My Account

Home PHP Scripts Contact News RSS Readers Donations

Software Vulnerability

	Enter your search terms Submit search form
	Web www.amigura.co.uk

Main

Software Alerts

Software and Script Bug Exploits
Software Vulnerability
Random Feeds

Archives

| Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |

Thu, 29 Nov 07
SimpleGallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6157
Cross-site scripting (XSS) vulnerability in index.php in SimpleGallery 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the album parameter.

Thu, 29 Nov 07
Basic Analysis and Security Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6156
Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.

Thu, 29 Nov 07
Quicktime
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4674
An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow.

Thu, 29 Nov 07
IAPR COMMENCE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6147
Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (a) php_root_path and sometimes the (b) privilege_root_path parameter to various PHP scripts under (1) admin/includes/, (2) admin/phase/, (3) includes/, (4) includes/page_includes/, (5) reviewer/includes/, (6) reviewer/phase/, and (7) user/phase/.

Thu, 29 Nov 07
JP1 File Transmission Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6145
Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows remote attackers to bypass authentication and "view files" via unspecified vectors.

Thu, 29 Nov 07
Web Thunder
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6144
Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.

Thu, 29 Nov 07
JAF CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6142
Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) show parameter to index.php and the (2) print parameter to print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Thu, 29 Nov 07
VBTube
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6141
Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 Beta allows remote attackers to inject arbitrary web script or HTML via the search parameter.

Thu, 29 Nov 07
Dora Emlak
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6140
Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) emlak_detay.asp and (b) haber_detay.asp, the (2) kategori parameter to (c) kategorisirala.asp, and the (3) tip parameter to (d) tipsirala.asp.

Thu, 29 Nov 07
Toolbox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6139
PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1.0 beta 5 allows remote attackers to execute arbitrary PHP code via a URL in the skin_file parameter.

Thu, 29 Nov 07
Mass Mailer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6138
SQL injection vulnerability in redir.asp in VU Mass Mailer allows remote attackers to execute arbitrary SQL commands via the password parameter to Default.asp (aka the Login Page). NOTE: some of these details are obtained from third party information.

Thu, 29 Nov 07
Case Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6168
SQL injection vulnerability in default.asp in VU Case Manager allows remote attackers to execute arbitrary SQL commands via the username parameter, a different vector than CVE-2007-6143. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Thu, 29 Nov 07
SuSE Linux
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6167
yast2-core includes the current working directory in its search path, which allows local users to gain privileges via malicious yast2 modules.

Thu, 29 Nov 07
Quicktime
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6166
Stack-based buffer overflow in Apple QuickTime 7.2 and 7.3 allows remote attackers to execute arbitrary code via a long Real Time Streaming Protocol (RTSP) Content-Type header.

Thu, 29 Nov 07
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6165
Mail in Apple Mac OS X Leopard allows user-assisted remote attackers to execute arbitrary code via an AppleDouble attachment containing an apparently-safe file type and script in a resource fork, which does not warn the user that a separate program is going to be executed. NOTE: this is a regression error related to CVE-2006-0395.

Thu, 29 Nov 07
DWD Realty
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6163
SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the pword (aka Password) parameter. NOTE: some of these details are obtained from third party information.

Thu, 29 Nov 07
FMDeluxe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6162
Cross-site scripting (XSS) vulnerability in index.php in FMDeluxe 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a category action.

Thu, 29 Nov 07
Tilde CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6160
Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action.

Thu, 29 Nov 07
Tilde CMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6159
SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500.

Thu, 29 Nov 07
Proverbs Web Calendar
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6158
Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs Web Calendar 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) loginname (aka Username) and (2) loginpass (aka Password) parameters to caladmin.php.

Wed, 28 Nov 07
Content Injector
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6137
SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information.

Wed, 28 Nov 07
My Space Scripts Poll Creator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6136
Multiplce cross-site scripting (XSS) vulnerabilities in index.php in M2Scripts MySpace Scripts Poll Creator allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) intro, and (3) question parameters, and (4) unspecified answer parameters, in a create_new action. NOTE: some of these details are obtained from third party information.

Wed, 28 Nov 07
PHPSlideShow
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6135
Cross-site scripting (XSS) vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific name, since the PHPSlideShow distribution does not contain that file.

