|
303371
|
- |
|
apple
|
mac_os_x
|
The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted appl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7303
|
2024-11-21 09:58 |
2011-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303372
|
- |
|
netshinesoftware
|
com_netinvoice
|
SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving…
|
CWE-89
SQL Injection
|
CVE-2008-7302
|
2024-11-21 09:58 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303373
|
- |
|
sclek
|
jsite
|
SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unkno…
|
CWE-89
SQL Injection
|
CVE-2008-7301
|
2024-11-21 09:58 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303374
|
- |
|
sun
|
opensolaris
sunos
|
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7300
|
2024-11-21 09:58 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303375
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Iss…
|
CWE-20
Improper Input Validation
|
CVE-2008-7299
|
2024-11-21 09:58 |
2011-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303376
|
- |
|
google
android
|
android
android_browser
|
The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7298
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303377
|
- |
|
opera
|
opera_browser
|
Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7297
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303378
|
- |
|
apple
|
safari
|
Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7296
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303379
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7295
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303380
|
- |
|
google
|
chrome
|
Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7294
|
2024-11-21 09:58 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
