Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1898 | 1 Microsoft | 2 Office, Works | 2018-10-11 | 9.3 HIGH | N/A |
| A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInterface property value, which triggers an improper function call. | |||||
| CVE-2008-1737 | 1 Sophos | 1 Anti-virus | 2018-10-11 | 6.9 MEDIUM | N/A |
| Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function. | |||||
| CVE-2008-1702 | 1 E107 | 2 E107, My Gallery | 2018-10-11 | 4.3 MEDIUM | N/A |
| Absolute path traversal vulnerability in dload.php in the my_gallery 2.3 plugin for e107 allows remote attackers to obtain sensitive information via a full pathname in the file parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1738 | 1 Rising-global | 1 Rising Antivirus | 2018-10-11 | 2.1 LOW | N/A |
| Rising Antivirus 2008 before 20.38.20 allows local users to cause a denial of service (system crash) via an invalid pointer to the _CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function. | |||||
| CVE-2008-1562 | 1 Wireshark | 1 Wireshark | 2018-10-11 | 5.0 MEDIUM | N/A |
| The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740. | |||||
| CVE-2008-1492 | 1 Coronamatrix | 1 Phpaddressbook | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also present in 2.0. | |||||
| CVE-2008-1585 | 1 Apple | 1 Quicktime | 2018-10-11 | 6.8 MEDIUM | N/A |
| Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file: URLs. | |||||
| CVE-2008-1478 | 1 Ari Pikivirta | 1 Home Ftp Server | 2018-10-11 | 5.0 MEDIUM | N/A |
| Home FTP Server 1.4.5.89 allows remote attackers to cause a denial of service (crash) by opening a FTP passive mode connection, then closing the original FTP connection. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1411 | 1 Acronis | 1 Snap Deploy | 2018-10-11 | 5.0 MEDIUM | N/A |
| The PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service (crash) via an incomplete TFTP request, which triggers a NULL pointer dereference. | |||||
| CVE-2008-1311 | 1 Packettrap | 1 Pt360 Tool Suite Pro | 2018-10-11 | 5.0 MEDIUM | N/A |
| The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to cause a denial of service (daemon hang) by uploading a file named (1) '|' (pipe), (2) '"' (quotation mark), or (3) "<>" (less than, greater than); or (4) a file with a long name. NOTE: the issue for vector 4 might exist because of an incomplete fix for CVE-2008-1312. | |||||
| CVE-2008-1303 | 1 Perforce | 1 Perforce Server | 2018-10-11 | 5.0 MEDIUM | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a missing parameter to the (1) dm-FaultFile, (2) dm-LazyCheck, (3) dm-ResolvedFile, (4) dm-OpenFile, (5) crypto, and possibly unspecified other commands, which triggers a NULL pointer dereference. | |||||
| CVE-2008-1245 | 1 Belkin | 1 F5d7230-4 | 2018-10-11 | 7.8 HIGH | N/A |
| cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header. | |||||
| CVE-2008-1249 | 1 Snom | 1 320 Sip Phone | 2018-10-11 | 9.4 HIGH | N/A |
| snomControl.swf in the central phone server for the Snom 320 SIP Phone allows remote attackers to cause a denial of service (application crash and corruption of call logs) via a "'); (double quote, quote, close parenthesis, semicolon) sequence in the "Call a number" field. | |||||
| CVE-2008-1265 | 1 Linksys | 1 Wrt54g | 2018-10-11 | 7.8 HIGH | N/A |
| The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. | |||||
| CVE-2008-1279 | 1 Acronis | 1 True Image | 2018-10-11 | 5.0 MEDIUM | N/A |
| Acronis True Image Group Server 1.5.19.191 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a packet with an invalid length field, which causes an out-of-bounds read. | |||||
| CVE-2008-1277 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2018-10-11 | 9.0 HIGH | N/A |
| The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference. | |||||
| CVE-2008-1280 | 1 Acronis | 2 True Image, True Image Windows Agent | 2018-10-11 | 5.0 MEDIUM | N/A |
| Acronis True Image Windows Agent 1.0.0.54 and earlier, included in Acronis True Image Enterprise Server 9.5.0.8072 and the other True Image packages, allows remote attackers to cause a denial of service (crash) via a malformed packet to port 9876, which triggers a NULL pointer dereference. | |||||
| CVE-2008-1278 | 1 Remotelyanywhere | 1 Remotelyanywhere | 2018-10-11 | 5.0 MEDIUM | N/A |
| The RemotelyAnywhere.exe service in the Remotely Anywhere Server and Workstation 8.0.668 and earlier allows remote attackers to cause a denial of service (crash) via an invalid Accept-Charset header, which triggers a NULL pointer dereference. NOTE: the service is automatically restarted. | |||||
| CVE-2008-1337 | 1 Netopia | 1 Timbuktu Pro | 2018-10-11 | 5.0 MEDIUM | N/A |
| The instant message service in Timbuktu Pro 8.6.5 RC 229 and earlier for Windows allows remote attackers to cause (1) a denial of service (daemon crash) via an invalid Version field or (2) a denial of service (CPU consumption and daemon termination) via an invalid or partial message. | |||||
| CVE-2008-1197 | 2 Marvell, Netgear | 2 88w8361w-bem1, Wn802t | 2018-10-11 | 6.3 MEDIUM | N/A |
| The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID." | |||||