|
299251
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2324
|
2017-08-8 10:30 |
2008-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299252
|
- |
|
apple
|
quicklook
|
QuickLook in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office …
|
CWE-399
Resource Management Errors
|
CVE-2008-2325
|
2017-08-8 10:30 |
2008-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299253
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window.
|
CWE-200
Information Exposure
|
CVE-2008-2329
|
2017-08-8 10:30 |
2008-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299254
|
- |
|
apple
|
mac_os_x_server
|
slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system adminis…
|
CWE-200
Information Exposure
|
CVE-2008-2330
|
2017-08-8 10:30 |
2008-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299255
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-2331
|
2017-08-8 10:30 |
2008-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299256
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a cra…
|
CWE-399
Resource Management Errors
|
CVE-2008-2332
|
2017-08-8 10:30 |
2008-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299257
|
- |
|
aspindir
|
philboard
|
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) a…
|
CWE-89
SQL Injection
|
CVE-2008-2334
|
2017-08-8 10:30 |
2008-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299258
|
- |
|
typo3
|
air_filemanager
|
Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2008-2344
|
2017-08-8 10:30 |
2008-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299259
|
- |
|
typo3
|
air_filemanager
|
Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filt…
|
CWE-94
Code Injection
|
CVE-2008-2345
|
2017-08-8 10:30 |
2008-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299260
|
- |
|
bcoos
|
bcoos
|
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2008-2350
|
2017-08-8 10:30 |
2008-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
