CVE-2008-6111
published 2009-02-11CVE-2008-6111: SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter.
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.14%
62.7th percentile
SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netart_media | vlog_system | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2007-6438 wireshark SMB dissector crash
bugzilla·2008-01-02·CVSS 7.1
CVE-2007-6438 [HIGH] CVE-2007-6438 wireshark SMB dissector crash
CVE-2007-6438 wireshark SMB dissector crash
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6438 to the following vulnerability:
Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111.
References:
http://www.wireshark.org/security/wnpa-sec-2007-03.html
Discussion:
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0058.html
Bugzilla
CVE-2007-6111 wireshark mp3 and ncp flaws
bugzilla·2007-11-23·CVSS 7.1
CVE-2007-6111 [HIGH] CVE-2007-6111 wireshark mp3 and ncp flaws
CVE-2007-6111 wireshark mp3 and ncp flaws
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6111 to the following vulnerability:
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal)
allow remote attackers to cause a denial of service (crash) via (1) a
crafted MP3 file or (2) unspecified vectors to the NCP dissector.
Discussion:
wireshark-0.99.7-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
---
wireshark-0.99.7-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0058.html
Fedora:
https://admin.fe
http://secunia.com/advisories/32784http://www.securityfocus.com/bid/32425http://www.vupen.com/english/advisories/2008/3247https://exchange.xforce.ibmcloud.com/vulnerabilities/46783https://www.exploit-db.com/exploits/7186http://secunia.com/advisories/32784http://www.securityfocus.com/bid/32425http://www.vupen.com/english/advisories/2008/3247https://exchange.xforce.ibmcloud.com/vulnerabilities/46783https://www.exploit-db.com/exploits/7186
2009-02-11
Published