U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

TLP:WHITE

Bulletin (SB07-232)

Vulnerability Summary for the Week of August 13, 2007

Original release date: August 20, 2007

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

">

High Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Apache -- TomcatApache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
unknown
2007-08-14
10.0CVE-2007-3382
BUGTRAQ
BUGTRAQ
OTHER-REF
CERT-VN
Apache -- TomcatApache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
unknown
2007-08-14
10.0CVE-2007-3385
BUGTRAQ
CERT-VN
Article Dashboard -- Article DashboardSQL injection vulnerability in article.php in Article Dashboard, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-08-14
7.5CVE-2007-4332
SECUNIA
ESRI -- ArcGISStack-based buffer overflow in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call.
unknown
2007-08-15
7.5CVE-2007-4278
IDEFENSE
fedoraproject -- CommonsFedora Commons before 2.2.1 does not properly handle certain authentication requests involving Java Naming and Directory Interface (JNDI), related to (1) a nonexistent account name in combination with an empty password, which allows remote attackers to trigger a certain "unexpected / strange response," and (2) a reauthentication attempt that throws an exception, which allows remote attackers to trigger use of a cached authentication decision. NOTE: authentication can be bypassed by using vector 1 followed by vector 2, and possibly can be bypassed by using a single vector.
unknown
2007-08-15
8.5CVE-2007-4364
OTHER-REF
OTHER-REF
SECUNIA
Haudenschilt -- Family Connectionsindex.php in Ryan Haudenschilt Family Connections (FCMS) 0.6 and earlier allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter.
unknown
2007-08-14
7.5CVE-2007-4338
BUGTRAQ
BID
SECUNIA
IBM -- AIXBuffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
unknown
2007-08-14
7.2CVE-2007-4354
OTHER-REF
AIXAPAR
AIXAPAR
BID
SECTRACK
SECUNIA
IBM -- AIXBuffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
unknown
2007-08-14
7.2CVE-2007-4355
OTHER-REF
BID
Microsoft -- Virtual Server
Microsoft -- Virtual PC for Mac
Microsoft -- Virtual PC
Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components."
unknown
2007-08-14
9.3CVE-2007-0948
MS
BID
SECTRACK
SECUNIA
Microsoft -- Internet ExplorerInteger underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX.DLL), as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer size, which triggers a heap-based buffer overflow.
unknown
2007-08-14
9.3CVE-2007-1749
BUGTRAQ
OTHER-REF
MS
CERT-VN
BID
SECTRACK
SECUNIA
Microsoft -- Internet ExplorerUnspecified vulnerability in the tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to an incorrect IObjectsafety implementation and Microsoft Visual Basic 6 objects, aka "ActiveX Object Vulnerability."
unknown
2007-08-14
7.5CVE-2007-2216
Microsoft -- XML Core ServicesUnspecified vulnerability in Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
unknown
2007-08-14
9.3CVE-2007-2223
MS
Microsoft -- Office
Microsoft -- Visual Basic
Unspecified vulnerability in Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and Sp2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
unknown
2007-08-14
9.3CVE-2007-2224
MS
Microsoft -- windowsUnspecified vulnerability in the Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted image.
unknown
2007-08-14
9.3CVE-2007-3034
MS
Microsoft -- Media PlayerUnspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information.
unknown
2007-08-14
7.6CVE-2007-3035
MS
Microsoft -- Media PlayerUnspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression.
unknown
2007-08-14
7.6CVE-2007-3037
MS
Microsoft -- Internet ExplorerUnspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka " ActiveX Object Memory Corruption Vulnerability."
unknown
2007-08-14
9.3CVE-2007-3041
MS
Microsoft -- Office
Microsoft -- Excel
Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.
unknown
2007-08-14
9.3CVE-2007-3890
MS
Microsoft -- Internet ExplorerMicrosoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) .html, or (3) .mht file.
unknown
2007-08-14
9.3CVE-2007-4356
OTHER-REF
SECUNIA
Ncaster -- NcasterPHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter.
unknown
2007-08-13
7.5CVE-2007-4320
MILW0RM
BID
XF
Netgear -- ReadyNAS RAIDiatorNETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.
unknown
2007-08-15
10.0CVE-2007-4361
BUGTRAQ
OTHER-REF
OTHER-REF
OTHER-REF
BID
SECUNIA
Omnistar -- Lib2 PHP LibraryPHP remote file inclusion vulnerability in adm/my_statistics.php in Omnistar Lib2 PHP 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
unknown
2007-08-14
7.5CVE-2007-4341
BUGTRAQ
BID
Opera Software -- Opera Web BrowserOpera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
unknown
2007-08-15
9.3CVE-2007-4367
OTHER-REF
BID
SECUNIA
Php Blue Dragon -- Php Blue Dragon CMSSQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a "print articles" action.
unknown
2007-08-13
7.5CVE-2007-4312
MILW0RM
BID
PHPCentral -- Poll ScriptMultiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php.
unknown
2007-08-14
7.5CVE-2007-4339
BUGTRAQ
PHPCentral -- LoginPHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter.
unknown
2007-08-14
7.5CVE-2007-4342
BUGTRAQ
phpDVD -- phpDVDPHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvd_config_file parameter.
unknown
2007-08-14
7.5CVE-2007-4340
BUGTRAQ
Racer -- RacerMultiple buffer overflows in the (1) client and (2) server in Racer 0.5.3 beta 5 allow remote attackers to execute arbitrary code via a long string to UDP port 26000.
unknown
2007-08-15
7.5CVE-2007-4370
MILW0RM
BID

