Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2008-10-15 CVE-2008-4577 Incorrect Authorization vulnerability in multiple products
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
7.5
2008-10-15 CVE-2008-3475 Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 5.01/6/7.0
Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability."
network
low complexity
microsoft CWE-908
8.8
2008-09-29 CVE-2008-4302 Improper Locking vulnerability in multiple products
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.
local
low complexity
linux debian redhat CWE-667
5.5
2008-09-27 CVE-2008-4197 Use of Uninitialized Resource vulnerability in Opera Browser
Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.
network
low complexity
opera CWE-908
8.8
2008-09-26 CVE-2008-3637 Improper Initialization vulnerability in Apple mac OS X and mac OS X Server
The Hash-based Message Authentication Code (HMAC) provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."
network
low complexity
apple CWE-665
8.8
2008-09-11 CVE-2008-3612 Use of Insufficiently Random Values vulnerability in Apple Iphone OS 2.0.0/2.0.1/2.0.2
The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses predictable TCP initial sequence numbers, which allows remote attackers to spoof or hijack a TCP connection.
network
low complexity
apple CWE-330
critical
9.8
2008-09-04 CVE-2007-6716 fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.
local
low complexity
linux canonical debian novell opensuse suse
5.5
2008-08-29 CVE-2008-3282 Incorrect Conversion between Numeric Types vulnerability in multiple products
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
local
low complexity
apache fedoraproject CWE-681
7.8
2008-08-27 CVE-2008-3281 XML Entity Expansion vulnerability in multiple products
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
6.5
2008-08-27 CVE-2008-2433 Use of Insufficiently Random Values vulnerability in Trendmicro products
The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks.
network
low complexity
trendmicro CWE-330
critical
9.8