
CVE-2008-1844
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297869
|
- |
|
mirbsd
|
miros
|
The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual termina…
|
NVD-CWE-Other
|
CVE-2008-1845
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297870
|
- |
|
osiaffiliate
|
osiaffiliate
|
Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3…
|
CWE-79
Cross-site Scripting
|
CVE-2008-1850
|
2017-08-8 10:30 |
2008-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
