Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1742 | 1 Apache | 1 Http Server | 2008-11-13 | 3.7 LOW | N/A |
| suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." | |||||
| CVE-2007-1775 | 1 Jbrowser | 1 Jbrowser | 2008-11-13 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-1820 | 1 Nortel | 2 Callpilot, Meridian Mail | 2008-11-13 | 9.3 HIGH | N/A |
| Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID). | |||||
| CVE-2007-1821 | 1 Sprint | 1 Sprint Voice | 2008-11-13 | 10.0 HIGH | N/A |
| Sprint Nextel Sprint voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). | |||||
| CVE-2007-1822 | 1 Alcatel-lucent | 1 Voice Mail System | 2008-11-13 | 10.0 HIGH | N/A |
| Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). | |||||
| CVE-2007-1823 | 1 T-mobile | 1 Voice Mail Systems | 2008-11-13 | 10.0 HIGH | N/A |
| T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). | |||||
| CVE-2007-1829 | 1 Web-app.net | 1 Webapp | 2008-11-13 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in web-app.net WebAPP have unknown impact and attack vectors, described as "[having] other [security] issues too, not as bad as letting users take over your admin account, but bad too." | |||||
| CVE-2007-1830 | 1 Web-app.org | 1 Webapp | 2008-11-13 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote attackers to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch", and possibly related to copying files to the user-lib and the "XSS and cookies exploit." | |||||
| CVE-2007-1865 | 1 Redhat | 1 Enterprise Linux | 2008-11-13 | 1.9 LOW | N/A |
| ** DISPUTED ** The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when copying header info to the user's buffer." | |||||
| CVE-2007-1492 | 1 Microsoft | 1 Windows Xp | 2008-11-13 | 7.1 HIGH | N/A |
| winmm.dll in Microsoft Windows XP allows user-assisted remote attackers to cause a denial of service (infinite loop) via a large cch argument value to the mmioRead function, as demonstrated by a crafted WAV file. | |||||
| CVE-2007-1494 | 1 Nukescripts | 1 Nukesentinel | 2008-11-13 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NukeSentinel before 2.5.06 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "filters for https:// and http://". | |||||
| CVE-2007-1574 | 1 Care2x | 1 Care2x | 2008-11-13 | 5.0 MEDIUM | N/A |
| CARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-1651 | 1 Openid | 1 Openid | 2008-11-13 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site. | |||||
| CVE-2007-1652 | 1 Openid | 1 Openid | 2008-11-13 | 7.5 HIGH | N/A |
| OpenID allows remote attackers to forcibly log a user into an OpenID enabled site, divulge the user's personal information to this site, and add it site to the trusted sites list via a crafted web page, related to cached tokens. | |||||
| CVE-2007-1653 | 1 Glowworm | 1 Glowworm | 2008-11-13 | 7.8 HIGH | N/A |
| GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses. | |||||
| CVE-2007-1341 | 1 Simple Invoices | 1 Simple Invoices | 2008-11-13 | 5.0 MEDIUM | N/A |
| include/auth/auth.php in Simple Invoices before 2007 03 05 does not use the login system to protect print preview pages for invoices, which might allow attackers to obtain sensitive information. | |||||
| CVE-2007-1354 | 1 Jboss | 1 Jboss Application Server | 2008-11-13 | 6.0 MEDIUM | N/A |
| The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 before 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition and gain privileges by logging in during a session by a more privileged administrator, as demonstrated by privilege escalation from Read Mode to Write Mode. | |||||
| CVE-2007-1435 | 1 D-link | 1 Tftp Server | 2008-11-13 | 10.0 HIGH | N/A |
| Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0461 | 1 Dazuko | 1 Dazuko | 2008-11-13 | 5.0 MEDIUM | N/A |
| Multiple memory leaks in the Dazuko anti-virus helper module before 2.3.2 allow attackers to cause a denial of service (memory consumption) via unknown vectors. | |||||
| CVE-2007-0574 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2008-11-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.40 allows remote attackers to execute arbitrary SQL commands via the wcHeadlines parameter, a different vector than CVE-2006-4715. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0641 | 1 Shaffer Solutions Corp | 1 Dapcnfsd.dll | 2008-11-13 | 7.5 HIGH | N/A |
| Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444. | |||||
| CVE-2007-0378 | 1 Docman | 1 Docman | 2008-11-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-0379 | 1 Docman | 1 Docman | 2008-11-13 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-0380 | 1 Docman | 1 Docman | 2008-11-13 | 5.0 MEDIUM | N/A |
