| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-1896 | 0.03 | — | 0.02 | Apr 9, 2007 | Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie. | |||
| CVE-2007-1897 | 0.00 | — | 0.07 | Apr 9, 2007 | SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable. | |||
| CVE-2007-0956 | 0.02 | — | 0.30 | Apr 6, 2007 | The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882. | |||
| CVE-2007-0957 | 0.01 | — | 0.10 | Apr 6, 2007 | Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the… | |||
| CVE-2007-1003 | 0.00 | — | 0.05 | Apr 6, 2007 | Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in… | |||
| CVE-2007-1216 | 0.01 | — | 0.10 | Apr 6, 2007 | Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to… | |||
| CVE-2007-1351 | 0.00 | — | 0.06 | Apr 6, 2007 | Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. | |||
| CVE-2007-1352 | 0.00 | — | 0.02 | Apr 6, 2007 | Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | |||
| CVE-2007-1680 | 0.01 | — | 0.08 | Apr 6, 2007 | Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before 20070313 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties. | |||
| CVE-2007-1684 | 0.00 | — | 0.05 | Apr 6, 2007 | The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments. | |||
| CVE-2007-1882 | 0.03 | — | 0.06 | Apr 6, 2007 | qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method. | |||
| CVE-2007-1883 | 0.00 | — | 0.01 | Apr 6, 2007 | PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which… | |||
| CVE-2007-1884 | 0.00 | — | 0.03 | Apr 6, 2007 | Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function… | |||
| CVE-2007-1885 | 0.00 | — | 0.04 | Apr 6, 2007 | Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. … | |||
| CVE-2007-1886 | 0.00 | — | 0.02 | Apr 6, 2007 | Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow." | |||
| CVE-2007-1887 | 0.00 | — | 0.05 | Apr 6, 2007 | Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the… | |||
| CVE-2007-1888 | 0.00 | — | 0.03 | Apr 6, 2007 | Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a… | |||
| CVE-2007-1889 | 0.00 | — | 0.03 | Apr 6, 2007 | Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a… | |||
| CVE-2007-1890 | 0.04 | — | 0.08 | Apr 6, 2007 | Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff. | |||
| CVE-2007-0445 | 0.01 | — | 0.09 | Apr 6, 2007 | Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary… | |||
| CVE-2007-1001 | 0.04 | — | 0.08 | Apr 6, 2007 | Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or… | |||
| CVE-2007-1112 | 0.00 | — | 0.05 | Apr 6, 2007 | Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted… | |||
| CVE-2007-1270 | 0.00 | — | 0.03 | Apr 6, 2007 | Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors. | |||
| CVE-2007-1271 | 0.00 | — | 0.00 | Apr 6, 2007 | Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors. | |||
| CVE-2007-1878 | 0.00 | — | 0.05 | Apr 6, 2007 | Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the… | |||
| CVE-2007-1879 | 0.00 | — | 0.03 | Apr 6, 2007 | The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that… | |||
| CVE-2007-1880 | 0.00 | — | 0.00 | Apr 6, 2007 | Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via… | |||
| CVE-2007-1881 | 0.03 | — | 0.01 | Apr 6, 2007 | Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors. | |||
| CVE-2006-5586 | 0.03 | — | 0.03 | Apr 4, 2007 | The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability." | |||
| CVE-2007-1211 | 0.06 | — | 0.31 | Apr 4, 2007 | Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid… | |||
| CVE-2007-1212 | 0.03 | — | 0.02 | Apr 4, 2007 | Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file. | |||
| CVE-2007-1213 | 0.03 | — | 0.04 | Apr 4, 2007 | The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer. | |||
| CVE-2007-1215 | 0.03 | — | 0.03 | Apr 4, 2007 | Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images. | |||
| CVE-2007-1866 | 0.04 | — | 0.10 | Apr 4, 2007 | Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465. | |||
| CVE-2007-1867 | 0.04 | — | 0.08 | Apr 4, 2007 | Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file. | |||
| CVE-2007-1868 | 0.08 | — | 0.59 | Apr 4, 2007 | The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted… | |||
| CVE-2007-0242 | 0.00 | — | 0.02 | Apr 3, 2007 | The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous… | |||
| CVE-2007-1842 | 0.04 | — | 0.07 | Apr 3, 2007 | Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue… | |||