Back to top

Medium Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
AC Zoom -- BlockHostsBlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
unknown
2007-08-13
6.8CVE-2007-4322
OTHER-REF
OTHER-REF
Adobe -- FlashActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0 allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then using timing discrepancies from the SecurityErrorEvent error to determine whether a host is open or not.
unknown
2007-08-13
5.0CVE-2007-4324
BUGTRAQ
Apache -- TomcatCross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests.
unknown
2007-08-14
4.3CVE-2007-3386
BUGTRAQ
OTHER-REF
Article Dashboard -- Article DashboardMultiple cross-site scripting (XSS) vulnerabilities in signup.php in Article Dashboard allow remote attackers to inject arbitrary web script or HTML via the (1) f_emailaddress, (2) f_reemailaddress, and other unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-08-14
4.3CVE-2007-4333
SECUNIA
Aspindir -- Dersimiz Haber Ekleme ModuluMultiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information.
unknown
2007-08-10
4.3CVE-2007-4297
OTHER-REF
SECUNIA
ATI Technologies -- Display DriverThe AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
unknown
2007-08-13
6.9CVE-2007-4315
OTHER-REF
OTHER-REF
BID
Cerb -- CerbNGMultiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
unknown
2007-08-13
6.2CVE-2007-4303
OTHER-REF
BID
Cerb -- CerbNGCerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".
unknown
2007-08-13
6.2CVE-2007-4304
OTHER-REF
CTW Design -- FindNixPHP remote file inclusion vulnerability in index.php in FindNix allows remote attackers to include the contents of arbitrary URLs and conduct cross-site scripting (XSS) attacks via a URL in the page parameter.
unknown
2007-08-13
4.3CVE-2007-4331
BUGTRAQ
Dell -- Remote Access CardUnspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with firmware 1.50 Build 02.16 allows remote attackers to cause a denial of service (SSH daemon crash) via certain network traffic, as demonstrated by an "nmap -O" scan with nmap 4.03, possibly related to a Mocana (Mocanada) SSH vulnerability.
unknown
2007-08-15
4.3CVE-2007-4360
BUGTRAQ
BUGTRAQ
BID
DenyHosts -- DenyHostsDenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
unknown
2007-08-13
6.8CVE-2007-4323
OTHER-REF
Diskeeper -- DiskeeperThe administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address.
unknown
2007-08-16
5.8CVE-2007-4375
FULLDISC
BID
SECUNIA
XF
XF
Drupal -- Content Construction KitMultiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Construction Kit (CCK) before 4.7.x-1.6, and 5.x before 5.x-1.6 ,allow remote attackers to inject arbitrary web script or HTML via nodereference fields, when using (1) the plain formatter or (2) the autocomplete text field widget without Views.module.
unknown
2007-08-15
4.3CVE-2007-4363
OTHER-REF
OTHER-REF
OTHER-REF
SECUNIA
exV2 -- Content Management SystemCross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a set_lang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965.
unknown
2007-08-15
4.3CVE-2007-4365
BUGTRAQ
OTHER-REF
Fail2Ban -- Fail2Banfail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
unknown
2007-08-13
6.8CVE-2007-4321
OTHER-REF
GENTOO
freshmeat -- sysstatThe init script (sysstat.in) in sysstat creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code.
unknown
2007-08-14
4.4CVE-2007-3852
OTHER-REF
freshmeat -- Generic Software Wrappers ToolkitMultiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing.
unknown
2007-08-13
6.2CVE-2007-4302
OTHER-REF
BID
Hotscripts -- Neuron BlogUnrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/.
unknown
2007-08-15
6.8CVE-2007-4371
BUGTRAQ
XF
IBM -- AIXMultiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.
unknown
2007-08-14
6.9CVE-2007-4353
OTHER-REF
AIXAPAR
AIXAPAR
BID
SECTRACK
SECUNIA
IBM -- Rational ClearQuestSQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command.
unknown
2007-08-15
6.8CVE-2007-4368
BUGTRAQ
MILW0RM
BID
Lenovo -- Access Support
