Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-09 | CVE-2008-4504 | Buffer Errors vulnerability in Herosoft Hero DVD Player 3.0.8 Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. | 6.8 |
2008-10-09 | CVE-2008-4503 | Clickjacking vulnerability in RETIRED: Adobe Flash Player The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking." network adobe | 6.8 |
2008-10-09 | CVE-2008-4500 | Improper Input Validation vulnerability in Solarwinds Serv-U File Server Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1". | 4.0 |
2008-10-08 | CVE-2008-4493 | Improper Input Validation vulnerability in Microsoft Digital Image 2006 Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. | 6.8 |
2008-10-08 | CVE-2008-3829 | Multiple Security vulnerability in Condor Prior to 7.0.5 Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via unknown vectors. | 5.0 |
2008-10-08 | CVE-2008-3828 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Condor Project Condor Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | 4.6 |
2008-10-08 | CVE-2008-3826 | Permissions, Privileges, and Access Controls vulnerability in Condor Project Condor Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors. | 4.6 |
2008-10-08 | CVE-2008-3814 | Improper Authentication vulnerability in Cisco Unity Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once. | 5.8 |
2008-10-08 | CVE-2008-4491 | Information Exposure vulnerability in Apple Mail 3.5 Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail. | 5.0 |
2008-10-08 | CVE-2008-4490 | Path Traversal vulnerability in PHPabook 0.8.4B/0.8.6B/0.8.7B Directory traversal vulnerability in config.inc.php in phpAbook 0.8.8b and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 5.1 |