CyberSecurityBoard
Sponsor Register Login

CVE-2008-3350

dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214.

Publication date: Mon, 28 Jul 2008 22:41:00 +0000


Cyber News related to CVE-2008-3350

CVE-2020-4044 - The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter ...
4 years ago
CVE-2024-42251 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
CVE-2008-3350 - dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a ...
7 years ago
CVE-2007-3437 - AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350. ...
1 year ago
CVE-2016-3377 - The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different ...
6 years ago
CVE-2016-3350 - The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different ...
6 years ago
CVE-2009-3350 - Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors. ...
15 years ago
CVE-2015-3350 - Cross-site request forgery (CSRF) vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified ...
8 years ago
CVE-2007-3350 - AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application hang) via a flood of spoofed SIP INVITE requests. ...
7 years ago
CVE-2010-3350 - bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. ...
7 years ago
CVE-2014-3350 - Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly implement URL redirection, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCuh84870. ...
7 years ago
CVE-2012-3350 - SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. ...
6 years ago
CVE-2006-3350 - Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) ARJ, (2) RAR, or (3) ZIP archive. ...
6 years ago
CVE-2005-3350 - libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. ...
6 years ago
CVE-2017-3350 - Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows ...
5 years ago
CVE-2011-3350 - masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping. ...
5 years ago
CVE-2013-3350 - Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets. ...
4 years ago
CVE-2021-3350 - deleteaccount.php in the Delete Account plugin 1.4 for MyBB allows XSS via the deletereason parameter. ...
4 years ago
CVE-2022-3350 - The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is ...
2 years ago
CVE-2020-3350 - A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition ...
2 years ago
CVE-2023-3350 - A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By firstly downloading the log file, an attacker could retrieve the SQL query sent to the application in plaint text. This log file contains the password ...
6 months ago
CVE-2024-3350 - A vulnerability, which was classified as critical, has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this issue is some unknown functionality of the file admin/mod_room/index.php. The manipulation of the ...
1 year ago Tenable.com
CVE-2025-3350 - A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection. It is ...
1 week ago
CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
55 years ago Tenable.com
CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)