Lenovo -- Automated Solutions
The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), does not properly validate digital signatures of downloaded software, which makes it easier for remote attackers to spoof a download.
unknown
2007-08-15
5.8CVE-2007-2240
OTHER-REF
MS
CERT-VN
BID
Lenovo -- Access Support
Lenovo -- Automated Solutions
Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via format string specifiers in unknown data.
unknown
2007-08-15
5.8CVE-2007-2928
OTHER-REF
MS
CERT-VN
BID
Lenovo -- Access Support
Lenovo -- Automated Solutions
The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), exposes unsafe methods to arbitrary web domains, which allows remote attackers to download arbitrary code onto a client system and execute this code.
unknown
2007-08-15
5.8CVE-2007-2929
OTHER-REF
MS
CERT-VN
BID
Linux -- KernelThe xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 does not properly perform reseed operations, which has unknown impact and attack vectors. NOTE: some of these details are obtained from third party information.
unknown
2007-08-13
6.8CVE-2007-4311
OTHER-REF
FRSIRT
Mapos Scripts -- GaestebuchPHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter.
unknown
2007-08-13
6.8CVE-2007-4325
BUGTRAQ
BID
Mapos Scripts -- Bilder UploaderMultiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts.
unknown
2007-08-13
6.8CVE-2007-4326
BUGTRAQ
Mapos Scripts -- File UploaderMultiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php.
unknown
2007-08-13
6.8CVE-2007-4327
BUGTRAQ
BID
Mapos Scripts -- Bilder GalerieMultiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) galerie.php, or (3) anzagien.php.
unknown
2007-08-13
6.8CVE-2007-4328
BUGTRAQ
BID
Mapos Scripts -- Web NewsMultiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
unknown
2007-08-13
6.8CVE-2007-4329
BUGTRAQ
BID
Mapos Scripts -- ShoutboxPHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
unknown
2007-08-13
6.8CVE-2007-4330
BUGTRAQ
BID
Microsoft -- Internet ExplorerUnspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing.
unknown
2007-08-14
6.8CVE-2007-0943
MS
Microsoft -- windowsUnspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported.
unknown
2007-08-14
6.8CVE-2007-3032
BID
SECTRACK
SECUNIA
Microsoft -- windowsUnspecified vulnerability in Windows Vista Feed Headlines Gadgets in Windows Vista allows remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes.
unknown
2007-08-14
6.8CVE-2007-3033
MS
BID
SECTRACK
SECUNIA
Microsoft -- windowsUnspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.
unknown
2007-08-14
6.8CVE-2007-3891
MS
BID
SECTRACK
SECUNIA
Microsoft -- DirectX MediaBuffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.
unknown
2007-08-14
4.3CVE-2007-4336
MILW0RM
CERT-VN
FRSIRT
SECUNIA
Motive Incorporated -- Self Service Manager
Motive Incorporated -- Service Activation Manager
Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors.
unknown
2007-08-15
6.8CVE-2007-0319
OTHER-REF
MS
CERT-VN
BID
Mozilla -- FirefoxMozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.
unknown
2007-08-14
5.0CVE-2007-4357
BUGTRAQ
BUGTRAQ
BUGTRAQ
BUGTRAQ
BUGTRAQ
OTHER-REF
OTHER-REF
NetWin -- SurgeMailStack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372.
unknown
2007-08-16
6.0CVE-2007-4377
FULLDISC
MILW0RM
BID
FRSIRT
SECUNIA
XF
Php Blue Dragon -- Php Blue Dragon CMSPHP remote file inclusion vulnerability in public_includes/pub_blocks/activecontent.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, a different vector than CVE-2006-2392, CVE-2006-3076, and CVE-2006-6958.
unknown
2007-08-13
6.8CVE-2007-4313
MILW0RM
BID
PHP-Stats -- PHP-StatsCross-site scripting (XSS) vulnerability in whois.php in Php-stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the IP parameter.
unknown
2007-08-14
4.3CVE-2007-4334
BUGTRAQ
BID
SECUNIA
phpMyAdmin -- phpMyAdminMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7.
unknown
2007-08-13
4.3CVE-2007-4306
OTHER-REF
