Total
1224 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1302 | 2 Microsoft, Perforce | 2 Windows, Perforce Server | 2024-08-07 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access. | ||||
| CVE-2008-1384 | 1 Php | 1 Php | 2024-08-07 | N/A |
| Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions). | ||||
| CVE-2008-1377 | 2 Redhat, X | 2 Enterprise Linux, X11 | 2024-08-07 | N/A |
| The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. | ||||
| CVE-2008-1338 | 1 Perforce | 1 Perforce Server | 2024-08-07 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted. | ||||
| CVE-2008-1267 | 1 Siemens | 1 Speedstream 6520 | 2024-08-07 | N/A |
| The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service (web interface crash) via an HTTP request to basehelp_English.htm with a large integer in the Content-Length field. | ||||
| CVE-2008-1034 | 1 Apple | 1 Mac Os X | 2024-08-07 | N/A |
| Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow. | ||||
| CVE-2008-0988 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
| Off-by-one error in the Libsystem strnstr API in libc on Apple Mac OS X 10.4.11 allows context-dependent attackers to cause a denial of service (crash) via crafted arguments that trigger a buffer over-read. | ||||
| CVE-2008-0986 | 1 Google | 1 Android Sdk | 2024-08-07 | N/A |
| Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. | ||||
| CVE-2008-0944 | 1 Ipswitch | 1 Instant Messaging | 2024-08-07 | N/A |
| Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of service (NULL dereference and application crash) via a version field containing zero. | ||||
| CVE-2008-0891 | 1 Openssl | 1 Openssl | 2024-08-07 | N/A |
| Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0726 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2024-08-07 | N/A |
| Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. | ||||
| CVE-2008-0767 | 2 Extremez, Extremez-ip | 2 Print Server, File Server | 2024-08-07 | N/A |
| ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read. | ||||
| CVE-2008-0668 | 2 Gnome, Redhat | 2 Gnumeric, Fedora | 2024-08-07 | N/A |
| The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0550 | 1 Radio Toolbox | 1 Steamcast | 2024-08-07 | N/A |
| Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header. | ||||
| CVE-2008-0387 | 1 Firebirdsql | 1 Firebird | 2024-08-07 | N/A |
| Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption. | ||||
| CVE-2008-0548 | 1 Radio Toolbox | 1 Steamcast | 2024-08-07 | N/A |
| Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc fails. | ||||
| CVE-2008-0486 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2024-08-07 | N/A |
| Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. | ||||
| CVE-2008-0434 | 1 Gecad Technologies | 1 Axigen Mail Server | 2024-08-07 | N/A |
| Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command. | ||||
| CVE-2008-0549 | 1 Radio Toolbox | 1 Steamcast | 2024-08-07 | N/A |
| Integer overflow in the OggHeaderParse function in Steamcast 0.9.75 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via a long Ogg tag. | ||||
| CVE-2008-0485 | 1 Mplayer | 1 Mplayer | 2024-08-07 | N/A |
| Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. | ||||