The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2008-5025 | Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. | High | Nov 18, 2008 |
CVE-2008-5024 | Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document. | High | Nov 13, 2008 |
CVE-2008-5023 | Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file. | High | Nov 13, 2008 |
CVE-2008-5022 | The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check. | High | Nov 13, 2008 |
CVE-2008-5021 | nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory. | High | Nov 13, 2008 |
CVE-2008-5020 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0017. Reason: This candidate is a reservation duplicate of CVE-2008-0017. Notes: All CVE users should reference CVE-2008-0017 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | REJECT | Mar 26, 2009 |
CVE-2008-5019 | The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors. | Medium | Nov 17, 2008 |
CVE-2008-5018 | The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to insufficient class checking in the Date class. | High | Nov 13, 2008 |
CVE-2008-5017 | Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors. | High | Nov 13, 2008 |
CVE-2008-5016 | The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other consequences. | Medium | Nov 17, 2008 |
CVE-2008-5015 | Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system. | Medium | Nov 17, 2008 |
CVE-2008-5014 | jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying the window.__proto__.__proto__ object in a way that causes a lock on a non-native object, which triggers an assertion failure related to the OBJ_IS_NATIVE function. | High | Nov 13, 2008 |
CVE-2008-5013 | Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that dynamically unloads itself from an outside JavaScript function, which triggers an access of an expired memory address. | High | Nov 13, 2008 |
CVE-2008-5012 | Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. | Medium | Nov 13, 2008 |
CVE-2008-5011 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to qpconfig_sample.xml, aka SPR CWIR7KMPVP and THES7F9NVR, a different vulnerability than CVE-2008-2163 and CVE-2008-3860. | Medium | Nov 15, 2008 |
CVE-2008-5010 | in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the number of offers, aka Bug ID 6713805. | High | Nov 15, 2008 |
CVE-2008-5009 | Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file. | Medium | Nov 15, 2008 |
CVE-2008-5008 | Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when extreme low conversion ratios are used, allows user-assisted attackers to have an unknown impact via a crafted audio file. | HIGH | Nov 10, 2008 |
CVE-2008-5007 | create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory. | Medium | Nov 10, 2008 |
CVE-2008-5006 | smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code. | Medium | Nov 10, 2008 |
CVE-2008-5005 | Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and \'+\' character followed by a long string, processed by the tmail or possibly dmail program. | High | Nov 15, 2008 |
CVE-2008-5004 | SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | High | Nov 10, 2008 |
CVE-2008-5003 | SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | High | Nov 10, 2008 |
CVE-2008-5002 | Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information. | High | Nov 10, 2008 |
CVE-2008-5001 | Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified parameters, a different issue than CVE-2008-0610. | High | Nov 10, 2008 |
CVE-2008-5000 | SQL injection vulnerability in admin/includes/Unchangeds.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the Unchangeds_id parameter. | Medium | Nov 10, 2008 |
CVE-2008-4999 | Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to cause a denial of service (crash) via a long ping packet (ping of death). NOTE: this issue could not be reproduced by a third party, who tested it on 0604DAD. In addition, the original researcher was not able to reliably reproduce the issue. | High | Nov 10, 2008 |
CVE-2008-4998 | ** DISPUTED ** postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating this bug is invalid. | Medium | Nov 10, 2008 |
CVE-2008-4997 | ** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely an EXAMPLE used in the manpage. | Medium | Nov 10, 2008 |