Pixlie -- Pixliepixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the root parameter. NOTE: this can be leveraged for traffic amplification or other denial of service.
unknown
2007-08-13
6.8CVE-2007-4314
MILW0RM
ProZIlla -- WebringSQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2007-08-15
6.8CVE-2007-4362
MILW0RM
BID
SECUNIA
Qbik -- WinGateFormat string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging.
unknown
2007-08-14
5.0CVE-2007-4335
BUGTRAQ
OTHER-REF
OTHER-REF
BID
SECUNIA
XF
RndLabs -- Babo ViolentThe server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes.
unknown
2007-08-16
6.8CVE-2007-4373
BUGTRAQ
OTHER-REF
RndLabs -- Babo ViolentBabo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, which allows remote authenticated users to spoof messages.
unknown
2007-08-16
4.0CVE-2007-4374
BUGTRAQ
OTHER-REF
RndLabs -- Babo ViolentMultiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login.
unknown
2007-08-16
6.8CVE-2007-4378
BUGTRAQ
OTHER-REF
BID
SECUNIA
RndLabs -- Babo ViolentBabo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size.
unknown
2007-08-16
4.3CVE-2007-4379
BUGTRAQ
OTHER-REF
BID
SECUNIA
Rsync -- RsyncMultiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.
unknown
2007-08-15
6.8CVE-2007-4091
OTHER-REF
OTHER-REF
BID
SkilMatch Staffing Systems -- JobLister3Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.
unknown
2007-08-15
6.8CVE-2007-4359
BUGTRAQ
BID
SOTE -- SOTEeSKLEPDirectory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
unknown
2007-08-15
5.0CVE-2007-4369
BUGTRAQ
BUGTRAQ
MILW0RM
BID
XF
Storesprite -- StorespriteMultiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/.
unknown
2007-08-13
4.3CVE-2007-4307
OTHER-REF
Streamripper -- StreamripperBuffer overflow in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allows remote attackers to execute arbitrary code via long HTTP headers, a different vulnerability than CVE-2006-3124.
unknown
2007-08-14
4.3CVE-2007-4337
OTHER-REF
OTHER-REF
BID
SECUNIA
Sun -- SolarisThe finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503.
unknown
2007-08-13
4.3CVE-2007-4310
BUGTRAQ
BUGTRAQ
Symantec -- Altiris Deployment Solution 6Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer.
unknown
2007-08-16
6.6CVE-2007-4380
OTHER-REF
BID
FRSIRT
SECTRACK
SECUNIA
Szymon Kosok -- Best Top ListUnrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/.
unknown
2007-08-16
6.8CVE-2007-4376
BUGTRAQ
BID
XF
Todd Miller -- Sudo
Sysjail -- Sysjail
Systrace -- Systrace
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
unknown
2007-08-13
6.2CVE-2007-4305
OTHER-REF
BID
WebCart -- WebCartMultiple cross-site scripting (XSS) vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2007-08-13
4.3CVE-2007-4301
OTHER-REF
OTHER-REF
BID
SECUNIA
Wengo -- WengoPhoneWengoPhone 2.1 allows remote attackers to cause a denial of service (device crash) via a SIP INVITE message without a Content-Type header.
unknown
2007-08-15
5.0CVE-2007-4366
BUGTRAQ
MILW0RM
BID
XF
Zoidcom -- ZoidcomZoidcom 0.6.7 and earlier allows remote attackers to cause a denial of service (application crash) via a JOIN packet (aka connection packet) containing 0x69 in the ninth byte, which triggers a "double-delete" of trace data, a different vulnerability than CVE-2005-1643.
unknown
2007-08-15
4.3CVE-2007-4358
BUGTRAQ
OTHER-REF
BID
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions.
unknown
2007-08-13
4.3CVE-2007-4316
BUGTRAQ
OTHER-REF
XF
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters.
unknown
2007-08-13
4.3CVE-2007-4317
BUGTRAQ
OTHER-REF
BID
XF
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
Cross-site scripting (XSS) vulnerability in Forms/General_1 in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter.
unknown
2007-08-13
4.3CVE-2007-4318
BUGTRAQ
OTHER-REF
BID
XF
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service (infinite reboot loop) via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF; if so, then it should not be included in CVE.
unknown
2007-08-13
4.0CVE-2007-4319
BUGTRAQ
OTHER-REF
BID