| CVE-2007-1843 | 0.03 | — | 0.03 | Apr 3, 2007 | PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter. | |||
| CVE-2007-1844 | 0.00 | — | 0.02 | Apr 3, 2007 | Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsites PHP 5 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) button/settings_sql.php, (2) settings_sql.php, and (3) sources/misc/new_day.php. | |||
| CVE-2007-1845 | 0.03 | — | 0.01 | Apr 3, 2007 | SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the m_month parameter. | |||
| CVE-2007-1846 | 0.03 | — | 0.02 | Apr 3, 2007 | SQL injection vulnerability in index.php in the MyAds 2.04jp and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter, different vectors than CVE-2006-3341. | |||
| CVE-2007-1847 | 0.03 | — | 0.01 | Apr 3, 2007 | SQL injection vulnerability in viewcat.php in the Repository module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||
| CVE-2007-1848 | 0.00 | — | 0.01 | Apr 3, 2007 | Cross-site scripting (XSS) vulnerability in admin/classes/ui.dta.php in Drake CMS allows remote attackers to inject arbitrary web script or HTML via the desc[][title] field. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not… | |||
| CVE-2007-1849 | 0.03 | — | 0.02 | Apr 3, 2007 | Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has… | |||
| CVE-2007-1850 | 0.00 | — | 0.01 | Apr 3, 2007 | Directory traversal vulnerability in classes/captcha/captcha.jpg.php in Drake CMS allows remote attackers to read arbitrary files or list arbitrary directories, and obtain the installation path, via a .. (dot dot) in the d_private parameter. NOTE: Drake CMS has only a beta… | |||
| CVE-2007-1851 | 0.04 | — | 0.06 | Apr 3, 2007 | Multiple directory traversal vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the __class parameter to (1) Controller_v4.php or (2) Controller_v5.php. | |||
| CVE-2007-1852 | 0.00 | — | 0.01 | Apr 3, 2007 | Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the lang_filename parameter to (1) index.php or (2) backupdb.inc.php in admin/, or other unspecified files, different vectors than CVE-2006-5505.… | |||
| CVE-2007-1853 | 0.00 | — | 0.01 | Apr 3, 2007 | Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors. | |||
| CVE-2007-1854 | 0.00 | — | 0.01 | Apr 3, 2007 | Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus… |
- CVE-2007-1896Apr 9, 2007risk 0.03cvss —epss 0.02
Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie.
- CVE-2007-1897Apr 9, 2007risk 0.00cvss —epss 0.07
SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable.
- CVE-2007-0956Apr 6, 2007risk 0.02cvss —epss 0.30
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
- CVE-2007-0957Apr 6, 2007risk 0.01cvss —epss 0.10
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the…
- CVE-2007-1003Apr 6, 2007risk 0.00cvss —epss 0.05
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in…
- CVE-2007-1216Apr 6, 2007risk 0.01cvss —epss 0.10
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to…
- CVE-2007-1351Apr 6, 2007risk 0.00cvss —epss 0.06
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
- CVE-2007-1352Apr 6, 2007risk 0.00cvss —epss 0.02
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
- CVE-2007-1680Apr 6, 2007risk 0.01cvss —epss 0.08
Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before 20070313 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties.
- CVE-2007-1684Apr 6, 2007risk 0.00cvss —epss 0.05
The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments.
- CVE-2007-1882Apr 6, 2007risk 0.03cvss —epss 0.06
qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method.
- CVE-2007-1883Apr 6, 2007risk 0.00cvss —epss 0.01
PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which…
- CVE-2007-1884Apr 6, 2007risk 0.00cvss —epss 0.03
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function…
- CVE-2007-1885Apr 6, 2007risk 0.00cvss —epss 0.04
Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. …
- CVE-2007-1886Apr 6, 2007risk 0.00cvss —epss 0.02
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
- CVE-2007-1887Apr 6, 2007risk 0.00cvss —epss 0.05
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the…
- CVE-2007-1888Apr 6, 2007risk 0.00cvss —epss 0.03
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a…
- CVE-2007-1889Apr 6, 2007risk 0.00cvss —epss 0.03
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a…
- CVE-2007-1890Apr 6, 2007risk 0.04cvss —epss 0.08
Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff.
