CVE-2008-2826
- EPSS 0.43%
- Veröffentlicht 02.07.2008 16:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:33
Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consu...
- EPSS 4.26%
- Veröffentlicht 24.06.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:10
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or ...
- EPSS 4.46%
- Veröffentlicht 24.06.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:11
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service v...
CVE-2008-2664
- EPSS 4.28%
- Veröffentlicht 24.06.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:11
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related t...
CVE-2008-2725
- EPSS 3.7%
- Veröffentlicht 24.06.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:19
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger mem...
CVE-2008-2726
- EPSS 3.76%
- Veröffentlicht 24.06.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:19
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent at...
- EPSS 5.27%
- Veröffentlicht 23.06.2008 20:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:34
php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c lega...
CVE-2008-2712
- EPSS 15.04%
- Veröffentlicht 16.06.2008 21:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:17
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3)...
- EPSS 12.71%
- Veröffentlicht 13.06.2008 18:41:00
- Zuletzt bearbeitet 16.06.2026 22:53:38
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service...
CVE-2008-1105
- EPSS 69.09%
- Veröffentlicht 29.05.2008 16:32:00
- Zuletzt bearbeitet 16.06.2026 22:51:00
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.