Wed, 28 Nov 07
PHPKIT
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6134
SQL injection vulnerability in pkinc/public/article.php in PHPKIT 1.6.4pl1 allows remote attackers to execute arbitrary SQL commands via the contentid parameter in an article action to include.php, a different vector than CVE-2006-1773.

Wed, 28 Nov 07
DevMass Cart
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6133
PHP remote file inclusion vulnerability in admin/kfm/initialise.php in DevMass Shopping Cart 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the kfm_base_path parameter.

Wed, 28 Nov 07
Firefox, SeaMonkey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5959
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.

Wed, 28 Nov 07
Fedora_Fedora
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6131
buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files.

Wed, 28 Nov 07
GNUMP3D
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6130
gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions.

Wed, 28 Nov 07
Amber Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6129
Directory traversal vulnerability in scripts/include/show_content.php in Amber Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged for remote file inclusion in PHP 5 using a UNC share pathname, ftp, ftps, or ssh2.sftp URL.

Wed, 28 Nov 07
WorkingOnWeb
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6128
SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote attackers to execute arbitrary SQL commands via the idevent parameter.

Wed, 28 Nov 07
Project Alumni
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6126
Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to (1) xml/index.php; or (2) the year parameter to view.page.inc.php, which is reachable through a view action to the top-level index.php.

Wed, 28 Nov 07
Freelancers Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6124
Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter.

Tue, 27 Nov 07
IRC Services
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6122
The default_encrypt function in encrypt.c in IRC Services before 5.0.63, and 5.1.x before 5.1.7, allows remote attackers to cause a denial of service (daemon crash) via a long password. NOTE: some of these details are obtained from third party information.

Tue, 27 Nov 07
Wireshark, Ethereal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6120
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

Tue, 27 Nov 07
Wireshark, Ethereal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6118
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.

Tue, 27 Nov 07
Wireshark, Ethereal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6117
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 has unknown impact and remote attack vectors related to chunked messages.

Tue, 27 Nov 07
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6116
The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors.

Tue, 27 Nov 07
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6115
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.

Tue, 27 Nov 07
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6114
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.

Tue, 27 Nov 07
Wireshark, Ethereal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6113
Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP packet.

Tue, 27 Nov 07
Wireshark
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6112
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

Tue, 27 Nov 07
Wireshark, Ethereal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6111
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.

Tue, 27 Nov 07
htDig
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6110
Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter.

Tue, 27 Nov 07
E-Friends
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6106
SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and earlier allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewevent action.

Tue, 27 Nov 07
TalkBack
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6105
Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_file parameter to (a) comments-display-tpl.php and (b) addons/separate-comments-mod/my-comments-display-tpl.php and the (2) config[comments_form_tpl] parameter to comments-display-tpl.php.

Tue, 27 Nov 07
FileMaker Server, FileMaker Pro, FileMaker Developer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6104
Cross-site scripting (XSS) vulnerability in the Instant Web Publishing feature in FileMaker Pro 7 and 8, Server 7 and 8, and Developer 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Tue, 27 Nov 07
I Hear U
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6103
I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp.

Tue, 27 Nov 07
Feed2JS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6102
Cross-site scripting (XSS) vulnerability in Feed to JavaScript (Feed2JS) 1.91 allows remote attackers to inject arbitrary web script or HTML via a URL in a feed.

Tue, 27 Nov 07
Ability Mail Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6101
Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages.

Tue, 27 Nov 07
phpMyAdmin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6100
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie auth_type, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability than CVE-2005-0992.

Fri, 23 Nov 07
Ingate Firewall, Ingate SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6098
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.

Fri, 23 Nov 07
Ingate Firewall, Ingate SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6097
Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."

Fri, 23 Nov 07
Ingate Firewall, Ingate SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6096
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "administrators with less privileges," which might allow attackers to read these passwords via unknown vectors.

Fri, 23 Nov 07
Ingate Firewall, Ingate SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6095
The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users.

Fri, 23 Nov 07
Ingate Firewall, Ingate SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6094
The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS).

Fri, 23 Nov 07
Ingate Firewall, Ingate SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6093
The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expected."

Fri, 23 Nov 07
Ingate Firewall, Ingate SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6092
Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.

