| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2009. Notes: none |
| Format string vulnerability in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit imap-2007d and other applications, allows remote attackers to execute arbitrary code via format string specifiers in the initial request to the IMAP port (143/tcp). NOTE: Red Hat has disputed the vulnerability, stating "The Red Hat Security Response Team have been unable to confirm the existence of this format string vulnerability in the toolkit, and the sample published exploit is not complete or functional." CVE agrees that the exploit contains syntax errors and uses Unix-only include files while invoking Windows functions |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none |
| This candidate is unused by its CNA. |
| This candidate is unused by its CNA. |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not a security issue. It was originally created based on one vendor's misinterpretation of an upstream changelog comment that referred to a race condition in the winbind daemon (aka winbindd) in Samba before 3.0.32. The upstream vendor states: "The Samba Team sees no way to exploit this race condition by a user of the system or an external attacker. In order to be able to trigger the race condition a privileged user (root) need to intentionally kill a winbind child process and carefully time the killing to trigger the race condition. Although, if the user is already privileged, it can more easily just kill the parent process directly." CVE concurs with the dispute. Notes: CVE users should not use this identifier |
| SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows remote attackers to execute arbitrary SQL commands via the menuID parameter. NOTE: CVE and multiple reliable third parties dispute this issue, since TinyMCE does not contain index.php or any PHP code. This may be an issue in a product that has integrated TinyMCE |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate was originally recorded for a "SPLAT Remote Root Exploit" that was claimed to exist for Check Point SmartCenter. The claim has no actionable details and was disclosed by a person of unknown reliability who did not coordinate with the vendor. No people of known reliability have confirmed the original claim. The vendor has not indicated that they are aware of any vulnerability. Since the claim has no actionable details or independent verification, it is outside the scope of CVE according to current inclusion criteria |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none |