Back to top

Low Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Adaptec -- AACRAID controllerThe (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.
unknown
2007-08-13
1.9CVE-2007-4308
OTHER-REF
OTHER-REF
BID
FRSIRT
SECUNIA
IBM -- Lotus NotesIBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.
unknown
2007-08-13
3.5CVE-2007-4309
OTHER-REF
OTHER-REF
SECTRACK
Linux -- KernelLinux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).
unknown
2007-08-14
1.9CVE-2007-3848
MLIST
OTHER-REF
Linux -- KernelThe drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer.
unknown
2007-08-13
1.0CVE-2007-3851
OTHER-REF
SECUNIA
NetWin -- SurgeMailUnspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
unknown
2007-08-16
0.0CVE-2007-4372
OTHER-REF

Back to top

">

High Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Apache -- TomcatApache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.
unknown
2007-08-14
10.0CVE-2007-3382
BUGTRAQ
BUGTRAQ
OTHER-REF
CERT-VN
Apache -- TomcatApache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.
unknown
2007-08-14
10.0CVE-2007-3385
BUGTRAQ
CERT-VN
Article Dashboard -- Article DashboardSQL injection vulnerability in article.php in Article Dashboard, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-08-14
7.5CVE-2007-4332
SECUNIA
ESRI -- ArcGISStack-based buffer overflow in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call.
unknown
2007-08-15
7.5CVE-2007-4278
IDEFENSE
fedoraproject -- CommonsFedora Commons before 2.2.1 does not properly handle certain authentication requests involving Java Naming and Directory Interface (JNDI), related to (1) a nonexistent account name in combination with an empty password, which allows remote attackers to trigger a certain "unexpected / strange response," and (2) a reauthentication attempt that throws an exception, which allows remote attackers to trigger use of a cached authentication decision. NOTE: authentication can be bypassed by using vector 1 followed by vector 2, and possibly can be bypassed by using a single vector.
unknown
2007-08-15
8.5CVE-2007-4364
OTHER-REF
OTHER-REF
SECUNIA
Haudenschilt -- Family Connectionsindex.php in Ryan Haudenschilt Family Connections (FCMS) 0.6 and earlier allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter.
unknown
2007-08-14
7.5CVE-2007-4338
BUGTRAQ
BID
SECUNIA
IBM -- AIXBuffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
unknown
2007-08-14
7.2CVE-2007-4354
OTHER-REF
AIXAPAR
AIXAPAR
BID
SECTRACK
SECUNIA
IBM -- AIXBuffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
unknown
2007-08-14
7.2CVE-2007-4355
OTHER-REF
BID
Microsoft -- Virtual Server
Microsoft -- Virtual PC for Mac
Microsoft -- Virtual PC
Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components."
unknown
2007-08-14
9.3CVE-2007-0948
MS
BID
SECTRACK
SECUNIA
Microsoft -- Internet ExplorerInteger underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX.DLL), as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer size, which triggers a heap-based buffer overflow.
unknown
2007-08-14
9.3CVE-2007-1749
BUGTRAQ
OTHER-REF
MS
CERT-VN
BID
SECTRACK
SECUNIA
Microsoft -- Internet ExplorerUnspecified vulnerability in the tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to an incorrect IObjectsafety implementation and Microsoft Visual Basic 6 objects, aka "ActiveX Object Vulnerability."
unknown
2007-08-14
7.5CVE-2007-2216
Microsoft -- XML Core ServicesUnspecified vulnerability in Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
unknown
2007-08-14
9.3CVE-2007-2223
MS
Microsoft -- Office
Microsoft -- Visual Basic
Unspecified vulnerability in Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and Sp2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
unknown
2007-08-14
9.3CVE-2007-2224
MS
Microsoft -- windowsUnspecified vulnerability in the Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted image.
unknown
2007-08-14
9.3CVE-2007-3034
MS
Microsoft -- Media PlayerUnspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information.
unknown
2007-08-14
7.6CVE-2007-3035
MS
Microsoft -- Media PlayerUnspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression.
unknown
2007-08-14
7.6CVE-2007-3037
MS
Microsoft -- Internet ExplorerUnspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka " ActiveX Object Memory Corruption Vulnerability."
unknown
2007-08-14
9.3CVE-2007-3041
MS
Microsoft -- Office
Microsoft -- Excel
Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.
unknown
2007-08-14
9.3CVE-2007-3890
MS
Microsoft -- Internet ExplorerMicrosoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) .html, or (3) .mht file.
unknown
2007-08-14
9.3CVE-2007-4356
OTHER-REF
SECUNIA
Ncaster -- NcasterPHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter.
unknown
2007-08-13
7.5CVE-2007-4320
MILW0RM
BID
XF
Netgear -- ReadyNAS RAIDiatorNETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.
unknown
2007-08-15
10.0CVE-2007-4361
BUGTRAQ
OTHER-REF
OTHER-REF
OTHER-REF
BID
SECUNIA
Omnistar -- Lib2 PHP LibraryPHP remote file inclusion vulnerability in adm/my_statistics.php in Omnistar Lib2 PHP 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
unknown
2007-08-14
7.5CVE-2007-4341
BUGTRAQ
BID
Opera Software -- Opera Web BrowserOpera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
unknown
2007-08-15
9.3CVE-2007-4367
OTHER-REF
BID
SECUNIA
Php Blue Dragon -- Php Blue Dragon CMSSQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a "print articles" action.
unknown
2007-08-13
7.5CVE-2007-4312
MILW0RM
BID
PHPCentral -- Poll ScriptMultiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php.
unknown
2007-08-14
7.5CVE-2007-4339
BUGTRAQ
PHPCentral -- LoginPHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter.
unknown
2007-08-14
7.5CVE-2007-4342
BUGTRAQ
phpDVD -- phpDVDPHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvd_config_file parameter.
unknown
2007-08-14
7.5CVE-2007-4340
BUGTRAQ
Racer -- RacerMultiple buffer overflows in the (1) client and (2) server in Racer 0.5.3 beta 5 allow remote attackers to execute arbitrary code via a long string to UDP port 26000.
unknown
2007-08-15
7.5CVE-2007-4370
MILW0RM
BID

