The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2007-3874 | Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe) in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows remote attackers to read arbitrary files via unspecified vectors. | Medium | Nov 7, 2007 |
| CVE-2007-4261 | EZPhotoSales 1.9.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) a file containing cleartext passwords via a direct request for OnlineViewing/data/galleries.txt, or (2) a file containing username hashes and password hashes via a direct request for OnlineViewing/configuration/config.dat/. NOTE: vector 2 can be leveraged for administrative access because authentication does not require knowledge of cleartext values, but instead uses the username hash in the ConfigLogin parameter and the password hash in the ConfigPassword parameter. | High | Nov 7, 2007 |
| CVE-2007-4994 | Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle Unchanged revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL. | High | Nov 7, 2007 |
| CVE-2007-5814 | Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (5) userName, (6) domainName, or (7) dnsSuffix Unicode property value. NOTE: the AddRouteEntry vector is covered by CVE-2007-5603. | High | Nov 7, 2007 |
| CVE-2007-5817 | dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be leveraged to conduct cross-site scripting (XSS) and possibly other attacks. | Medium | Nov 7, 2007 |
| CVE-2007-5838 | Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380. | High | Nov 7, 2007 |
| CVE-2007-5839 | The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files via a symlink attack on temporary files when using the (1) HOSTNAME or (2) IRCHOST command. | Medium | Nov 7, 2007 |
| CVE-2007-5840 | PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2. | Medium | Nov 7, 2007 |
| CVE-2007-5841 | PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter. | Medium | Nov 7, 2007 |
| CVE-2007-5842 | Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1.0.42 allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter to (1) admincp/auth/secure.php or (2) admincp/auth/checklogin.php. | Medium | Nov 7, 2007 |
| CVE-2007-5843 | PHP remote file inclusion vulnerability in includes/common.php in scWiki 1.0 Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the pathdot parameter. | Medium | Nov 7, 2007 |
| CVE-2007-5844 | Directory traversal vulnerability in inc/includes.inc in GuppY 4.6.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the selskin parameter to index.php. NOTE: this can be leveraged for remote file inclusion by including inc/boxleft.inc and specifying a URL in the xposbox[L][] array parameter. | High | Nov 7, 2007 |
| CVE-2007-5845 | Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged to bypass authentication and upload arbitrary files by including admin/inc/upload.inc and specifying certain multipart/form-data input for admin/inc/upload.inc. | High | Nov 7, 2007 |
| CVE-2007-0011 | The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent attackers to hijack sessions by reading "residual information", including the a referer log, browser history, or browser cache. | Medium | Nov 6, 2007 |
| CVE-2007-3656 | Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs. | Medium | Nov 6, 2007 |
| CVE-2007-4217 | Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. | High | Nov 6, 2007 |
| CVE-2007-4513 | Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv. | High | Nov 6, 2007 |
| CVE-2007-4621 | Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments. | High | Nov 6, 2007 |
| CVE-2007-4622 | Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. | High | Nov 6, 2007 |
| CVE-2007-4623 | Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. | High | Nov 6, 2007 |
| CVE-2007-5603 | Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method. | High | Nov 6, 2007 |
| CVE-2007-5783 | SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter. | High | Nov 6, 2007 |
| CVE-2007-5784 | PHP remote file inclusion vulnerability in index.php in CaupoShop Pro 2.x allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | Medium | Nov 6, 2007 |
| CVE-2007-5785 | SQL injection vulnerability in file.php in JobSite Professional 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | High | Nov 6, 2007 |
| CVE-2007-5786 | Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_group.php; (6) inc_manager.php; (7) inc_Unchangedgroup.php; (8) inc_smb_conf.php; (9) inc_user.php; or (10) main.php. | High | Nov 6, 2007 |
| CVE-2007-5787 | Micro Login System 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a password via a direct request for userpwd.txt. | Medium | Nov 6, 2007 |
| CVE-2007-5788 | Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP INVITE message. | High | Nov 6, 2007 |
| CVE-2007-5789 | The Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a flood of fragmented packets to port 5060. | High | Nov 6, 2007 |
| CVE-2007-5790 | The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for the password, which might allow local users to obtain sensitive information. | Low | Nov 6, 2007 |
| CVE-2007-5791 | The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content. | High | Nov 6, 2007 |
| CVE-2007-5802 | Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration. | High | Nov 6, 2007 |
| CVE-2007-5804 | cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument. | Medium | Nov 6, 2007 |
| CVE-2007-5805 | cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804. | Medium | Nov 6, 2007 |
| CVE-2007-5806 | Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, as demonstrated using the style and onmouseover HTML attributes. | Medium | Nov 6, 2007 |
| CVE-2007-5807 | Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | Medium | Nov 6, 2007 |
| CVE-2007-5808 | Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets. | Medium | Nov 6, 2007 |
| CVE-2007-5812 | Directory traversal vulnerability in modules/Builder/DownloadModule.php in ModuleBuilder 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | Medium | Nov 6, 2007 |
| CVE-2007-5815 | Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 before 2.1, and SSL-VPN 2000/4000 before 2.5, allows remote attackers to delete arbitrary files via a full pathname in the argument to the FileDelete method. | High | Nov 6, 2007 |
| CVE-2007-5816 | dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the Unchangedlocalpassword password input field in the HTML source of the resulting page. | Medium | Nov 6, 2007 |
| CVE-2007-5818 | Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitrary blocks as administrators. | High | Nov 6, 2007 |
| CVE-2007-5819 | IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients. | Low | Nov 6, 2007 |
| CVE-2007-5820 | Directory traversal vulnerability in index.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | High | Nov 6, 2007 |
| CVE-2007-5821 | Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lng parameter to (a) guestbook.php, (b) admin/admin.guestbook.php, or (c) auto/glob_Unchanged.php; or (2) the lngdefault parameter to auto/ch_lng.php. | Medium | Nov 6, 2007 |
| CVE-2007-5823 | Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the username parameter in a Register action. | High | Nov 6, 2007 |
| CVE-2007-5826 | Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420. | High | Nov 6, 2007 |
| CVE-2007-5827 | iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords. | Low | Nov 6, 2007 |
| CVE-2007-5830 | Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation." | High | Nov 6, 2007 |
| CVE-2007-5831 | Directory traversal vulnerability in fileSystem.do in SSL-Explorer before 0.2.14 allows remote attackers to access arbitrary files via directory traversal sequences in the path parameter. NOTE: some of these details are obtained from third party information. | High | Nov 6, 2007 |
| CVE-2007-5832 | Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject (1) headers or (2) body data in an HTTP transaction, a different vulnerability than CVE-2007-2907. NOTE: some of these details are obtained from third party information. | High | Nov 6, 2007 |
| CVE-2007-5833 | Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post. | Low | Nov 6, 2007 |
