CyberSecurityBoard
Sponsor Register Login

CVE-2008-5001

Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified parameters, a different issue than CVE-2008-0610.

Publication date: Mon, 10 Nov 2008 20:12:00 +0000


Cyber News related to CVE-2008-5001

CVE-2019-6139 - Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID ...
2 years ago
CVE-2008-5001 - Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of ...
13 years ago
CVE-2008-0791 - ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to cause a denial of service (CPU consumption) via short packets on TCP port 5001 with the 3, 5, 7, 13, 14, or 15 packet types. ...
6 years ago
CVE-2009-5001 - The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which ...
14 years ago
CVE-2013-5001 - Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php in phpMyAdmin 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted ...
11 years ago
CVE-2016-4349 - Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local users to gain privileges via a Trojan horse cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, secur32.dll, ...
8 years ago
CVE-2017-5001 - EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. A remote low privileged attacker may potentially exploit this vulnerability to use information ...
7 years ago
CVE-2011-0272 - Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature. ...
7 years ago
CVE-2010-5001 - SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
7 years ago
CVE-2012-5001 - Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors. ...
7 years ago
CVE-2015-5001 - IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via a ...
7 years ago
CVE-2007-5001 - Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file. ...
7 years ago
CVE-2017-15359 - In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file" and "/api/SupportInfo?file" are the vulnerable ...
7 years ago
CVE-2014-5001 - lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the (1) mysqldump, (2) pg_dump, (3) mysql, and (4) psql command lines, which allows local users to obtain sensitive information by listing the processes. ...
6 years ago
CVE-2011-5001 - Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC ...
6 years ago
CVE-2010-0618 - The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP ...
6 years ago
CVE-2018-18013 - ** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in ...
5 years ago
CVE-2018-5001 - Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. ...
5 years ago
CVE-2016-5001 - This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft a block token that grants unauthorized read access ...
3 years ago
CVE-2003-5001 - ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request ...
2 years ago
CVE-2022-30276 - The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of ...
10 months ago
CVE-2022-35413 - WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001. ...
2 years ago
CVE-2020-5001 - IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on ...
1 year ago
CVE-2023-5001 - The Horizontal scrolling announcement for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'horizontal-scrolling' shortcode in versions up to, and including, 9.2 due to insufficient input sanitization and output ...
1 year ago
CVE-2006-5001 - Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)