Back to top

Medium Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
AC Zoom -- BlockHostsBlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
unknown
2007-08-13
6.8CVE-2007-4322
OTHER-REF
OTHER-REF
Adobe -- FlashActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0 allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then using timing discrepancies from the SecurityErrorEvent error to determine whether a host is open or not.
unknown
2007-08-13
5.0CVE-2007-4324
BUGTRAQ
Apache -- TomcatCross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests.
unknown
2007-08-14
4.3CVE-2007-3386
BUGTRAQ
OTHER-REF
Article Dashboard -- Article DashboardMultiple cross-site scripting (XSS) vulnerabilities in signup.php in Article Dashboard allow remote attackers to inject arbitrary web script or HTML via the (1) f_emailaddress, (2) f_reemailaddress, and other unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-08-14
4.3CVE-2007-4333
SECUNIA
Aspindir -- Dersimiz Haber Ekleme ModuluMultiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information.
unknown
2007-08-10
4.3CVE-2007-4297
OTHER-REF
SECUNIA
ATI Technologies -- Display DriverThe AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
unknown
2007-08-13
6.9CVE-2007-4315
OTHER-REF
OTHER-REF
BID
Cerb -- CerbNGMultiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
unknown
2007-08-13
6.2CVE-2007-4303
OTHER-REF
BID
Cerb -- CerbNGCerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".
unknown
2007-08-13
6.2CVE-2007-4304
OTHER-REF
CTW Design -- FindNixPHP remote file inclusion vulnerability in index.php in FindNix allows remote attackers to include the contents of arbitrary URLs and conduct cross-site scripting (XSS) attacks via a URL in the page parameter.
unknown
2007-08-13
4.3CVE-2007-4331
BUGTRAQ
Dell -- Remote Access CardUnspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with firmware 1.50 Build 02.16 allows remote attackers to cause a denial of service (SSH daemon crash) via certain network traffic, as demonstrated by an "nmap -O" scan with nmap 4.03, possibly related to a Mocana (Mocanada) SSH vulnerability.
unknown
2007-08-15
4.3CVE-2007-4360
BUGTRAQ
BUGTRAQ
BID
DenyHosts -- DenyHostsDenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
unknown
2007-08-13
6.8CVE-2007-4323
OTHER-REF
Diskeeper -- DiskeeperThe administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address.
unknown
2007-08-16
5.8CVE-2007-4375
FULLDISC
BID
SECUNIA
XF
XF
Drupal -- Content Construction KitMultiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Construction Kit (CCK) before 4.7.x-1.6, and 5.x before 5.x-1.6 ,allow remote attackers to inject arbitrary web script or HTML via nodereference fields, when using (1) the plain formatter or (2) the autocomplete text field widget without Views.module.
unknown
2007-08-15
4.3CVE-2007-4363
OTHER-REF
OTHER-REF
OTHER-REF
SECUNIA
exV2 -- Content Management SystemCross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a set_lang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965.
unknown
2007-08-15
4.3CVE-2007-4365
BUGTRAQ
OTHER-REF
Fail2Ban -- Fail2Banfail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
unknown
2007-08-13
6.8CVE-2007-4321
OTHER-REF
GENTOO
freshmeat -- sysstatThe init script (sysstat.in) in sysstat creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code.
unknown
2007-08-14
4.4CVE-2007-3852
OTHER-REF
freshmeat -- Generic Software Wrappers ToolkitMultiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing.
unknown
2007-08-13
6.2CVE-2007-4302
OTHER-REF
BID
Hotscripts -- Neuron BlogUnrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/.
unknown
2007-08-15
6.8CVE-2007-4371
BUGTRAQ
XF
IBM -- AIXMultiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.
unknown
2007-08-14
6.9CVE-2007-4353
OTHER-REF
AIXAPAR
AIXAPAR
BID
SECTRACK
SECUNIA
IBM -- Rational ClearQuestSQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command.
unknown
2007-08-15
6.8CVE-2007-4368
BUGTRAQ
MILW0RM
BID
Lenovo -- Access Support
Lenovo -- Automated Solutions
The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), does not properly validate digital signatures of downloaded software, which makes it easier for remote attackers to spoof a download.
unknown
2007-08-15
5.8CVE-2007-2240
OTHER-REF
MS
CERT-VN
BID
Lenovo -- Access Support
