The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2007-5834 | Cross-site scripting (XSS) vulnerability in BosDev BosUnchangeds 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a Unchangeds post. | Medium | Nov 6, 2007 |
CVE-2007-5835 | Install.php in BosDev BosUnchangeds 4 and 5 does not require authentication for replacing an existing product installation or creating a Unchanged admin account, which allows remote attackers to cause a denial of service (overwritten files) and possibly obtain administrative access. | Medium | Nov 6, 2007 |
CVE-2007-5836 | SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2006-3794. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | High | Nov 6, 2007 |
CVE-2007-5837 | GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to execute arbitrary commands via shell metacharacters in a link element in a feed. | Medium | Nov 6, 2007 |
CVE-2007-5473 | StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP. | Medium | Nov 5, 2007 |
CVE-2007-5660 | Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow. | High | Nov 5, 2007 |
CVE-2007-5767 | Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character. | High | Nov 5, 2007 |
CVE-2007-5792 | The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP packets, which might allow remote attackers to eavesdrop by sniffing the network and reconstructing the RTP session. | High | Nov 5, 2007 |
CVE-2007-5793 | Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection. | High | Nov 5, 2007 |
CVE-2007-5795 | The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration. | Medium | Nov 5, 2007 |
CVE-2007-5796 | Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6.1, and 5.x before 5.2.2.5, allows remote attackers to inject arbitrary web script or HTML by modifying the URL that is used for loading Certificate Revocation Lists. | Medium | Nov 5, 2007 |
CVE-2007-5797 | SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database. | High | Nov 5, 2007 |
CVE-2007-5798 | Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to inject arbitrary web script or HTML via the (1) keyField, (2) nameField, (3) valueField, and (4) frameReturn parameters. | Medium | Nov 5, 2007 |
CVE-2007-5799 | Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to perform some actions as WAS UDDI users via the (1) keyField, (2) nameField, (3) valueField, and (4) frameReturn parameters. | Medium | Nov 5, 2007 |
CVE-2007-5801 | Unspecified vulnerability in WORK system e-commerce before 4.0.2 has unknown impact and attack vectors related to "Ajax pages." | High | Nov 5, 2007 |
CVE-2007-5320 | Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary files via the CompactFile function in the ImagXpress.8 ActiveX control (PegasusImaging.ActiveX.ImagXpress8.dll). | Medium | Nov 2, 2007 |
CVE-2007-5771 | Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrative access via a myforum%00 cookie. | High | Nov 2, 2007 |
CVE-2007-5772 | Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthenticated remote attackers can exploit this by leveraging a cookie manipulation issue. | Medium | Nov 2, 2007 |
CVE-2007-5773 | Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter. | Medium | Nov 2, 2007 |
CVE-2007-5774 | index.php in the File Manager module in Flatnuke 3 allows remote attackers to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message. | Medium | Nov 2, 2007 |
CVE-2007-5776 | Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence. | Medium | Nov 2, 2007 |
CVE-2007-5777 | Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb. | Medium | Nov 2, 2007 |
CVE-2007-5778 | Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network. | Medium | Nov 2, 2007 |
CVE-2007-5779 | Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method. | High | Nov 2, 2007 |
CVE-2007-5780 | PHP remote file inclusion vulnerability in pub/pub08_comments.php in teatro 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. | Medium | Nov 2, 2007 |
CVE-2007-5781 | PHP remote file inclusion vulnerability in inc/sige_init.php in Sige 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the SYS_PATH parameter. | Medium | Nov 2, 2007 |
CVE-2007-5782 | Directory traversal vulnerability in dl.php in FireConfig 0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | Medium | Nov 2, 2007 |
CVE-2007-2957 | Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow. | High | Nov 1, 2007 |
CVE-2007-4345 | Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail Server 2006.22, allows remote attackers to execute arbitrary code via a long boundary parameter in a multipart MIME e-mail message. | High | Nov 1, 2007 |
CVE-2007-5080 | Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow. | High | Nov 1, 2007 |
CVE-2007-5094 | Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line. | High | Nov 1, 2007 |
CVE-2007-5732 | Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the file parameter. NOTE: this issue only occurs in environments where the system administrator has not followed the vendor recommendations that this product should only be used internally. | Medium | Nov 1, 2007 |
CVE-2007-5733 | Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details are obtained from third party information. | High | Nov 1, 2007 |
CVE-2007-5734 | Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.cgi, accessed from upload.html. | Medium | Nov 1, 2007 |
CVE-2007-5740 | The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. | High | Nov 1, 2007 |
CVE-2007-5752 | adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges. | High | Nov 1, 2007 |
CVE-2007-5753 | Unspecified vulnerability in Light FMan PHP (lfman or lightfman) before 2.0rc1 has unknown impact and attack vectors related to "actions." | High | Nov 1, 2007 |
CVE-2007-5754 | PHP remote file inclusion vulnerability in urlinn_includes/config.php in phpFaber URLInn 2.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the dir_ws parameter. | Medium | Nov 1, 2007 |
CVE-2007-5768 | The Globe7 soft phone client 7.3 sends username and password information in cleartext, which allows remote attackers to obtain sensitive information by sniffing the HTTP traffic. | Medium | Nov 1, 2007 |
CVE-2007-3920 | ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states "further investigation has revealed that the application is not vulnerable to this issue." The original researcher also has a history of erroneous claims. | High | Oct 31, 2007 |
CVE-2007-4222 | Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email. | High | Oct 31, 2007 |
CVE-2007-4348 | Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file that is accessible through a certain web interface. | Medium | Oct 31, 2007 |
CVE-2007-4861 | SAXON 5.4, with display_errors enabled, allows remote attackers to obtain sensitive information via (1) a direct request for Unchangeds.php, (2) an invalid use of a Unchangedsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in (3) admin/, (4) rss/, and (5) the root directory of the installation, which reveal the path in various error messages. | Medium | Oct 31, 2007 |
CVE-2007-4862 | Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the config[Unchangeds_url] parameter. | Medium | Oct 31, 2007 |
CVE-2007-4863 | SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter. | Medium | Oct 31, 2007 |
CVE-2007-4999 | libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996. | Medium | Oct 31, 2007 |
CVE-2007-5413 | httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 through 4.2i and Client Configuration Manager (CCM) 2.0 allows remote attackers to read arbitrary files via URLs containing tilde (~) references to home directories, as demonstrated by ~root. | High | Oct 31, 2007 |
CVE-2007-5544 | IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. | Medium | Oct 31, 2007 |
CVE-2007-5622 | Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy. | Medium | Oct 31, 2007 |
CVE-2007-5690 | ** DISPUTED ** Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed. | Medium | Oct 31, 2007 |