CVE-2008-2908

Public exploit
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
41.03%
Published
2008-06-30
Updated
2017-08-08

CVE-2008-2905

Public exploit
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Max CVSS
6.8
EPSS Score
30.16%
Published
2008-06-30
Updated
2017-09-29

CVE-2008-2789

Public exploit
SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
Max CVSS
7.5
EPSS Score
1.20%
Published
2008-06-20
Updated
2017-09-29

CVE-2008-2703

Public exploit
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
Max CVSS
10.0
EPSS Score
89.17%
Published
2008-06-13
Updated
2018-10-11

CVE-2008-2683

Public exploit
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second argument. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
83.49%
Published
2008-06-12
Updated
2017-09-29

CVE-2008-2639

Public exploit
Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222.
Max CVSS
7.6
EPSS Score
82.20%
Published
2008-06-16
Updated
2018-10-11

CVE-2008-2551

Public exploit
The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6 Messenger 1.0.0.1 allows remote attackers to force the download and execution of arbitrary files via a URL in the propDownloadUrl parameter with the propPostDownloadAction parameter set to "run."
Max CVSS
9.3
EPSS Score
95.25%
Published
2008-06-04
Updated
2018-10-11

CVE-2008-1661

Public exploit
Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.
Max CVSS
10.0
EPSS Score
93.75%
Published
2008-06-04
Updated
2017-08-08
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!