CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3435
https://notcve.org/view.php?id=CVE-2008-3435
01 Aug 2008 — LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. LinkedIn Browser Toolbar 3.0.3.1100 y anteriores no verifica adecuadamente la autenticidad de las actualizaciones, lo cual permite a a atacantes de tipo 'hombre en el medio' (man-in-the-middle) ejecutar código de su elección a través de la actualización de un ca... • http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 20%CPEs: 1EXPL: 2CVE-2007-3955 – LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3955
24 Jul 2007 — Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in LinkedInIEToolbar.dll in the LinkedIn Toolbar 3.0.2.1098 allows remote attackers to execute arbitrary code via a long second argument (varBrowser argument) to the search method. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en el control ActiveX IEToolbar.IEContextMenu.1 en LinkedInIEToolbar.dll en la LinkedIn Toolbar 3.0.2.1098 permite a atacantes remotos ejecutar código de su elección a tra... • https://www.exploit-db.com/exploits/4217 •