Uncategorized CVEs — 2007 (Page 1/38)

CVEs without a recognized CWE (not present in the CWE map or marked as N/A).

CVSS ≥ 0.0

2007-12-31

Medium

CVE-2007-6603

Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to co…

CVSS: 5.0CWE: CWE-264

Critical

CVE-2007-6337

Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.

CVSS: 10.0CWE: N/A

2007-12-28

Medium

CVE-2007-6594

IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is c…

CVSS: 6.9CWE: CWE-264

Medium

CVE-2007-6591

KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in sub…

CVSS: 4.3CWE: N/A

Medium

CVE-2007-6592

Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSNa…

CVSS: 4.3CWE: N/A

Medium

CVE-2007-6546

RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.

CVSS: 6.4CWE: N/A

Medium

CVE-2007-6547

RunCMS before 1.6.1 does not require entry of the old password during a password change, which allows context-dependent attackers to change passwords upon obtaining temporary access to a session.

CVSS: 6.8CWE: N/A

High

CVE-2007-6549

Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to "pagetype using."

CVSS: 7.5CWE: N/A

2007-12-27

Medium

CVE-2007-5342

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attac…

CVSS: 6.4CWE: CWE-264

Critical

CVE-2007-6525

Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 for z/OS has unknown impact and attack vectors, related to "scripting."

CVSS: 10.0CWE: N/A

Critical

CVE-2007-6529

Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.

CVSS: 10.0CWE: N/A

2007-12-24

High

CVE-2007-6419

Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

CVSS: 7.8CWE: N/A

Medium

CVE-2007-6519

Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.

CVSS: 4.9CWE: N/A

Critical

CVE-2007-6521

Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates.

CVSS: 10.0CWE: CWE-310

High

CVE-2007-6523

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a larg…

CVSS: 7.8CWE: CWE-189

2007-12-21

Medium

CVE-2007-6511

Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent User-Agent header, which results in a N…

CVSS: 5.0CWE: N/A

2007-12-20

Critical

CVE-2007-6506

The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbi…

CVSS: 9.3CWE: N/A

Critical

CVE-2007-6507

SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote…

CVSS: 10.0CWE: CWE-264

Medium

CVE-2007-6334

Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attacker…

CVSS: 5.0CWE: CWE-264

Low

CVE-2007-6505

Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easie…

CVSS: 3.5CWE: CWE-16

High

CVE-2007-6349

P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-L…

CVSS: 7.8CWE: CWE-399

Medium

CVE-2007-6285

The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows…

CVSS: 6.2CWE: CWE-16

Medium

CVE-2007-6496

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to register arbitrary users via a request to hosting/addsubsite.asp with the loginname and password parameters set, when precede…

CVSS: 6.8CWE: CWE-264

Medium

CVE-2007-6504

Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the headers of arbitrary hosts via an unspecified parameter.

CVSS: 5.5CWE: CWE-264

Medium

CVE-2007-6479

Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute…

CVSS: 4.9CWE: CWE-264

Medium

CVE-2007-6500

Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to delete "gateway information" via a request to OpenApi/GatewayVariables.asp.

CVSS: 4.9CWE: CWE-264

Medium

CVE-2007-6499

Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNI…

CVSS: 5.5CWE: CWE-264

High

CVE-2007-6497

Hosting Controller 6.1 Hot fix 3.3 and earlier (1) allows remote attackers to change arbitrary user profiles via a request to Hosting/Addreseller.asp with modified loginname and email parameters; and…

CVSS: 7.5CWE: CWE-264

Medium

CVE-2007-6503

Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote authenticated users to (1) import an arbitrary plan via a request to hosting/importhostingplans.asp…

CVSS: 5.5CWE: CWE-264

Medium

CVE-2007-6495

inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the permissions of directories named (1) db, (2) www, (3) Special, and (4) log at arbitra…

CVSS: 6.5CWE: CWE-264

Medium

CVE-2007-6481

Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to create or delete arbitrary directories via unspecifie…

CVSS: 6.4CWE: N/A

High

CVE-2007-6489

Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) gb_mail, (2) gb_name, and (3) gb_text para…

CVSS: 7.5CWE: N/A

Critical

CVE-2007-6480

The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code.

CVSS: 9.4CWE: N/A

Medium

CVE-2007-6501

Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to enable or disable "pay type" via a request to adminsettings/choosetranstype.asp.

CVSS: 5.5CWE: CWE-264

High

CVE-2007-6482

Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecif…

CVSS: 7.8CWE: N/A

Medium

CVE-2007-6487

Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-200…

CVSS: 4.9CWE: CWE-264

High

CVE-2007-5584

Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7…

CVSS: 7.8CWE: N/A

Medium

CVE-2007-6351

libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write func…

CVSS: 4.3CWE: N/A

Medium

CVE-2007-6352

Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail f…

CVSS: 6.8CWE: CWE-189

Critical

CVE-2007-6243

Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for r…

CVSS: 9.3CWE: CWE-264

Medium

CVE-2007-6246

Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges.

