Vulnerabilities > Improper Input Validation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-04-07 | CVE-2008-1691 | Improper Input Validation vulnerability in Seattle LAB Software Slmail PRO Unspecified vulnerability in SLMail.exe in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (UDP service outage) via a large packet to UDP port 54. | 5.0 |
2008-04-04 | CVE-2008-1014 | Improper Input Validation vulnerability in Apple Quicktime Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows remote attackers to obtain sensitive information. | 4.3 |
2008-04-04 | CVE-2008-0555 | Improper Input Validation vulnerability in Apache-Ssl 1.3.341.57 The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) '/' and (2) '=' characters in a Distinguished Name (DN) in a client certificate, which might allow remote attackers to bypass authentication via a crafted DN that triggers overwriting of environment variables. | 7.5 |
2008-04-02 | CVE-2008-1331 | Improper Input Validation vulnerability in Alcatel-Lucent Omnipcx Office cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter. | 10.0 |
2008-04-02 | CVE-2008-1648 | Improper Input Validation vulnerability in Sympa Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message with a malformed value of the Content-Type header and unspecified other headers. | 5.0 |
2008-04-02 | CVE-2008-1647 | Improper Input Validation vulnerability in Chilkat Software Chilkathttp Activex The ChilkatHttp.ChilkatHttp.1 and ChilkatHttp.ChilkatHttpRequest.1 ActiveX controls in ChilkatHttp.dll 2.4.0.0, 2.3.0.0, and earlier in ChilkatHttp ActiveX expose the unsafe SaveLastError method, which allows remote attackers to overwrite arbitrary files. | 9.3 |
2008-04-02 | CVE-2008-1626 | Improper Input Validation vulnerability in Eggblog SQL injection vulnerability in eggBlog before 4.0.1 allows remote attackers to execute arbitrary SQL commands via an unspecified cookie. | 7.5 |
2008-04-01 | CVE-2008-1605 | Improper Input Validation vulnerability in Leadtools Multimedia Toolkit 15 The (1) ltmmCaptureCtrl Class, (2) ltmmConvertCtrl Class, and (3) ltmmPlayCtrl Class ActiveX controls (ltmm15.dll 15.1.0.17 and earlier) in LEADTOOLS Multimedia Toolkit 15 allow attackers to overwrite arbitrary files via the SaveSettingsToFile method. | 6.8 |
2008-03-31 | CVE-2008-1568 | Improper Input Validation vulnerability in Comix 3.6.4 comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs. | 7.5 |
2008-03-31 | CVE-2008-1562 | Improper Input Validation vulnerability in Wireshark The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740. | 5.0 |