CVSS: 9.3EPSS: 95%CPEs: 5EXPL: 1CVE-2008-2245 – Microsoft Windows - InternalOpenColorProfile Heap Overflow (PoC) (MS08-046)
https://notcve.org/view.php?id=CVE-2008-2245
Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file. Un desbordamiento de búfer en la región heap de la memoria en la función InternalOpenColorProfile en la biblioteca mscms.dll en Windows Image Color Management System (MSCMS) de Microsoft en el componente Image Color Management (ICM) sobre Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2, permiten a los atacantes remotos ejecutar código arbitrario por medio de un archivo de imagen diseñado. • https://www.exploit-db.com/exploits/6732 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742 http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31385 http://www.kb.cert.org/vuls/id/309739 http://www.securityfocus.com/bid/30594 http://www.securitytracker.com/id?1020675 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2350 https://docs.microsoft.com/en-us/security-updat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 10EXPL: 2CVE-2008-3365 – PixelPost 1.7.1 - 'language_full' Local File Inclusion
https://notcve.org/view.php?id=CVE-2008-3365
Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter. Vulnerabilidad de salto de directorio en index.php en Pixelpost 1.7.1 sobre Windows, cuando "register_globals" está activado, permite a atacantes remotos incluir y ejecutar archivos locales a través de .. (punto punto) en el parámetro "languaje_full". • https://www.exploit-db.com/exploits/6150 http://secunia.com/advisories/31239 http://securityreason.com/securityalert/4062 http://www.pixelpost.org/blog/2008/07/27/pixelpost-171-security-patch http://www.securityfocus.com/archive/1/494817/100/0/threaded http://www.securityfocus.com/bid/30397 http://www.vupen.com/english/advisories/2008/2207/references https://exchange.xforce.ibmcloud.com/vulnerabilities/44031 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 13%CPEs: 35EXPL: 3CVE-2008-1447 – BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2008-1447
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tráfico DNS a través de un ataque de un cumpleaños que usa referencias in-bailiwick para llevar a cabo un envenenamiento del caché contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacción DNS y los puertos de origen, vulnerabilidad también conocida como "DNS Insufficient Socket Entropy Vulnerability" o "the Kaminsky bug". • https://www.exploit-db.com/exploits/6122 https://www.exploit-db.com/exploits/6130 https://www.exploit-db.com/exploits/6123 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID • CWE-331: Insufficient Entropy •
CVSS: 9.4EPSS: 41%CPEs: 8EXPL: 0CVE-2008-1454
https://notcve.org/view.php?id=CVE-2008-1454
Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447. La vulnerabilidad no especificada en Microsoft DNS en Windows 2000 SP4, Server 2003 SP1 y SP2, y Server 2008 permite a los atacantes remotos dirigir ataques de intoxicación por caché por medio de vectores desconocidos relacionados con la aceptación de "records from a response that is outside the remote server's authority", también se conoce como "DNS Cache Poisoning Vulnerability", esta una vulnerabilidad diferente a CVE-2008-1447. • http://secunia.com/advisories/30925 http://www.securityfocus.com/bid/30132 http://www.securitytracker.com/id?1020437 http://www.us-cert.gov/cas/techalerts/TA08-190A.html http://www.vupen.com/english/advisories/2008/2019/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5380 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1CVE-2008-1451
https://notcve.org/view.php?id=CVE-2008-1451
The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a crafted packet, aka "Memory Overwrite Vulnerability." El servicio WINS en Microsoft Windows 2000 SP4, y Server 2003 SP1 y SP2 no verifica adecuadamente las estructuras de datos en paquetes de red WINS, lo que permite a usuarios locales obtener privilegios a través de un paquete manipulado, también conocida como "Vulnerabilidad de sobrescritura de memoria" • http://secunia.com/advisories/30584 http://securitytracker.com/id?1020228 http://www.securityfocus.com/bid/29588 http://www.us-cert.gov/cas/techalerts/TA08-162B.html http://www.vupen.com/english/advisories/2008/1781 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5582 • CWE-20: Improper Input Validation •