CVSS: 4.4CWE: CWE-264

High

CVE-2007-6335

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

CVSS: 7.5CWE: CWE-189

High

CVE-2007-5966

Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large r…

CVSS: 7.2CWE: CWE-189

Critical

CVE-2007-6456

Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 has unknown impact and attack vectors related to MacOS 10.3.9 .odb files. NOTE: it is not clear whether t…

CVSS: 10.0CWE: N/A

Medium

CVE-2007-6470

phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via…

CVSS: 6.4CWE: CWE-264

2007-12-19

Medium

CVE-2007-5963

Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors.

CVSS: 4.7CWE: N/A

Medium

CVE-2007-6450

The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

CVSS: 5.0CWE: N/A

Medium

CVE-2007-6451

Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocati…

CVSS: 4.3CWE: CWE-399

Low

CVE-2007-6441

The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."

CVSS: 3.3CWE: CWE-264

Medium

CVE-2007-6439

Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a c…

CVSS: 6.1CWE: CWE-399

Critical

CVE-2007-4710

Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted C…

CVSS: 9.3CWE: CWE-399

Critical

CVE-2007-5849

Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that t…

CVSS: 9.3CWE: CWE-189

Low

CVE-2007-5851

iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.

CVSS: 3.6CWE: CWE-264

Critical

CVE-2007-5853

Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (system shutdown) or execute arbitrary code via a disk image with…

CVSS: 9.3CWE: N/A

Critical

CVE-2007-5856

Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.

CVSS: 9.4CWE: CWE-16

Medium

CVE-2007-5857

Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive info…

CVSS: 6.4CWE: CWE-264

Critical

CVE-2007-5859

Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that…

CVSS: 9.3CWE: CWE-399

High

CVE-2007-5860

Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."

CVSS: 7.2CWE: N/A

Medium

CVE-2007-5861

Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS fil…

CVSS: 6.8CWE: CWE-399

Critical

CVE-2007-5863

Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution d…

CVSS: 9.3CWE: CWE-310

2007-12-18

Medium

CVE-2007-6356

exiftags before 1.01 allows attackers to cause a denial of service (infinite loop) via recursive IFD references in the EXIF data in a JPEG image.

CVSS: 5.0CWE: CWE-399

Low

CVE-2007-6434

Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function.

CVSS: 2.1CWE: CWE-264

Critical

CVE-2007-6355

Integer overflow in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "field offset overflow" that triggers an "illegal memory access," a different vulnerability than CVE-2…

CVSS: 10.0CWE: CWE-189

Critical

CVE-2007-6354

Unspecified vulnerability in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "field offset overflow" that triggers an "illegal memory access," a different vulnerability t…

CVSS: 10.0CWE: N/A

Medium

CVE-2007-6424

registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the c…

CVSS: 4.3CWE: CWE-264

2007-12-17

Critical

CVE-2007-6413

Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesyste…

CVSS: 9.3CWE: CWE-264

High

CVE-2007-6414

admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credent…

CVSS: 7.5CWE: CWE-255

Medium

CVE-2007-6416

The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain…

CVSS: 4.6CWE: CWE-264

Medium

CVE-2007-6409

The gg protocol handler in Gadu-Gadu, when this product is installed but not running, does not properly handle the skin attribute, which allows remote attackers to cause a denial of service (resource…

CVSS: 4.3CWE: CWE-16

Medium

CVE-2007-6399

index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the pa…

CVSS: 6.5CWE: CWE-255

Medium

CVE-2007-6395

Flat PHP Board 1.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials via a direct request for the usern…

CVSS: 5.0CWE: CWE-264

Low

CVE-2007-6389

The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.

CVSS: 2.1CWE: N/A

2007-12-15

Medium

CVE-2007-6382

The Event Dispatch Thread in Robocode before 1.5.1 allows remote attackers to execute arbitrary Java code by using a robot to invoke the SwingUtilities.invokeLater method.

CVSS: 6.8CWE: N/A

Medium

CVE-2007-6383

The DAV component in Chandler Server (Cosmo) before 0.10.1 does not check resource creation permissions, which allows remote authenticated users to create arbitrary resources in another user's home c…

CVSS: 5.5CWE: CWE-264

Medium

CVE-2007-6358

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PD…

CVSS: 4.9CWE: N/A

Medium

CVE-2007-6359

The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash)…

CVSS: 4.9CWE: CWE-189

High

CVE-2007-6360

Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attack…

CVSS: 7.8CWE: N/A

Medium

CVE-2007-6361

Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrate…

CVSS: 5.0CWE: CWE-264

Medium

CVE-2007-6379

BadBlue 2.72b and earlier allows remote attackers to obtain sensitive information via an invalid browse parameter, which reveals the installation path in an error message.

