Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-2376 | 7.5 |
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (
|
13-02-2023 - 02:19 | 09-07-2008 - 00:41 | |
CVE-2008-1447 | 5.0 |
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
|
24-03-2020 - 18:19 | 08-07-2008 - 23:41 | |
CVE-2008-3614 | 6.8 |
Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, which triggers heap corruption.
|
30-10-2018 - 16:25 | 11-09-2008 - 01:13 | |
CVE-2008-2327 | 6.8 |
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file,
|
11-10-2018 - 20:40 | 27-08-2008 - 20:41 | |
CVE-2008-1657 | 6.5 |
OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.
|
11-10-2018 - 20:35 | 02-04-2008 - 18:44 | |
CVE-2008-1483 | 6.9 |
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and
|
11-10-2018 - 20:35 | 24-03-2008 - 23:44 | |
CVE-2008-1387 | 4.3 |
ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
|
11-10-2018 - 20:33 | 16-04-2008 - 16:05 | |
CVE-2008-1382 | 7.5 |
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which
|
11-10-2018 - 20:32 | 14-04-2008 - 16:05 | |
CVE-2008-3621 | 9.3 |
VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving H.264 encoded media.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3622 | 4.3 |
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injecti
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3610 | 7.6 |
Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-password account is enabled, allows attackers to bypass password authentication and login to any account via multiple attempts to login to the blank-password account,
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3617 | 5.0 |
Remote Management and Screen Sharing in Apple Mac OS X 10.5 through 10.5.4, when used to set a password for a VNC viewer, displays additional input characters beyond the maximum password length, which might make it easier for attackers to guess passw
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3611 | 6.3 |
Login Window in Apple Mac OS X 10.4.11 does not clear the current password when a user makes a password-change attempt that is denied by policy, which allows opportunistic, physically proximate attackers to bypass authentication and change this user'
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3608 | 9.3 |
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3613 | 6.1 |
Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3609 | 7.2 |
The kernel in Apple Mac OS X 10.5 through 10.5.4 does not properly flush cached credentials during recycling (aka purging) of a vnode, which might allow local users to bypass the intended read or write permissions of a file.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3618 | 9.0 |
The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vuln
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3616 | 10.0 |
Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via vectors associated with "passing untrus
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-3619 | 2.1 |
Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup log files, which allows local users to obtain sensitive information by reading these files.
|
08-08-2017 - 01:32 | 16-09-2008 - 23:00 | |
CVE-2008-2713 | 5.0 |
libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.
|
08-08-2017 - 01:31 | 16-06-2008 - 21:41 | |
CVE-2008-3215 | 5.0 |
libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.
|
08-08-2017 - 01:31 | 18-07-2008 - 16:41 | |
CVE-2008-2329 | 1.9 |
Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window.
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-1837 | 5.0 |
libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.
|
08-08-2017 - 01:30 | 16-04-2008 - 16:05 | |
CVE-2008-2332 | 9.3 |
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image.
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-2330 | 4.9 |
slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users to select a readable output file into which the server password will be written by an OpenLDAP system administrator, related to the mkfifo function, aka an "ins
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-1833 | 7.5 |
Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.
|
08-08-2017 - 01:30 | 16-04-2008 - 15:05 | |
CVE-2008-1835 | 5.0 |
ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.
|
08-08-2017 - 01:30 | 16-04-2008 - 16:05 | |
CVE-2008-2312 | 4.9 |
Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file.
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-2331 | 5.0 |
Finder in Apple Mac OS X 10.5 through 10.5.4 does not properly update permission data in the Get Info window after a lock operation that modifies Sharing & Permissions in a filesystem, which might allow local users to leverage weak permissions that w
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-1836 | 4.3 |
The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.
|
08-08-2017 - 01:30 | 16-04-2008 - 16:05 | |
CVE-2008-2305 | 9.3 |
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names."
|
08-08-2017 - 01:30 | 16-09-2008 - 23:00 | |
CVE-2008-0314 | 7.5 |
Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.
|
08-08-2017 - 01:29 | 16-04-2008 - 15:05 | |
CVE-2008-1100 | 10.0 |
Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.
|
08-08-2017 - 01:29 | 14-04-2008 - 16:05 |