CVE-2008-5191

Public exploit
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
Max CVSS
7.5
EPSS Score
2.00%
Published
2008-11-21
Updated
2017-09-29

CVE-2008-5180

Public exploit
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation of many sessions.
Max CVSS
5.0
EPSS Score
63.84%
Published
2008-11-20
Updated
2024-02-02

CVE-2008-5159

Public exploit
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.
Max CVSS
10.0
EPSS Score
56.95%
Published
2008-11-18
Updated
2018-10-11

CVE-2008-5036

Public exploit
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.
Max CVSS
9.3
EPSS Score
97.20%
Published
2008-11-10
Updated
2018-10-11

CVE-2008-5002

Public exploit
Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
74.93%
Published
2008-11-10
Updated
2017-09-29

CVE-2008-4922

Public exploit
Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties.
Max CVSS
9.3
EPSS Score
73.15%
Published
2008-11-04
Updated
2017-09-29

CVE-2008-4037

Public exploit
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.
Max CVSS
9.3
EPSS Score
11.59%
Published
2008-11-12
Updated
2023-12-07

CVE-2008-2992

Known exploited
Public exploit
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
Max CVSS
9.3
EPSS Score
97.17%
Published
2008-11-04
Updated
2018-10-30
CISA KEV Added
2022-03-03
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!