CVSS: 5.0CWE: CWE-16

2007-12-14

High

CVE-2007-6350

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve…

CVSS: 8.5CWE: CWE-264

2007-12-13

High

CVE-2007-6328

DOSBox 0.72 and earlier allows local users to obtain access to the filesystem on the host operating system via the mount command. NOTE: the researcher reports a vendor response stating that this is…

CVSS: 7.2CWE: N/A

Critical

CVE-2007-6332

The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft W…

CVSS: 9.3CWE: N/A

Medium

CVE-2007-6333

CVSS: 5.8CWE: N/A

Medium

CVE-2007-6329

Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fi…

CVSS: 6.4CWE: CWE-255

Critical

CVE-2007-6330

Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client in a (1) cleartext or (2) weakly encrypted format to support client-side login authentication, which…

CVSS: 10.0CWE: N/A

Medium

CVE-2007-5964

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to…

CVSS: 6.9CWE: CWE-16

2007-12-12

Critical

CVE-2007-3902

Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression…

CVSS: 9.3CWE: CWE-189

Medium

CVE-2007-5347

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."

CVSS: 6.8CWE: CWE-399

High

CVE-2007-5350

Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Microsoft Windows Vista allows local users to gain privileges via unspecified vectors involving "legacy…

CVSS: 7.2CWE: CWE-264

Medium

CVE-2007-3903

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript func…

CVSS: 6.8CWE: CWE-399

2007-12-10

Low

CVE-2007-6303

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privilege…

CVSS: 3.5CWE: N/A

Medium

CVE-2007-6304

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of se…

CVSS: 5.0CWE: N/A

High

CVE-2007-5969

MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit…

CVSS: 7.1CWE: CWE-264

Medium

CVE-2007-5970

MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX…

CVSS: 5.8CWE: N/A

Critical

CVE-2007-6293

Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands."

CVSS: 10.0CWE: N/A

Medium

CVE-2007-6294

Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers to gain privileges via "some HMC commands."

CVSS: 4.9CWE: CWE-264

2007-12-07

High

CVE-2007-6276

The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon…

CVSS: 7.8CWE: CWE-189

Critical

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed (1) Seektable values or (2)…

CVSS: 9.3CWE: CWE-399

Low

CVE-2007-6267

Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeSight for NetScaler 1.0 and 1.1 do not properly store database credentials in configuration files, w…

CVSS: 2.1CWE: CWE-255

Medium

CVE-2007-5497

Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.

CVSS: 5.8CWE: CWE-189

2007-12-06

Medium

CVE-2007-5938

The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to caus…

CVSS: 5.0CWE: CWE-189

Critical

CVE-2007-5894

The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the length variable when auth_type has a certain value, which has unknown impact and remote authenticated…

CVSS: 9.3CWE: N/A

Medium

CVE-2007-5901

Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result o…

CVSS: 6.9CWE: CWE-399

Critical

CVE-2007-5902

Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS clie…

CVSS: 10.0CWE: CWE-189

Medium

CVE-2007-5971

Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.

CVSS: 6.9CWE: CWE-399

Critical

CVE-2007-6194

Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.

CVSS: 10.0CWE: N/A

Medium

CVE-2007-6261

Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinit…

CVSS: 4.9CWE: CWE-189

Medium

CVE-2007-6260

The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener. NOTE: at the end of the inst…

CVSS: 6.8CWE: CWE-255

2007-12-05

Medium

CVE-2007-5355

The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a s…

CVSS: 5.8CWE: N/A

High

CVE-2007-5614

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.

CVSS: 7.5CWE: N/A

High

CVE-2007-6241

Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unknown "critical" impact and attack vectors, different issues than CVE-2007-6014.

CVSS: 7.5CWE: N/A

2007-12-04

Medium

CVE-2007-6225

Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors.

CVSS: 4.9CWE: N/A

Medium

CVE-2007-6236

Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff.

CVSS: 5.0CWE: CWE-189

Critical

CVE-2007-6238

Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute arbitrary code via unknown attack vectors, probably a different vulnerability than CVE-2007-6166. NO…

CVSS: 10.0CWE: N/A

Medium

CVE-2007-6222

The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMI…

CVSS: 6.5CWE: CWE-264

Medium

CVE-2007-6220

typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via unspecified network behavior that triggers a divide-by-zero error.

CVSS: 5.0CWE: CWE-189

Low

CVE-2007-6210

zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.

CVSS: 2.1CWE: CWE-16

High

CVE-2007-6211

Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability i…

CVSS: 7.2CWE: CWE-264

Medium

CVE-2007-6209

Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVSS: 4.6CWE: CWE-264

2007-12-03

Medium

CVE-2006-7226

Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a name…

CVSS: 4.3CWE: N/A