|
307051
|
- |
|
novell
|
identity_manager_roles_based_provisioning_module
user_application
|
Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5095
|
2012-10-31 12:06 |
2008-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307052
|
- |
|
adobe
|
adobe_air
|
Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to execute untrusted JavaScript in an AIR application via unknown attack vectors.
|
NVD-CWE-noinfo
CWE-94
Code Injection
|
CVE-2008-5108
|
2012-10-31 12:06 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307053
|
- |
|
freebsd
|
freebsd-sendpr
|
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pr.##### temporary file.
|
CWE-59
Link Following
|
CVE-2008-5142
|
2012-10-31 12:06 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307054
|
- |
|
dann_frazier
|
systemimager-server
|
si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.inetd.conf or (2) /tmp/pxe.conf.*.tmp temporary file.
|
CWE-59
Link Following
|
CVE-2008-5156
|
2012-10-31 12:06 |
2008-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307055
|
- |
|
apple
|
safari
|
The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch …
|
CWE-200
Information Exposure
|
CVE-2008-4216
|
2012-10-31 12:04 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307056
|
- |
|
hp
|
service_manager
|
Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-4415
|
2012-10-31 12:04 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307057
|
- |
|
apple
|
safari
|
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser…
|
CWE-200
Information Exposure
|
CVE-2008-3644
|
2012-10-31 12:01 |
2008-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307058
|
- |
|
gnome
|
screensaver
|
The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.
|
NVD-CWE-Other
|
CVE-2007-6389
|
2012-10-31 11:48 |
2007-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307059
|
- |
|
ssl-explorer
|
ssl-explorer
|
Directory traversal vulnerability in fileSystem.do in SSL-Explorer before 0.2.14 allows remote attackers to access arbitrary files via directory traversal sequences in the path parameter. NOTE: some…
|
CWE-22
Path Traversal
|
CVE-2007-5831
|
2012-10-31 11:46 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307060
|
- |
|
ibm
|
db2_universal_database
|
IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vagu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6051
|
2012-10-31 11:46 |
2007-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
