CVSS: 4.0EPSS: 5%CPEs: 8EXPL: 3CVE-2008-7011 – Unreal Engine - 'UnChan.cpp' Failed Assertion Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-7011
The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service (server exit) via multiple file downloads from the server, which triggers an assertion failure when the Closing flag in UnChan.cpp is set. El motor de Unreal, el utilizado en Unreal Tournament v3 1.3, Unreal Tournament 2003 y 2004, Dead Man's Hand, Pariah, WarPath, Postal2, y Shadow Ops, permite a usuarios remotos autenticados producir una denegación de servicio (salida de servidor) a través de múltiples descargas de ficheros desde el servidor, lo que inicia un fallo de aserción cuando la marca (flag) de cierre en UnChan.cpp esta activado. • https://www.exploit-db.com/exploits/32386 http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0321.html http://osvdb.org/48293 http://www.securityfocus.com/archive/1/496399/100/0/threaded http://www.securityfocus.com/bid/31205 • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 4CVE-2008-1985 – Digital Hive - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-1985
Cross-site scripting (XSS) vulnerability in base.php in DigitalHive 2.0 RC2 allows remote attackers to inject arbitrary web script or HTML via the mt parameter, possibly related to membres.php. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en base.php en DigitalHive 2.0 RC2 permite a atacantes remotos inyectar 'script' web arbitrario o HTML mediante el parámetro mt, posiblemente relacionada con "membres.php". • https://www.exploit-db.com/exploits/10427 https://www.exploit-db.com/exploits/31701 http://www.securityfocus.com/bid/28918 http://www.z0rlu.ownspace.org/index.php?/archives/65-hive-v2.RC2-XSS.html https://exchange.xforce.ibmcloud.com/vulnerabilities/42006 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 2CVE-2008-0380 – Digital Data Communications - 'RtspVaPgCtrl' Class Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0380
Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property. Desbordamiento de búfer en el controlador ActiveX Digital Data Communications RtspVaPgCtrl (RtspVapgDecoder.dll 1.1.0.29) permite a atacantes remotos ejecutar código de su elección a través de una propiedad MP4Prefix . • https://www.exploit-db.com/exploits/4932 http://secunia.com/advisories/28492 http://www.securityfocus.com/bid/27337 http://www.vupen.com/english/advisories/2008/0182 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 1EXPL: 4CVE-2007-3071 – eSellerate SDK 3.6.5 - 'eSellerateControl365.dll' ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3071
Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument. Desbordamiento de búfer en la función GetWebStoreURL en un control ActiveX determinado en eSellerateControl365.dll 3.6.5.0 de eSellerate SDK permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un primer argumento largo. • https://www.exploit-db.com/exploits/30144 https://www.exploit-db.com/exploits/37319 http://osvdb.org/38803 http://www.securityfocus.com/bid/24300 http://www.shinnai.altervista.org/exploits/esellerate.html https://exchange.xforce.ibmcloud.com/vulnerabilities/35003 •
CVSS: 9.3EPSS: 9%CPEs: 2EXPL: 2CVE-2007-1600 – Digital Eye CMS 0.1.1b - 'module.php' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-1600
PHP remote file inclusion vulnerability in module.php in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter. Vulnerabilidad de inclusión remota de archivo en PHP en module.php de Digital Eye Gallery 1.1 Beta (también conocido como 0.1.1b) permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro menu. • https://www.exploit-db.com/exploits/3533 http://osvdb.org/37241 http://www.securityfocus.com/bid/23083 http://www.vupen.com/english/advisories/2007/1070 https://exchange.xforce.ibmcloud.com/vulnerabilities/33115 •