Fri, 23 Nov 07
Banner System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6091
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.

Fri, 23 Nov 07
Nuked-Klan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6090
Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Fri, 23 Nov 07
mebiblio
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6089
PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.

Fri, 23 Nov 07
phpbbviet
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6088
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Fri, 23 Nov 07
vigilecms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6086
Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.

Fri, 23 Nov 07
vigilecms
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6085
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module.

Fri, 23 Nov 07
clone_script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6084
SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

Fri, 23 Nov 07
IceBB
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6083
SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.

Fri, 23 Nov 07
sciurus_hosting_panel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6082
Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php.

Fri, 23 Nov 07
eventlog_analyzer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6081
AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.

Fri, 23 Nov 07
bcoos
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6079
Directory traversal vulnerability in include/common.php in bcoos 1.0.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsOption[pagetype] parameter to the default URI for modules/news/. NOTE: this can be leveraged by using legitimate product functionality to upload a file that contains the code, then including that file.

Fri, 23 Nov 07
SkyPortal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6078
Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4) inc_SUBSCRIPTIONS.asp; or the (5) Avatar_URL, (6) LINK1, or (7) LINK2 parameter to cp_main.asp in an EditIt action.

Fri, 23 Nov 07
Director
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5612
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.

Fri, 23 Nov 07
Ruby on Rails
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6077
The session fixation protection mechanism in cgi_process.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookie_only attribute from the DEFAULT_SESSION_OPTIONS constant, which effectively causes :cookie_only to only be applied to the first instantiation of CgiRequest, which allows remote attackers to conduct session fixation attacks. NOTE: this is due to an incomplete fix for CVE-2007-5380.

Thu, 22 Nov 07
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6063
Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.

Thu, 22 Nov 07
ngIRCd
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6062
irc-channel.c in ngIRCd 0.10.3 allows remote attackers to cause a denial of service (crash) via a JOIN command without a channel argument.

Thu, 22 Nov 07
audacity
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6061
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack.

Thu, 22 Nov 07
v3_internet_security
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6060
AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a filename string at a location indicated by the "Filename length" field in a ZIP header, which allows remote attackers to cause a denial of service (machine crash) and possibly execute arbitrary code via a ZIP file in which this field's value is larger than the actual number of bytes in the filename.

Thu, 22 Nov 07
JavaMail
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6059
Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service (connection pool exhaustion) via a large number of requests, resulting in a SQLNestedException.

Thu, 22 Nov 07
ProfileCMS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6058
Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) codes action in the profile-codes module, (2) videos action in the video-codes module, or (3) games action in the arcade-games module.

Thu, 22 Nov 07
Social Networking Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6057
PHP remote file inclusion vulnerability in index.php in datecomm Social Networking Script (aka Myspace Clone Script) allows remote attackers to execute arbitrary PHP code via a URL in the pg parameter.

Thu, 22 Nov 07
aida-web
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6056
frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a protection mechanism and obtain comment and task details via certain values to the (1) Mehr and (2) SUPER parameters.

Thu, 22 Nov 07
portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6055
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Portal 4.1.0 and 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter. NOTE: this issue reportedly exists because of a regression that followed a fix at an unspecified earlier date.

Thu, 22 Nov 07
mc-800
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6054
Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /screens URI, related to the url variable.

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6052
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6051
IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6050
Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6049
Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root.

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6048
IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6047
Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART.

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6046
Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact.

Thu, 22 Nov 07
DB2 Universal Database
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6045
Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors.

Thu, 22 Nov 07
WebSphere MQ
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6044
Multiple unspecified vulnerabilities in IBM WebSphere MQ 6.0 have unknown impact and remote attack vectors involving "memory corruption." NOTE: as of 20071116, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Wed, 21 Nov 07
windows
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6043
The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898.

Wed, 21 Nov 07
Confixx Professional
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6042
PHP remote file inclusion vulnerability in fehler.inc.php in SWSoft Confixx Professional 3.2.1 allows remote attackers to execute arbitrary PHP code via a URL in an unspecified parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Wed, 21 Nov 07
rigs_of_rogs
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6041
Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Rods (RoR) before 0.33d SP1 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a nickname followed by a vehicle name in a MSG2_USE_VEHICLE message, whose combined length triggers the overflow.

