Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-14 | CVE-2008-2619 | Unspecified vulnerability in Oracle Application Server and E-Business Suite Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors. | 1.7 |
2008-10-14 | CVE-2008-2588 | Local Security vulnerability in Oracle Jdeveloper 10.1.2.2 Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors. | 2.1 |
2008-10-14 | CVE-2008-4555 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Graphviz Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements. | 8.5 |
2008-10-14 | CVE-2008-4400 | Improper Input Validation vulnerability in multiple products Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation." | 5.0 |
2008-10-14 | CVE-2008-4399 | Improper Input Validation vulnerability in multiple products Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." | 5.0 |
2008-10-14 | CVE-2008-4398 | Improper Input Validation vulnerability in multiple products Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. | 5.0 |
2008-10-14 | CVE-2008-4397 | Improper Input Validation vulnerability in multiple products Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. | 10.0 |
2008-10-14 | CVE-2008-4385 | Code Injection vulnerability in Systemrequirementslab System Requirements LAB 3 Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in (1) a certain ActiveX control (sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) a certain Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar. | 9.3 |
2008-10-14 | CVE-2008-3640 | Numeric Errors vulnerability in Apple Cups Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. | 6.8 |
2008-10-14 | CVE-2008-3639 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Cups Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. | 7.5 |