CVE List - 2007 / October
Showing 101 - 200 of 970 CVEs for October 2007 (Page 2 of 10)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2007-5241 | 2007-10-06 | Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All"... |
| CVE-2007-5242 | 2007-10-06 | Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which... |
| CVE-2007-5243 | 2007-10-06 | Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request... |
| CVE-2007-5244 | 2007-10-06 | Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request... |
| CVE-2007-5245 | 2007-10-06 | Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on... |
| CVE-2007-5246 | 2007-10-06 | Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855, and WI 2.0.0.12748 and 2.0.1.12855, allow remote attackers to execute arbitrary code via (1) a long attach request on TCP... |
| CVE-2007-5247 | 2007-10-06 | Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter Assault Recon (F.E.A.R.) 1.08 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute... |
| CVE-2007-5248 | 2007-10-06 | Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when... |
| CVE-2007-5249 | 2007-10-06 | Multiple buffer overflows in the logging function in the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allow... |
| CVE-2007-5250 | 2007-10-06 | The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allows remote attackers to... |
| CVE-2007-5251 | 2007-10-06 | Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or... |
| CVE-2007-5252 | 2007-10-06 | Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary... |
| CVE-2007-5253 | 2007-10-06 | c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte (%00) sequence followed by... |
| CVE-2007-5254 | 2007-10-06 | VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation directory, which allows local users to gain privileges by replacing application programs, as demonstrated by replacing vba32ldr.exe. |
| CVE-2007-5255 | 2007-10-06 | Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attackers to inject arbitrary web script or HTML via the ie parameter to the /search URI. |
| CVE-2007-5256 | 2007-10-06 | Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow (1) remote attackers to execute arbitrary code via a long HELP command... |
| CVE-2007-5257 | 2007-10-06 | Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the... |
| CVE-2007-5258 | 2007-10-06 | PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha 0.2.0 allows remote attackers to include and execute arbitrary files via unspecified vectors. NOTE: the original disclosure is likely erroneous. |
| CVE-2007-5259 | 2007-10-06 | Cross-site request forgery (CSRF) vulnerability in Ilient SysAid 4.5.03 and 4.5.04 allows remote attackers to perform some actions as administrators, as demonstrated by changing the administrator password. NOTE: the provenance... |
| CVE-2007-5260 | 2007-10-06 | ASP-CMS 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request... |
| CVE-2007-5261 | 2007-10-06 | Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php. |
| CVE-2004-2688 | 2007-10-06 | Cross-site scripting (XSS) vulnerability in index.php in NewsPHP allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter. NOTE: this issue might overlap vector 3 in... |
| CVE-2004-2689 | 2007-10-06 | NewsPHP allows remote attackers to gain unauthorized administrative access by setting a cookie to the "autorized=admin; root=admin" value. |
| CVE-2004-2690 | 2007-10-06 | Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files. |
| CVE-2004-2691 | 2007-10-06 | Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the... |
| CVE-2004-2692 | 2007-10-06 | The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled... |
| CVE-2004-2693 | 2007-10-06 | HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/. |
| CVE-2004-2694 | 2007-10-06 | Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with... |
| CVE-2001-1584 | 2007-10-06 | CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field. |
| CVE-2001-1585 | 2007-10-06 | SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the... |
| CVE-2004-2695 | 2007-10-06 | SQL injection vulnerability in the Authorize.net callback code (subscriptions/authorize.php) in Jelsoft vBulletin 3.0 through 3.0.3 allows remote attackers to execute arbitrary SQL statements via the x_invoice_num parameter. NOTE: this issue... |
| CVE-2004-2696 | 2007-10-06 | BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different... |
| CVE-2004-2697 | 2007-10-06 | The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file).... |
| CVE-2004-2698 | 2007-10-06 | Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via... |
| CVE-2004-2699 | 2007-10-06 | deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter. |
| CVE-2004-2701 | 2007-10-06 | Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter. |
| CVE-2004-2702 | 2007-10-06 | Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the login_name parameter. NOTE: this might be... |
| CVE-2004-2703 | 2007-10-06 | Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted... |
| CVE-2004-2704 | 2007-10-06 | Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline... |
| CVE-2004-2705 | 2007-10-06 | Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets. |
| CVE-2004-2707 | 2007-10-06 | Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP server responses. |
| CVE-2004-2713 | 2007-10-06 | Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder... |
| CVE-2004-2714 | 2007-10-06 | Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability. |
| CVE-2004-2715 | 2007-10-06 | edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false. |
| CVE-2004-2716 | 2007-10-06 | Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.14.5 allow remote attackers to execute arbitrary SQL commands via the (1) sortBy, (2) sortOrder, (3) startReg, (4) U, (5) LastCheck ,... |
| CVE-2004-2717 | 2007-10-06 | Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the (1) sheet and (2)... |
| CVE-2004-2719 | 2007-10-06 | Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue... |
| CVE-2004-2720 | 2007-10-06 | Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter. |
| CVE-2004-2721 | 2007-10-06 | The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key... |
