|Improper Restriction of Operations within the Bounds of a Memory Buffer|
|Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')|
|Vulnerability||Severity Score||Release Date||Summary|
|CVE-2007-6282||7.1||May 7, 2008||
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
|CVE-2008-0411||6.8||Feb. 28, 2008||
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
|CVE-2008-2808||4.3||July 7, 2008||
Mozilla Firefox before 220.127.116.11 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.