Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-08 | CVE-2008-4493 | Improper Input Validation vulnerability in Microsoft Digital Image 2006 Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. | 6.8 |
| 2008-10-08 | CVE-2008-3830 | Permissions, Privileges, and Access Controls vulnerability in Condor Project Condor Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions. | 7.2 |
| 2008-10-08 | CVE-2008-3829 | Multiple Security vulnerability in Condor Prior to 7.0.5 Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via unknown vectors. | 5.0 |
| 2008-10-08 | CVE-2008-3828 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Condor Project Condor Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | 4.6 |
| 2008-10-08 | CVE-2008-3826 | Permissions, Privileges, and Access Controls vulnerability in Condor Project Condor Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors. | 4.6 |
| 2008-10-08 | CVE-2008-3814 | Improper Authentication vulnerability in Cisco Unity Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once. | 5.8 |
| 2008-10-08 | CVE-2008-4492 | SQL Injection vulnerability in Yourownbux 4.0 SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows remote attackers to execute arbitrary SQL commands via the usNick cookie. | 7.5 |
| 2008-10-08 | CVE-2008-4491 | Information Exposure vulnerability in Apple Mail 3.5 Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail. | 5.0 |
| 2008-10-08 | CVE-2008-4490 | Path Traversal vulnerability in PHPabook 0.8.4B/0.8.6B/0.8.7B Directory traversal vulnerability in config.inc.php in phpAbook 0.8.8b and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 5.1 |
| 2008-10-08 | CVE-2008-4489 | Path Traversal vulnerability in Atarone 1.2.0 Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. | 10.0 |