- CVE-2007-0445Apr 6, 2007risk 0.01cvss —epss 0.09
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary…
- CVE-2007-1001Apr 6, 2007risk 0.04cvss —epss 0.08
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or…
- CVE-2007-1112Apr 6, 2007risk 0.00cvss —epss 0.05
Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted…
- CVE-2007-1270Apr 6, 2007risk 0.00cvss —epss 0.03
Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors.
- CVE-2007-1271Apr 6, 2007risk 0.00cvss —epss 0.00
Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors.
- CVE-2007-1878Apr 6, 2007risk 0.00cvss —epss 0.05
Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the…
- CVE-2007-1879Apr 6, 2007risk 0.00cvss —epss 0.03
The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that…
- CVE-2007-1880Apr 6, 2007risk 0.00cvss —epss 0.00
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via…
- CVE-2007-1881Apr 6, 2007risk 0.03cvss —epss 0.01
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
- CVE-2006-5586Apr 4, 2007risk 0.03cvss —epss 0.03
The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."
- CVE-2007-1211Apr 4, 2007risk 0.06cvss —epss 0.31
Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid…
- CVE-2007-1212Apr 4, 2007risk 0.03cvss —epss 0.02
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file.
- CVE-2007-1213Apr 4, 2007risk 0.03cvss —epss 0.04
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
- CVE-2007-1215Apr 4, 2007risk 0.03cvss —epss 0.03
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.
- CVE-2007-1866Apr 4, 2007risk 0.04cvss —epss 0.10
Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465.
- CVE-2007-1867Apr 4, 2007risk 0.04cvss —epss 0.08
Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.
- CVE-2007-1868Apr 4, 2007risk 0.08cvss —epss 0.59
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted…
- CVE-2007-0242Apr 3, 2007risk 0.00cvss —epss 0.02
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous…
- CVE-2007-1842Apr 3, 2007risk 0.04cvss —epss 0.07
Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue…
- CVE-2007-1843Apr 3, 2007risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter.
- CVE-2007-1844Apr 3, 2007risk 0.00cvss —epss 0.02
Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsites PHP 5 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) button/settings_sql.php, (2) settings_sql.php, and (3) sources/misc/new_day.php.
- CVE-2007-1845Apr 3, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the m_month parameter.
- CVE-2007-1846Apr 3, 2007risk 0.03cvss —epss 0.02
SQL injection vulnerability in index.php in the MyAds 2.04jp and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter, different vectors than CVE-2006-3341.
- CVE-2007-1847Apr 3, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in viewcat.php in the Repository module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter.
- CVE-2007-1848Apr 3, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in admin/classes/ui.dta.php in Drake CMS allows remote attackers to inject arbitrary web script or HTML via the desc[][title] field. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not…
- CVE-2007-1849Apr 3, 2007risk 0.03cvss —epss 0.02
Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has…
- CVE-2007-1850Apr 3, 2007risk 0.00cvss —epss 0.01
Directory traversal vulnerability in classes/captcha/captcha.jpg.php in Drake CMS allows remote attackers to read arbitrary files or list arbitrary directories, and obtain the installation path, via a .. (dot dot) in the d_private parameter. NOTE: Drake CMS has only a beta…
- CVE-2007-1851Apr 3, 2007risk 0.04cvss —epss 0.06
Multiple directory traversal vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the __class parameter to (1) Controller_v4.php or (2) Controller_v5.php.
- CVE-2007-1852Apr 3, 2007risk 0.00cvss —epss 0.01
Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the lang_filename parameter to (1) index.php or (2) backupdb.inc.php in admin/, or other unspecified files, different vectors than CVE-2006-5505.…
- CVE-2007-1853Apr 3, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors.
- CVE-2007-1854Apr 3, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus…