The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2007-5653 | The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related to the com_load_typelib function. | High | Oct 24, 2007 | n/a |
| CVE-2007-5652 | IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | High | Oct 24, 2007 | n/a |
| CVE-2007-5651 | Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. | High | Oct 24, 2007 | n/a |
| CVE-2007-5650 | Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to index.php. | High | Oct 24, 2007 | n/a |
| CVE-2007-5649 | Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lost_id parameter. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5648 | Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5647 | Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to the default URI. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5646 | SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5644 | Lussumo Vanilla 1.1.3 and earlier does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote attackers to conduct unauthorized sort operations and other activities. | High | Oct 24, 2007 | n/a |
| CVE-2007-5643 | Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php. | High | Oct 24, 2007 | n/a |
| CVE-2007-5642 | Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5641 | Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the full_path parameter to (1) certinfo/index.php, (2) emails/index.php, (3) events/index.php, (4) fax/index.php, (5) files/index.php, (6) files/list.php, (7) groupadm/index.php, (8) history/index.php, (9) info/index.php, (10) log/index.php, (11) mail/index.php, (12) messages/index.php, (13) organizations/index.php, (14) phones/index.php, (15) presence/index.php, (16) projects/index.php, (17) projects/summary.inc.php, (18) projects/list.php, (19) reports/index.php, (20) search/index.php, (21) snf/index.php, (22) syslog/index.php, (23) tasks/searchsimilar.php, (24) tasks/index.php, (25) tasks/summary.inc.php, and (26) useradm/index.php in modules; (27) /ajax/loadsplash.php; (28) /blocks/birthday.php; (29) /blocks/events.php; and (30) /blocks/help.php. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5640 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a Unchanged spoofed resume message is sent after each re-registration. | High | Oct 24, 2007 | n/a |
| CVE-2007-5639 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server. | High | Oct 24, 2007 | n/a |
| CVE-2007-5638 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5637 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables \"surveillance mode.\" NOTE: issues relating to a small ID number space can be leveraged to make this attack easier. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5636 | Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka \"extraneous messaging.\" | High | Oct 24, 2007 | n/a |
| CVE-2007-5635 | Multiple unspecified vulnerabilities in Salford Software Support Incident Tracker (SiT!) before 3.30 have unknown impact and attack vectors. | High | Oct 24, 2007 | n/a |
| CVE-2007-5634 | Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, does not properly check a buffer during an IOCTL 0x9c402420 call, which allows local users to cause a denial of service (machine crash) and possibly gain privileges via unspecified vectors. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5633 | Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the (1) IOCTL_RDMSR 0x9C402438 and (2) IOCTL_WRMSR 0x9C40243C IOCTLs to \\Device\\speedfan, as demonstrated by an IOCTL_WRMSR action on MSR_LSTAR. | High | Oct 24, 2007 | n/a |
| CVE-2007-5632 | Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5631 | Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) UnchangedestGroupsModule/UnchangedestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5630 | SQL injection vulnerability in tUnchangeds.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a tUnchangeds action. | High | Oct 24, 2007 | n/a |
| CVE-2007-5629 | Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different vector than CVE-2007-2804. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5628 | PHP remote file inclusion vulnerability in src/scripture.php in The Online Web Library Site (TOWels) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the pageHeaderFile parameter. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5627 | PHP remote file inclusion vulnerability in content/fnc-readmail3.php in SocketMail 2.2.8 allows remote attackers to execute arbitrary PHP code via a URL in the __SOCKETMAIL_ROOT parameter. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5626 | make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network. | Low | Oct 24, 2007 | n/a |
| CVE-2007-5625 | Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site Search SearchSimon Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. | Medium | Oct 24, 2007 | n/a |
| CVE-2007-5624 | Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts. | Medium | Oct 23, 2007 | n/a |
| CVE-2007-5623 | Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote attackers to cause a denial of service (crash) via crafted snmpget replies. | Medium | Oct 23, 2007 | n/a |
| CVE-2007-5622 | Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy. | Medium | Oct 31, 2007 | n/a |
| CVE-2007-5621 | Multiple cross-site scripting (XSS) vulnerabilities in the Token module before 4.7.x-1.5, and 5.x before 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote authenticated users with a post comments privilege to inject arbitrary web script or HTML via unspecified vectors related to (1) comments, (2) vocabulary names, (3) term names, and (4) usernames. | Low | Oct 23, 2007 | n/a |
| CVE-2007-5620 | Directory traversal vulnerability in admin/inc/help.php in ZZ:FlashChat 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. | High | Oct 23, 2007 | n/a |
| CVE-2007-5619 | Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in cleartext in server logs, which might allow local users go gain privileges. | High | Oct 22, 2007 | n/a |
| CVE-2007-5618 | Unquoted Windows search path in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, might allow local users to gain privileges via malicious programs. | High | Oct 22, 2007 | n/a |
| CVE-2007-5617 | Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images. | High | Oct 22, 2007 | n/a |
| CVE-2007-5616 | ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors. | High | Sep 5, 2008 | n/a |
| CVE-2007-5615 | CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | Medium | Nov 15, 2008 | n/a |
| CVE-2007-5614 | Mortbay Jetty before 6.1.6rc1 does not properly handle certain quote sequences in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors. | High | Nov 15, 2008 | n/a |
| CVE-2007-5613 | Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies. | Medium | Nov 15, 2008 | n/a |
| CVE-2007-5612 | CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections. | High | Mar 4, 2008 | n/a |
| CVE-2007-5610 | Unspecified vulnerability in a certain ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to cause a denial of service via unknown vectors. | High | Sep 10, 2008 | n/a |
| CVE-2007-5608 | Unspecified vulnerability in a certain ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-0952 and CVE-2008-0953. | High | Sep 10, 2008 | n/a |
| CVE-2007-5607 | Unspecified vulnerability in a certain ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606. | High | Sep 10, 2008 | n/a |
| CVE-2007-5606 | Unspecified vulnerability in a certain ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607. | High | Sep 10, 2008 | n/a |
| CVE-2007-5605 | Unspecified vulnerability in a certain ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607. | High | Sep 10, 2008 | n/a |
| CVE-2007-5604 | Unspecified vulnerability in a certain ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607. | High | Sep 10, 2008 | n/a |
| CVE-2007-5603 | Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method. | High | Nov 6, 2007 | n/a |
| CVE-2007-5602 | Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and SwiftSend, allow remote attackers to execute arbitrary code via unspecified vectors to the (1) svocx.ocx ActiveX control or the (2) npsview.dll plugin for Mozilla and Firefox. | High | Nov 15, 2008 | n/a |
| CVE-2007-5601 | Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. | High | Oct 22, 2007 | n/a |
