Badware Watch

CVE-2008-2092 (SPA-2102 Phone Adapter)

admin — Fri, 09 May 2008 18:51:41 +0000

Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet (”ping of death”). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.

CVE-2008-2092 (SPA-2102 Phone Adapter)

admin — Fri, 09 May 2008 18:51:25 +0000

CVE-2008-2080 (Common Data Format)

admin — Fri, 09 May 2008 18:50:22 +0000

Stack-based buffer overflow in the Read32s_64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format (CDF) library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags.

CVE-2008-2090 (Solaris)

admin — Fri, 09 May 2008 18:50:20 +0000

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.

CVE-2008-2093 (community_builder, com_comprofiler)

admin — Fri, 09 May 2008 18:50:20 +0000

SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php.

CVE-2008-2093 (community_builder, com_comprofiler)

admin — Fri, 09 May 2008 18:50:19 +0000

CVE-2008-2080 (Common Data Format)

admin — Fri, 09 May 2008 18:50:16 +0000

CVE-2008-2089 (Solaris)

admin — Fri, 09 May 2008 18:50:14 +0000

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.

CVE-2008-2080 (Common Data Format)

admin — Fri, 09 May 2008 18:48:46 +0000

CVE-2008-2080 (Common Data Format)

admin — Fri, 09 May 2008 18:48:45 +0000