Security Vulnerabilities, CVEs, Published In June 2008
CVE-2008-2908
Public exploit
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
41.03%
Published
2008-06-30
Updated
2017-08-08
CVE-2008-2905
Public exploit
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Max CVSS
6.8
EPSS Score
30.16%
Published
2008-06-30
Updated
2017-09-29
CVE-2008-2789
Public exploit
SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
Max CVSS
7.5
EPSS Score
1.20%
Published
2008-06-20
Updated
2017-09-29
CVE-2008-2703
Public exploit
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
Max CVSS
10.0
EPSS Score
89.17%
Published
2008-06-13
Updated
2018-10-11
CVE-2008-2683
Public exploit
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second argument. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
83.49%
Published
2008-06-12
Updated
2017-09-29
CVE-2008-2639
Public exploit
Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222.
Max CVSS
7.6
EPSS Score
82.20%
Published
2008-06-16
Updated
2018-10-11
CVE-2008-2551
Public exploit
The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6 Messenger 1.0.0.1 allows remote attackers to force the download and execution of arbitrary files via a URL in the propDownloadUrl parameter with the propPostDownloadAction parameter set to "run."
Max CVSS
9.3
EPSS Score
95.25%
Published
2008-06-04
Updated
2018-10-11
CVE-2008-1661
Public exploit
Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.
Max CVSS
10.0
EPSS Score
93.75%
Published
2008-06-04
Updated
2017-08-08
8 vulnerabilities found