CyberSecurityBoard
Sponsor Register Login

CVE-2008-1966

Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to the (1) RECOVERJAR or (2) REMOVE_JAR procedure with a crafted parameter, related to (a) sqlj.install_jar and (b) sqlj.replace_jar. http://www-1.ibm.com/support/docview.wss?uidswg21255572http://www-1.ibm.com/support/docview.wss?uidswg21287889 http://www-1.ibm.com/support/docview.wss?uidswg21256235

Publication date: Sun, 27 Apr 2008 23:05:00 +0000


Cyber News related to CVE-2008-1966

CVE-2008-1966 - Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to ...
6 years ago
CVE-2011-1966 - The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query ...
4 years ago
CVE-2009-1967 - Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago
CVE-2009-1966 - Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago
CVE-2013-2115 - Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix ...
4 years ago
CVE-2014-1966 - The SNMP implementation in Siemens RuggedCom ROS before 3.11, ROS 3.11 for RS950G, ROS 3.12 before 3.12.4, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (device outage) via crafted packets. ...
3 years ago
CVE-2021-1966 - Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music ...
3 years ago
CVE-2007-1966 - Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie. ...
16 years ago
CVE-2002-1966 - Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. ...
16 years ago PLATINUM
CVE-2005-1966 - The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter. ...
8 years ago
CVE-2015-1966 - Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers ...
8 years ago
CVE-2004-1966 - Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) ...
7 years ago
CVE-2012-1966 - Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL. ...
7 years ago
CVE-2006-1966 - An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of service via a "small synflood" to the SMTP port (TCP port 25), as demonstrated by a 10-microsecond wait between sending packets. NOTE: this ...
6 years ago
CVE-2013-1966 - Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. ...
5 years ago
CVE-2010-1966 - Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors. ...
5 years ago
CVE-2016-1966 - The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer ...
5 years ago
CVE-2019-1966 - A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The ...
4 years ago
CVE-2018-14683 - PRTG before 19.1.49.1966 has Cross Site Scripting (XSS) in the WEBGUI. ...
3 years ago
CVE-2023-1966 - Instruments with Illumina Universal Copy Service v1.x and ...
2 years ago
CVE-2017-1966 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com
CVE-2020-1966 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none ...
1 year ago
CVE-2022-1966 - Red Hat Security Advisory: kernel-rt security and bug fix update ...
3 months ago
CVE-2025-1966 - A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/index.php. The manipulation of the argument username leads to sql ...
3 months ago
CVE-2024-42114 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)