| CVE-2004-2722 | 2007-10-06 | Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue |
| CVE-2004-2723 | 2007-10-06 | NessusWX 1.4.4 stores account passwords in plaintext in .session files, which allows local users to obtain passwords. |
| CVE-2004-2724 | 2007-10-06 | LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a... |
| CVE-2004-2725 | 2007-10-06 | Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email... |
| CVE-2005-4863 | 2007-10-06 | Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter. |
| CVE-2005-4864 | 2007-10-06 | Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable. |
| CVE-2005-4865 | 2007-10-06 | Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname. |
| CVE-2005-4866 | 2007-10-06 | Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and... |
| CVE-2005-4867 | 2007-10-06 | Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. |
| CVE-2005-4868 | 2007-10-06 | Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive... |
| CVE-2005-4869 | 2007-10-06 | The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter,... |
| CVE-2005-4870 | 2007-10-06 | Stack-based buffer overflows in the (1) xmlvarcharfromfile, (2) xmlclobfromfile, (3) xmlfilefromvarchar, and (4) xmlfilefromclob function calls in IBM DB2 8.1 allow remote attackers to execute arbitrary code via a 94-byte... |
| CVE-2005-4871 | 2007-10-06 | Certain XML functions in IBM DB2 8.1 run with the privileges of DB2 instead of the logged-in user, which allows remote attackers to create or overwrite files via (1) XMLFileFromVarchar... |
| CVE-2004-2700 | 2007-10-06 | Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx. |
| CVE-2004-2706 | 2007-10-06 | Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. |
| CVE-2004-2708 | 2007-10-06 | Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file. |
| CVE-2004-2709 | 2007-10-06 | Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving... |
| CVE-2004-2710 | 2007-10-06 | Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending... |
| CVE-2004-2711 | 2007-10-06 | Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval." |
| CVE-2004-2712 | 2007-10-06 | Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data." |
| CVE-2004-2718 | 2007-10-06 | PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request. |
| CVE-2007-4924 | 2007-10-08 | The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an... |
| CVE-2007-5262 | 2007-10-08 | Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username, (2) password, and (3) nickname... |
| CVE-2007-5263 | 2007-10-08 | Multiple buffer overflows in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via (1) a crafted "0x5c" packet or (2) many 32-bit numbers in a "0x18"... |
| CVE-2007-5264 | 2007-10-08 | Battlefront Dropteam 1.3.3 and earlier sends the client's online account name and password to the game server, which allows malicious game servers to steal account information. |
| CVE-2007-5265 | 2007-10-08 | Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username or... |
| CVE-2007-5266 | 2007-10-08 | Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial... |
| CVE-2007-5267 | 2007-10-08 | Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a... |
| CVE-2007-5268 | 2007-10-08 | pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of... |
| CVE-2007-5269 | 2007-10-08 | Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3)... |
| CVE-2007-5270 | 2007-10-08 | Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via... |
| CVE-2007-5271 | 2007-10-08 | Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to... |
| CVE-2007-5272 | 2007-10-08 | SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action. |
| CVE-2007-5273 | 2007-10-08 | Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK... |
| CVE-2007-5274 | 2007-10-08 | Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK... |
| CVE-2007-5275 | 2007-10-08 | The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of... |
| CVE-2007-5276 | 2007-10-08 | Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port... |
| CVE-2007-5277 | 2007-10-08 | Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by... |
| CVE-2007-5278 | 2007-10-08 | Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to download files that were uploaded by users, as demonstrated... |
| CVE-2007-5279 | 2007-10-09 | Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 might allow remote attackers to execute arbitrary code via a long filename in a BlackHole archive. |
| CVE-2007-5280 | 2007-10-09 | Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in AppFuse before 2.0 Final allow remote attackers to inject arbitrary web script or HTML via unspecified input that is recorded in (1)... |
| CVE-2007-5281 | 2007-10-09 | The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus Developer's Kit for Java in various Hitachi Cosminexus 7.5 products before 07-50-01, when using JSSE for SSL/TLS support, allows remote... |
| CVE-2007-5282 | 2007-10-09 | Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library Standard and Web Edition 04-00 and 04-01, might allow remote attackers to cause a denial of service (agent process crash) via... |
| CVE-2007-5283 | 2007-10-09 | The TSC Domain Manager in Hitachi TPBroker Object Transaction Monitor and Cosminexus TPBroker Object Transaction Monitor 01-00 through 03-00 might allow attackers to cause a denial of service (crash) via... |
| CVE-2004-2727 | 2007-10-09 | Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request. |
| CVE-2004-2728 | 2007-10-09 | Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the... |
| CVE-2004-2729 | 2007-10-09 | Inetd32 Administration Tool of Hummingbird Connectivity 7.1 and 9.0 allows local users to execute arbitrary code by changing the program for handling incoming connections. |
| CVE-2004-2730 | 2007-10-09 | Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7)... |
| CVE-2004-2731 | 2007-10-09 | Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary... |
| CVE-2004-2732 | 2007-10-09 | nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the cmd=test option, which can be leveraged to determine the access key. |
| CVE-2004-2733 | 2007-10-09 | Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to (1) block arbitrary IP addresses via pop_up_ip_blocking.asp or (2) modify topics via pop_up_topic_admin.asp. |