| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified parameters, a different issue than CVE-2008-0610. |
| Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information. |
| SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program. |
| Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to qpconfig_sample.xml, aka SPR CWIR7KMPVP and THES7F9NVR, a different vulnerability than CVE-2008-2163 and CVE-2008-3860. |
| The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache. |
| browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI. |
| Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. |
| Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address. |
| Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions. |
| The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class. |
| Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool (inc/lib/attachment.lib.php) in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename validation. NOTE: some details were obtained from third party information. |
| Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character in (1) a PHPSESSID cookie or (2) the id parameter in an article action in index.php, which reveal the path in various error messages. |
| The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check. |
| Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file. |
| Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document. |
| Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. |
| Apple QuickTime before 7.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted ftyp atoms in a movie file, which triggers memory corruption. |
| Flyspray 0.9.9.4 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames. |
| Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. |