CVE-2008-4996 | ** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that init is [used in] a single-user context; there\'s no possibility that this is exploitable. | Medium | Nov 10, 2008 |
CVE-2008-4995 | redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default. | Medium | Nov 10, 2008 |
CVE-2008-4994 | The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.*pid temporary file. | Medium | Nov 10, 2008 |
CVE-2008-4993 | qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file. | Medium | Nov 7, 2008 |
CVE-2008-4992 | The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and 7.1.3 through 7.1.3.e on UltraSPARC T1, T2, and T2+ processors allows logical domain users to access memory in other logical domains via unknown vectors. | Medium | Nov 7, 2008 |
CVE-2008-4991 | SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and earlier, 1.4.7 and earlier, and 1.5.0-beta2 and earlier; and Community Edition 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the parameter. | High | Nov 6, 2008 |
CVE-2008-4990 | Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file. | Medium | Feb 10, 2009 |
CVE-2008-4989 | The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN). | Medium | Nov 13, 2008 |
CVE-2008-4988 | pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal##### temporary file. | Medium | Nov 6, 2008 |
CVE-2008-4987 | xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts. | Medium | Nov 6, 2008 |
CVE-2008-4986 | wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/env#####, (b) /tmp/sed#####, and (c) /tmp/referer-home.log temporary files, related to the (1) coqweb and (2) account.sh scripts. | Medium | Nov 6, 2008 |
CVE-2008-4985 | vdrleaktest in vdr 1.6.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/memleaktest.log temporary file. | Medium | Nov 6, 2008 |
CVE-2008-4984 | scratchbox2 1.99.0.24 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/dpkg.#####.tmp, (b) /tmp/missing_deps.#####, and (c) /tmp/sb2-pkg-chk.$tstamp.##### temporary files, related to the (1) dpkg-checkbuilddeps and (2) sb2-check-pkg-mappings scripts. | Medium | Nov 6, 2008 |
CVE-2008-4983 | scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2, (c) /tmp/SciLink#####3, (d) /tmp/*.#####, (e) /tmp/*.#####.res, (f) /tmp/*.#####.err, and (g) /tmp/*.#####.diff temporary files, related to the (1) scilink, (2) scidoc, and (3) scidem scripts. | Medium | Nov 6, 2008 |
CVE-2008-4982 | rkhunter in rkhunter 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rkhunter-debug temporary file. NOTE: this is probably a different vulnerability than CVE-2005-1270. | Medium | Nov 6, 2008 |
CVE-2008-4981 | perl.robot in realtimebattle 1.0.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl.robot.log temporary file. | Medium | Nov 6, 2008 |
CVE-2008-4980 | delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/cccp_tmp.txt temporary file. | Medium | Nov 6, 2008 |
CVE-2008-4979 | getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/ipacct.#####.prefixes, (2) /tmp/ipacct.#####.sorted, (3) /tmp/ipacct.#####.pl, and (4) /tmp/ipacct.##### temporary files. | Medium | Nov 15, 2008 |
CVE-2008-4978 | radiance 3R9+20080530 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/opt.fmt, (b) /tmp/out#####.fmt, (c) /tmp/tf#####.dat, (d) /tmp/gsf#####, (e) /tmp/sc#####.sh, (f) /tmp/il#####.pic, (g) /tmp/tl#####.pic, (h) /tmp/ds#####.pic, (i) /tmp/tfa#####, and (j) /tmp/sed##### temporary files, related to the (1) optics2rad, (2) pdelta, (3) dayfact, and (4) raddepend scripts. | Medium | Nov 6, 2008 |
CVE-2008-4977 | ** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating This is not a real issue ... users would have to edit a script under /usr/lib to enable it. | Medium | Nov 6, 2008 |
CVE-2008-4976 | ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack on (a) /tmp/ogle_audio.#####, (b) /tmp/ogle_cli.#####, (c) /tmp/ogle_ctrl.#####, (d) /tmp/ogle_gui.#####, (e) /tmp/ogle_mpeg_ps.#####, (f) /tmp/ogle_mpeg_vs.#####, (g) /tmp/ogle_nav.#####, and (h) /tmp/ogle_vout.#####, temporary files, related to the (1) ogle_audio_debug, (2) ogle_cli_debug, (3) ogle_ctrl_debug, (4) ogle_gui_debug, (5) ogle_mpeg_ps_debug, (6) ogle_mpeg_vs_debug, (7) ogle_nav_debug, and (8) ogle_vout_debug scripts. | Medium | Nov 6, 2008 |