Wed, 21 Nov 07
F5D7230-4
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6040
The Belkin F5D7230-4 Wireless G Router allows remote attackers to cause a denial of service (degraded networking and logging) via a flood of TCP SYN packets, a related issue to CVE-1999-0116.

Wed, 21 Nov 07
PHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5899
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID.

Wed, 21 Nov 07
OmniPCX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5361
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename.

Wed, 21 Nov 07
PHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5900
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.

Wed, 21 Nov 07
PHP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5898
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

Wed, 21 Nov 07
juser
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6038
PHP remote file inclusion vulnerability in xajax_functions.php in the JUser (com_juser) 1.0.14 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Wed, 21 Nov 07
Media Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6036
The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service (daemon crash) via a short RTSP query, which causes a negative number to be used during memory allocation.

Wed, 21 Nov 07
Cacti
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6035
SQL injection vulnerability in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Wed, 21 Nov 07
InTouch
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6033
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everybody/Full Control), which allows remote authenticated attackers, possibly anonymous users, to execute arbitrary programs.

Wed, 21 Nov 07
Web Publishing Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6032
SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote attackers to execute arbitrary SQL commands via the mode parameter.

Wed, 21 Nov 07
Vshell
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6031
Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

Wed, 21 Nov 07
BOOTPTurbo
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6030
Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

Wed, 21 Nov 07
ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6029
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

Wed, 21 Nov 07
Kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5500
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.

Wed, 21 Nov 07
FlexGrid
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6028
Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne FlexGrid 7.1 Light allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the (1) Text, (2) EditSelText, (3) EditText, and (4) CellFontName property values.

Wed, 21 Nov 07
Carousel Flash Image Gallery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6027
PHP remote file inclusion vulnerability in admin.jjgallery.php in the Carousel Flash Image Gallery (com_jjgallery) component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Wed, 21 Nov 07
Jet, Office, windows
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6026
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file.

Wed, 21 Nov 07
wpa_supplicant
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6025
Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 and earlier allows remote attackers to cause a denial of service (crash) via crafted TSF data.

Wed, 21 Nov 07
WordPress
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6013
Wordpress 1.5 to 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.

Tue, 20 Nov 07
DocuSafe
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6012
SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 allows remote attackers to execute arbitrary SQL commands via the artnr parameter (aka the search section). NOTE: some of these details are obtained from third party information.

Tue, 20 Nov 07
Samba
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4572
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.

Fri, 16 Nov 07
bughotel reservation system
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6011
Unspecified vulnerability in main.php of BugHotel Reservation System before 4.9.9 P3 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Fri, 16 Nov 07
Pioneers
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6010
Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933.

Fri, 16 Nov 07
KeyView Viewer SDK, KeyView Filter SDK, KeyView Export SDK
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6008
Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Fri, 16 Nov 07
Photo Manager, Pro Photo Manager, Photo Editor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6007
Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted PSP image that triggers a heap-based buffer overflow.

Fri, 16 Nov 07
testlink
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6006
TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.

Fri, 16 Nov 07
WebEx GPCContainer ActiveX Control
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6005
Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote attackers to cause a denial of service (memory access violation and crash) via (1) an invalid argument to the InitParam method or (2) an unspecified vector involving the SetParam method.

Fri, 16 Nov 07
instan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6004
Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action.

Fri, 16 Nov 07
SpeedTouch
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6003
Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the Thomson SpeedTouch 716 with firmware 5.4.0.14 allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Fri, 16 Nov 07
Sleipnir, Grani
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6002
Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section.

Fri, 16 Nov 07
Bandersnatch
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6001
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid parameter in a (3) log or (4) user action, a different vulnerability than CVE-2007-3910.

Fri, 16 Nov 07
Konqueror
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6000
KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters.

Fri, 16 Nov 07
Softbiz Auctions Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5999
SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

Fri, 16 Nov 07
Ad Management plus Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5998
SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter.

Fri, 16 Nov 07
Banner Exchange Network Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5997
SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.

Fri, 16 Nov 07
Link Directory Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5996
SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attackers to execute arbitrary SQL commands via the sbcat_id parameter, a related issue to CVE-2007-5449.

Fri, 16 Nov 07
patBBcode
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5995
PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example parameter.

