CVE-2008-6116
published 2009-02-11CVE-2008-6116: SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.10%
61.6th percentile
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| extrosoft | com_thyme | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2007-6439 wireshark IPv6 and USB dissector crash
bugzilla·2008-01-02·CVSS 5.0
CVE-2007-6439 [MEDIUM] CVE-2007-6439 wireshark IPv6 and USB dissector crash
CVE-2007-6439 wireshark IPv6 and USB dissector crash
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6439 to the following vulnerability:
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
References:
http://www.wireshark.org/security/wnpa-sec-2007-03.html
Discussion:
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0058.html
Bugzilla
CVE-2007-6116 wireshark firebird/interbase flaws
bugzilla·2007-11-23·CVSS 5.0
CVE-2007-6116 [MEDIUM] CVE-2007-6116 wireshark firebird/interbase flaws
CVE-2007-6116 wireshark firebird/interbase flaws
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6116 to the following vulnerability:
The Firebird/Interbase dissector in Wireshark (formerly Ethereal)
0.99.6 allows remote attackers to cause a denial of service (infinite
loop or crash) via unknown vectors.
Discussion:
wireshark-0.99.7-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
---
wireshark-0.99.7-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2008-0058.html
Fedora:
https://admin.fedoraproject.org/updates/F8/
2009-02-11
Published