CVSS: 4.3EPSS: 12%CPEs: 9EXPL: 0CVE-2008-2939 – httpd: mod_proxy_ftp globbing XSS
https://notcve.org/view.php?id=CVE-2008-2939
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. Vulnerabilidad de XSS en proxy_ftp.c en el módulo mod_proxy_ftp en Apache 2.0.63 y en versiones anteriores y mod_proxy_ftp.c en el módulo mod_proxy_ftp en Apache 2.2.9 y en versiones anteriores a 2.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un comodín en el último componente del directorio en el nombre de ruta en una URI FTPI. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html http://marc.info/?l=bugtraq&m=123376588623823&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://rhn.redhat.com/errata/RHSA-2008-0967.html http://secunia.com/advisories/31384 http://secunia.com/advisories/31673 http://secunia.com/advisories/32685 http://secunia.com/advisories/32838 http://secunia.com/advisories/33156&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 30EXPL: 0CVE-2008-2310
https://notcve.org/view.php?id=CVE-2008-2310
Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code. Vulnerabilidad de formato de cadena en c++filt en Apple Mac OS X 10.5 anterior a la v10.5.4, permite a atacantes asistidos por el usuario ejecutar código de su elección o provocar una denegación de servicio (caída de aplicación) a través de una cadena manipulada en código (1) C++ o (2) Java. • http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://secunia.com/advisories/30802 http://securitytracker.com/id?1020392 http://support.apple.com/kb/HT2163 http://www.securityfocus.com/bid/30018 http://www.vupen.com/english/advisories/2008/1981/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43494 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.1EPSS: 1%CPEs: 8EXPL: 0CVE-2008-1573
https://notcve.org/view.php?id=CVE-2008-1573
The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read. El motor de decodificación de imágenes BMP y GIF en ImageIO en Apple Mac OS X versiones anteriores a 10.5.3, permite a los atacantes remotos obtener información confidencial (contenido de memoria) por medio de una imagen (1) BMP o (2) GIF diseñada, lo que causa una lectura fuera de límites. • http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://secunia.com/advisories/30430 http://secunia.com/advisories/30775 http://securitytracker.com/id?1020144 http://www.securityfocus.com/bid/29412 http://www.securityfocus.com/bid/29513 http://www.us-cert.gov/cas/techalerts/TA08-150A.html http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/adviso • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 12%CPEs: 9EXPL: 1CVE-2008-0599 – php: buffer overflow in a CGI path translation
https://notcve.org/view.php?id=CVE-2008-0599
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. La función init_request_info en sapi/cgi/cgi_main.c en PHP en versiones anteriores a 5.2.6 no considera correctamente la precedencia del operador cuando calcula la longitud de PATH_TRANSLATED, lo que podrían permitir a atacantes remotos ejecutar código arbitrario a través de una URI manipulada. • http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01476437 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://secunia.com/advisories/30048 http://secunia.com/advisories/30083 http:/ • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 4%CPEs: 19EXPL: 0CVE-2008-0063 – krb5: possible leak of sensitive data from krb5kdc using krb4 request
https://notcve.org/view.php?id=CVE-2008-0063
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." El soporte Kerberos 4 en KDC en MIT Kerberos 5 (krb5kdc) no borra apropiadamente la parte no utilizada de un búfer cuando se genera un mensaje de error, lo que podría permitir a los atacantes remotos obtener información confidencial, también se conoce como "Uninitialized stack values." • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html http://secunia.com/advisories/29420 http://secunia.com/advisories/29423 http://secunia.com/advisories/29424 http://secunia.com/advisories/29428 http://secunia.com/advisories/29435 http://secunia.com/advisories/29438 http://secunia.com/advisories/29450 http://secunia.com/advisories/2 • CWE-908: Use of Uninitialized Resource •