Lenovo -- Automated Solutions
Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via format string specifiers in unknown data.
unknown
2007-08-15
5.8CVE-2007-2928
OTHER-REF
MS
CERT-VN
BID
Lenovo -- Access Support
Lenovo -- Automated Solutions
The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), exposes unsafe methods to arbitrary web domains, which allows remote attackers to download arbitrary code onto a client system and execute this code.
unknown
2007-08-15
5.8CVE-2007-2929
OTHER-REF
MS
CERT-VN
BID
Linux -- KernelThe xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 does not properly perform reseed operations, which has unknown impact and attack vectors. NOTE: some of these details are obtained from third party information.
unknown
2007-08-13
6.8CVE-2007-4311
OTHER-REF
FRSIRT
Mapos Scripts -- GaestebuchPHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter.
unknown
2007-08-13
6.8CVE-2007-4325
BUGTRAQ
BID
Mapos Scripts -- Bilder UploaderMultiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts.
unknown
2007-08-13
6.8CVE-2007-4326
BUGTRAQ
Mapos Scripts -- File UploaderMultiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php.
unknown
2007-08-13
6.8CVE-2007-4327
BUGTRAQ
BID
Mapos Scripts -- Bilder GalerieMultiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) galerie.php, or (3) anzagien.php.
unknown
2007-08-13
6.8CVE-2007-4328
BUGTRAQ
BID
Mapos Scripts -- Web NewsMultiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
unknown
2007-08-13
6.8CVE-2007-4329
BUGTRAQ
BID
Mapos Scripts -- ShoutboxPHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
unknown
2007-08-13
6.8CVE-2007-4330
BUGTRAQ
BID
Microsoft -- Internet ExplorerUnspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing.
unknown
2007-08-14
6.8CVE-2007-0943
MS
Microsoft -- windowsUnspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported.
unknown
2007-08-14
6.8CVE-2007-3032
BID
SECTRACK
SECUNIA
Microsoft -- windowsUnspecified vulnerability in Windows Vista Feed Headlines Gadgets in Windows Vista allows remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes.
unknown
2007-08-14
6.8CVE-2007-3033
MS
BID
SECTRACK
SECUNIA
Microsoft -- windowsUnspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.
unknown
2007-08-14
6.8CVE-2007-3891
MS
BID
SECTRACK
SECUNIA
Microsoft -- DirectX MediaBuffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.
unknown
2007-08-14
4.3CVE-2007-4336
MILW0RM
CERT-VN
FRSIRT
SECUNIA
Motive Incorporated -- Self Service Manager
Motive Incorporated -- Service Activation Manager
Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors.
unknown
2007-08-15
6.8CVE-2007-0319
OTHER-REF
MS
CERT-VN
BID
Mozilla -- FirefoxMozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.
unknown
2007-08-14
5.0CVE-2007-4357
BUGTRAQ
BUGTRAQ
BUGTRAQ
BUGTRAQ
BUGTRAQ
OTHER-REF
OTHER-REF
NetWin -- SurgeMailStack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372.
unknown
2007-08-16
6.0CVE-2007-4377
FULLDISC
MILW0RM
BID
FRSIRT
SECUNIA
XF
Php Blue Dragon -- Php Blue Dragon CMSPHP remote file inclusion vulnerability in public_includes/pub_blocks/activecontent.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, a different vector than CVE-2006-2392, CVE-2006-3076, and CVE-2006-6958.
unknown
2007-08-13
6.8CVE-2007-4313
MILW0RM
BID
PHP-Stats -- PHP-StatsCross-site scripting (XSS) vulnerability in whois.php in Php-stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the IP parameter.
unknown
2007-08-14
4.3CVE-2007-4334
BUGTRAQ
BID
SECUNIA
phpMyAdmin -- phpMyAdminMultiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7.
unknown
2007-08-13
4.3CVE-2007-4306
OTHER-REF
Pixlie -- Pixliepixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the root parameter. NOTE: this can be leveraged for traffic amplification or other denial of service.
unknown
2007-08-13
6.8CVE-2007-4314
MILW0RM
ProZIlla -- WebringSQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2007-08-15
6.8CVE-2007-4362
MILW0RM
BID
SECUNIA
Qbik -- WinGateFormat string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging.
unknown
2007-08-14
5.0CVE-2007-4335
BUGTRAQ
OTHER-REF
OTHER-REF
BID
SECUNIA
XF
RndLabs -- Babo ViolentThe server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes.
unknown
2007-08-16
6.8CVE-2007-4373
BUGTRAQ
OTHER-REF