Fri, 16 Nov 07
yappa-ng
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5994
PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the config[path_src_include] parameter.

Fri, 16 Nov 07
vtls.web.gateway
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5993
Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.web.gateway before 48.1.1 allows remote attackers to inject arbitrary web script or HTML via the searchtype parameter.

Fri, 16 Nov 07
ExoPHPDesk
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5990
Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a user profile.

Fri, 16 Nov 07
Photo Manager, Pro Photo Manager, Photo Editor
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4344
Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in (1) a PSP image to the ID_PSP.apl plug-in or (2) an LHA archive to the AM_LHA.apl plug-in, resulting in a heap-based buffer overflow.

Fri, 16 Nov 07
ColdFusion MX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5905
Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions via unspecified vectors that trigger establishment of a session to a ColdFusion application in which the (1) CFID or (2) CFTOKEN cookies have empty values, possibly due to a session fixation vulnerability.

Fri, 16 Nov 07
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4704
The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted again, which might allow attackers to bypass intended access restrictions.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4702
The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended access restrictions.

Fri, 16 Nov 07
PCRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7230
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4701
WebKit on Apple Mac OS X 10.4 through 10.4.10 does not create temporary files securely when Safari is previewing a PDF file, which allows local users to read the contents of that file.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4700
Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors.

Fri, 16 Nov 07
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4699
The default configuration of Safari in Apple Mac OS X 10.4 through 10.4.10 adds a private key to the keychain with permissions that allow other applications to access the key without warning the user, which might allow other applications to bypass intended access restrictions.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4697
Unspecified vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via unknown vectors related to browser history, which triggers memory corruption.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4696
Race condition in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4695
Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4694
Safari in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access local content via file:// URLs.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4693
The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to "handling of keyboard focus between secure text fields."

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4691
The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4690
Double-free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4689
Double-free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4688
The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain all addresses for a host, including link-local addresses, via a Node Information Query.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4687
The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4686
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or execute arbitrary code via a crafted ioctl request.

Fri, 16 Nov 07
Mac OS X, Mac OS X Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4685
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."

Fri, 16 Nov 07
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4684
Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via crafted arguments to the i386_set_ldt system call.

Thu, 15 Nov 07
CVE-2007-4683
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4683
Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory.

Thu, 15 Nov 07
CVE-2007-4682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4682
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer.

Thu, 15 Nov 07
CVE-2007-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4681
Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possible execute arbitrary code via a crafted directory hierarchy.

Thu, 15 Nov 07
CVE-2007-4680
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4680
CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack.

Thu, 15 Nov 07
CVE-2007-4679
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4679
CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.

Thu, 15 Nov 07
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4268
An "arithmetic error" in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message that triggers a buffer overflow.

Thu, 15 Nov 07
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4267
Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted ioctl request to an AppleTalk socket.

Thu, 15 Nov 07
Mac OS X
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3749
The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach thread or thread exception port, which allows local users to execute arbitrary code by writing to the address space of a privileged process.

Thu, 15 Nov 07
BTI-Tracker
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5987
details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote attackers to bypass protection mechanisms via a direct request, as demonstrated by (1) reading the details of an arbitrary torrent and (2) modifying a torrent owned by a guest.

Thu, 15 Nov 07
BTI-Tracker
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5986
SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Thu, 15 Nov 07
BTI-Tracker
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5985
Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) account.php, (2) moresmiles.php, or (3) recover.php; or (4) the "to" parameter to usercp.php.

Thu, 15 Nov 07
AutoIndex PHP Script
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5983
Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).

Thu, 15 Nov 07
X7 Chat
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5982
Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) room parameter to sources/frame.php, the (2) theme_c parameter to help/index.php, or the (3) INSTALL_X7CHATVERSION parameter to upgradev1.php.

Thu, 15 Nov 07
SCS3200
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5981
Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Thu, 15 Nov 07
eggblog
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5980
Cross-site scripting (XSS) vulnerability in home/rss.php in eggblog before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).

Thu, 15 Nov 07
Firepass 4100
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5979
Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.

Thu, 15 Nov 07
MyLinks Module
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5978
SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote attackers to execute arbitrary SQL commands via the lid parameter.

Thu, 15 Nov 07
phpMyAdmin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5976
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.

