CVE-2008-2092 (SPA-2102 Phone Adapter)

Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet (”ping of death”). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.

Permanent link to this post (39 words, estimated 9 secs reading time)

CVE-2008-2092 (SPA-2102 Phone Adapter)

Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet (”ping of death”). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.

Permanent link to this post (39 words, estimated 9 secs reading time)

CVE-2008-2080 (Common Data Format)

Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.

Permanent link to this post (39 words, estimated 9 secs reading time)

CVE-2008-2093 (community_builder, com_comprofiler)

SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.

Permanent link to this post (34 words, estimated 8 secs reading time)

CVE-2008-2090 (Solaris)

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.

Permanent link to this post (32 words, estimated 8 secs reading time)

CVE-2008-2093 (community_builder, com_comprofiler)

SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.

Permanent link to this post (34 words, estimated 8 secs reading time)

CVE-2008-2080 (Common Data Format)

Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.

Permanent link to this post (39 words, estimated 9 secs reading time)

CVE-2008-2089 (Solaris)

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.

Permanent link to this post (27 words, estimated 6 secs reading time)

CVE-2008-2080 (Common Data Format)

Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.

Permanent link to this post (39 words, estimated 9 secs reading time)

CVE-2008-2093 (community_builder, com_comprofiler)

SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.

Permanent link to this post (34 words, estimated 8 secs reading time)

« Previous Entries