Security Vulnerabilities, CVEs, Published In May 2008 (Denial of service)
Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635.
Max CVSS
10.0
EPSS Score
1.78%
Published
2008-05-23
Updated
2017-08-08
Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript:"' sequence.
Max CVSS
4.3
EPSS Score
1.50%
Published
2008-05-23
Updated
2017-08-08
Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
Max CVSS
4.7
EPSS Score
0.04%
Published
2008-05-23
Updated
2017-09-29
SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1.
Max CVSS
7.8
EPSS Score
1.28%
Published
2008-05-21
Updated
2018-10-11
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).
Max CVSS
6.8
EPSS Score
23.82%
Published
2008-05-18
Updated
2017-09-29
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.
Max CVSS
3.6
EPSS Score
0.04%
Published
2008-05-18
Updated
2017-08-08
CVE-2008-2240
Public exploit
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.
Max CVSS
10.0
EPSS Score
97.12%
Published
2008-05-22
Updated
2017-08-08
Buffer overflow in the Multimedia PC Client in Nortel Multimedia Communication Server (MCS) before Maintenance Release 3.5.8.3 and 4.0.25.3 allows remote attackers to cause a denial of service (crash) via a flood of "extraneous" messages, as demonstrated by the Nessus "Generic flood" denial of service plugin.
Max CVSS
5.0
EPSS Score
3.90%
Published
2008-05-14
Updated
2017-08-08
Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.
Max CVSS
10.0
EPSS Score
68.39%
Published
2008-05-14
Updated
2018-10-11
Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Max CVSS
7.1
EPSS Score
0.16%
Published
2008-05-13
Updated
2008-09-05
Unspecified vulnerability in Hitachi GR routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Max CVSS
7.1
EPSS Score
1.26%
Published
2008-05-13
Updated
2011-03-08
Unspecified vulnerability in AlaxalA AX routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Max CVSS
7.1
EPSS Score
1.26%
Published
2008-05-13
Updated
2011-03-08
Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Max CVSS
7.1
EPSS Score
0.20%
Published
2008-05-13
Updated
2008-09-05
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372.
Max CVSS
7.1
EPSS Score
0.20%
Published
2008-05-13
Updated
2008-09-05
The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.
Max CVSS
3.6
EPSS Score
0.04%
Published
2008-05-12
Updated
2017-08-08
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog.
Max CVSS
7.2
EPSS Score
0.06%
Published
2008-05-12
Updated
2018-10-11
Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
9.29%
Published
2008-05-12
Updated
2018-10-30
The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mmap calls.
Max CVSS
4.4
EPSS Score
0.04%
Published
2008-05-29
Updated
2018-10-30
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
Max CVSS
7.8
EPSS Score
89.45%
Published
2008-05-16
Updated
2018-10-31
IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service (CPU consumption) via a port scan, which spawns multiple bfagent server processes that attempt to read data from closed sockets.
Max CVSS
7.5
EPSS Score
1.80%
Published
2008-05-09
Updated
2024-02-09
The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack.
Max CVSS
7.8
EPSS Score
4.05%
Published
2008-05-09
Updated
2018-10-30
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.
Max CVSS
5.0
EPSS Score
2.51%
Published
2008-05-07
Updated
2023-02-13
Call of Duty 4 (CoD4) 1.5 and earlier allows remote authenticated users to cause a denial of service (crash) via a type 7 stats packet, which triggers a memcpy with a negative value.
Max CVSS
6.8
EPSS Score
16.99%
Published
2008-05-07
Updated
2018-10-11
Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.
Max CVSS
7.8
EPSS Score
14.65%
Published
2008-05-06
Updated
2017-08-08
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.
Max CVSS
7.8
EPSS Score
3.51%
Published
2008-05-06
Updated
2017-09-29