RndLabs -- Babo ViolentBabo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, which allows remote authenticated users to spoof messages.
unknown
2007-08-16
4.0CVE-2007-4374
BUGTRAQ
OTHER-REF
RndLabs -- Babo ViolentMultiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login.
unknown
2007-08-16
6.8CVE-2007-4378
BUGTRAQ
OTHER-REF
BID
SECUNIA
RndLabs -- Babo ViolentBabo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size.
unknown
2007-08-16
4.3CVE-2007-4379
BUGTRAQ
OTHER-REF
BID
SECUNIA
Rsync -- RsyncMultiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.
unknown
2007-08-15
6.8CVE-2007-4091
OTHER-REF
OTHER-REF
BID
SkilMatch Staffing Systems -- JobLister3Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.
unknown
2007-08-15
6.8CVE-2007-4359
BUGTRAQ
BID
SOTE -- SOTEeSKLEPDirectory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
unknown
2007-08-15
5.0CVE-2007-4369
BUGTRAQ
BUGTRAQ
MILW0RM
BID
XF
Storesprite -- StorespriteMultiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/.
unknown
2007-08-13
4.3CVE-2007-4307
OTHER-REF
Streamripper -- StreamripperBuffer overflow in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allows remote attackers to execute arbitrary code via long HTTP headers, a different vulnerability than CVE-2006-3124.
unknown
2007-08-14
4.3CVE-2007-4337
OTHER-REF
OTHER-REF
BID
SECUNIA
Sun -- SolarisThe finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503.
unknown
2007-08-13
4.3CVE-2007-4310
BUGTRAQ
BUGTRAQ
Symantec -- Altiris Deployment Solution 6Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer.
unknown
2007-08-16
6.6CVE-2007-4380
OTHER-REF
BID
FRSIRT
SECTRACK
SECUNIA
Szymon Kosok -- Best Top ListUnrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/.
unknown
2007-08-16
6.8CVE-2007-4376
BUGTRAQ
BID
XF
Todd Miller -- Sudo
Sysjail -- Sysjail
Systrace -- Systrace
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
unknown
2007-08-13
6.2CVE-2007-4305
OTHER-REF
BID
WebCart -- WebCartMultiple cross-site scripting (XSS) vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2007-08-13
4.3CVE-2007-4301
OTHER-REF
OTHER-REF
BID
SECUNIA
Wengo -- WengoPhoneWengoPhone 2.1 allows remote attackers to cause a denial of service (device crash) via a SIP INVITE message without a Content-Type header.
unknown
2007-08-15
5.0CVE-2007-4366
BUGTRAQ
MILW0RM
BID
XF
Zoidcom -- ZoidcomZoidcom 0.6.7 and earlier allows remote attackers to cause a denial of service (application crash) via a JOIN packet (aka connection packet) containing 0x69 in the ninth byte, which triggers a "double-delete" of trace data, a different vulnerability than CVE-2005-1643.
unknown
2007-08-15
4.3CVE-2007-4358
BUGTRAQ
OTHER-REF
BID
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions.
unknown
2007-08-13
4.3CVE-2007-4316
BUGTRAQ
OTHER-REF
XF
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters.
unknown
2007-08-13
4.3CVE-2007-4317
BUGTRAQ
OTHER-REF
BID
XF
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
Cross-site scripting (XSS) vulnerability in Forms/General_1 in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter.
unknown
2007-08-13
4.3CVE-2007-4318
BUGTRAQ
OTHER-REF
BID
XF
ZyXEL -- Zywall 2
ZyXEL -- ZyNOS
The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service (infinite reboot loop) via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF; if so, then it should not be included in CVE.
unknown
2007-08-13
4.0CVE-2007-4319
BUGTRAQ
OTHER-REF
BID

Back to top

Low Vulnerabilities
Primary
Vendor -- Product
Description
Discovered
Published
CVSS ScoreSource & Patch Info
Adaptec -- AACRAID controllerThe (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.
unknown
2007-08-13
1.9CVE-2007-4308
OTHER-REF
OTHER-REF
BID
FRSIRT
SECUNIA
IBM -- Lotus NotesIBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.
unknown
2007-08-13
3.5CVE-2007-4309
OTHER-REF
OTHER-REF
SECTRACK
Linux -- KernelLinux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).
unknown
2007-08-14
1.9CVE-2007-3848
MLIST
OTHER-REF
Linux -- KernelThe drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer.
unknown
2007-08-13
1.0CVE-2007-3851
OTHER-REF
SECUNIA
NetWin -- SurgeMailUnspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
unknown
2007-08-16
0.0CVE-2007-4372
OTHER-REF

Back to top

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top