Thu, 15 Nov 07
TorrentStrike
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5975
SQL injection vulnerability in index.php in TBSource, as used in (1) TBDev and (2) TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. NOTE: some of these details are obtained from third party information.

Thu, 15 Nov 07
JPortal Web Portal
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5973
SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.

Thu, 15 Nov 07
Safari
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4692
The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab.

Thu, 15 Nov 07
Linux kernel
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7229
The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flood of network traffic.

Thu, 15 Nov 07
Broadcast Machine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3694
Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

Thu, 15 Nov 07
PCRE
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7227
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern names (max_name_size), which triggers a buffer overflow. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.

Thu, 15 Nov 07
Informix Dynamic Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5956
Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows attackers to have an unknown impact via directory traversal sequences in the DBLANG environment variable.

Thu, 15 Nov 07
UPDIR.NET
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5955
Cross-site scripting (XSS) vulnerability in updir.php in UPDIR.NET before 2.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Thu, 15 Nov 07
JLMForo System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5954
Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo System allows remote attackers to inject arbitrary web script or HTML via the clave parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Thu, 15 Nov 07
Really Simple CalDAV Store
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5953
Unspecified vulnerability in Really Simple CalDAV Store (RSCDS) before 0.9.0 allows attackers to obtain sensitive information via unspecified vectors.

Thu, 15 Nov 07
Helios Calendar
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5952
Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Thu, 15 Nov 07
0.2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5951
SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Thu, 15 Nov 07
NetCommons
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5950
Cross-site scripting (XSS) vulnerability in NetCommons before 1.0.11, and 1.1.x before 1.1.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2006-4165.

Thu, 15 Nov 07
Tivoli Service Desk
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5949
Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6.2 allows remote authenticated users to inject arbitrary web script or HTML via the Description parameter in a Maximo change action.

Thu, 15 Nov 07
SF-Shoutbox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5948
Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shout (aka Shout) parameters.

Thu, 15 Nov 07
Firefox
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5947
The jar protocol handler in Mozilla Firefox retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI.

Thu, 15 Nov 07
HP-UX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5946
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.

Thu, 15 Nov 07
USVN
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5945
USVN before 0.6.5 allows remote attackers to obtain a list of repository contents via unspecified vectors.

Thu, 15 Nov 07
WebSphere Application Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5944
Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.

Thu, 15 Nov 07
Simple Machines Forum
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5943
Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a message in private forums by using the advanced search module with the "show results as messages" option, then searching for possible keywords contained in that message.

Thu, 15 Nov 07
Shockwave
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5941
Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method.

Thu, 15 Nov 07
Ruby
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5770
The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.

Thu, 15 Nov 07
WinPcap
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5756
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.

Thu, 15 Nov 07
Radio
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5755
Multiple stack-based buffer overflows in the AOL AmpX ActiveX control in AmpX.dll 2.6.1.11 in AOL Radio allow remote attackers to execute arbitrary code via long arguments to unspecified methods.

Thu, 15 Nov 07
Novell client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5667
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the .nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.

Thu, 15 Nov 07
windows-nt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3898
The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.

Thu, 15 Nov 07
Net Connect Software
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3880
Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog.

Thu, 15 Nov 07
Conga, rhel_cluster
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4136
The ricci daemon in Conga 0.10.0 allows remote attackers to cause a denial of service (loss of new connections) by repeatedly sending data or attempting connections.

Thu, 15 Nov 07
TeXlive 2007
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5940
feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file.

Thu, 15 Nov 07
nss_ldap
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5794
Race condition in nss_ldap, when used in applications that use pthread and fork after a call to nss_ldap, does not properly handle the LDAP connection, which might cause nss_ldap to return the wrong user data to the wrong process. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.

Thu, 15 Nov 07
teTeX, TeXlive 2007
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5936
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.

Thu, 15 Nov 07
teTeX, TeXlive 2007
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5935
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.

Thu, 15 Nov 07
Structures_DataGrid_DataSource_MDB2
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5934
The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a form field in an MDB2 application, as demonstrated by a file:// URL or a URL for an intranet web site.

Home | Contact | PHP Scripts | Sitemap | News | Jobs | RSS Readers | Donations

© amigura.co.uk All Rights Reserved.