| DocMan 1.3 RC2 allows remote attackers to obtain sensitive information (the full path) via unspecified vectors. | |||||
| CVE-2007-0381 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2008-11-13 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues. | |||||
| CVE-2007-0383 | 1 Wdaemon | 1 Wdaemon | 2008-11-13 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** WDaemon 9.5.4 allows remote attackers to access the /WorldClient.dll URI on TCP port 3000, which has unknown impact. NOTE: The researcher reports that the vendor response was "this is not a security bug." | |||||
| CVE-2007-0384 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-11-13 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in preview in the reviews section in PostNuke 0.764 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-0385 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-11-13 | 7.8 HIGH | N/A |
| The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output" in FAQ/index.php, possibly involving an undefined id_cat variable. | |||||
| CVE-2007-0386 | 1 Postnuke Software Foundation | 1 Postnuke | 2008-11-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interesting bug." | |||||
| CVE-2007-0432 | 1 Bea | 1 Aqualogic Service Bus | 2008-11-13 | 7.5 HIGH | N/A |
| BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities. | |||||
| CVE-2007-0433 | 1 Bea | 1 Aqualogic Service Bus | 2008-11-13 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2, when using Active Directory LDAP for authentication, allows remote authenticated users to access the server even after the account has been disabled. | |||||
| CVE-2007-0434 | 1 Bea | 1 Aqualogic Enterprise Security | 2008-11-13 | 4.6 MEDIUM | N/A |
| BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection. | |||||
| CVE-2006-6980 | 1 Magnatune.com | 1 Album Browser | 2008-11-13 | 2.6 LOW | N/A |
| The magnatune.com album browser in Amarok allows attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2006-5674 | 1 Minibb | 1 Minibb | 2008-11-13 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter to (1) bb_func_forums.php, (2) bb_functions.php, or (3) the RSS plugin. | |||||
| CVE-2007-2176 | 1 Mozilla | 1 Firefox | 2008-11-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175. | |||||
| CVE-2007-2654 | 2 Suse, Xfsdump | 8 Opensuse, Suse Linux, Suse Linux Openexchange Server and 5 more | 2008-11-13 | 4.4 MEDIUM | N/A |
| xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems. | |||||
| CVE-2008-5037 | 1 Elkagroup | 1 Image Gallery | 2008-11-13 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-4440 | 1 Debian | 1 Feta | 2008-11-11 | 7.2 HIGH | N/A |
| The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a symlink on the (1) /tmp/feta.install.$USER and (2) /tmp/feta.avail.$USER temporary files. | |||||
| CVE-2006-4491 | 1 Cybozu | 5 Collaborex, Cybozu Ag, Cybozu Pocket and 2 more | 2008-11-11 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8), Mailwise before 3.0(0.3), and Garoon 1 before 1.5(4.1) allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2006-4492 | 1 Cybozu | 1 Cybozu Office | 2008-11-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows allows remote attackers to obtain sensitive information, including users and groups, via unspecified vectors. | |||||
| CVE-2005-3421 | 1 Hyper Estraier | 1 Hyper Estraier | 2008-11-11 | 5.0 MEDIUM | N/A |
| estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attackers to read unauthorized files via a crafted search request for a filename that contains Unicode characters. | |||||
| CVE-2005-2803 | 1 Hiki | 1 Hiki | 2008-11-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005-2336. | |||||
| CVE-2005-2336 | 1 Hiki | 1 Hiki | 2008-11-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Hiki 0.8.0 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via "missing pages" in which the page name is not properly escaped, a different vulnerability than CVE-2005-2803. | |||||
| CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2008-11-11 | 7.2 HIGH | N/A |
| The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||||
| CVE-2008-5034 | 1 A Mennucc1 | 1 Printfilters-ppd | 2008-11-11 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filter.debug temporary file. NOTE: the vendor disputes this vulnerability, stating 'this package does not have " possibility of attack with the help of symlinks"'. | |||||
| CVE-2008-4996 | 1 Debian | 1 Initramfs-tools | 2008-11-10 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable." | |||||
| CVE-2008-4997 | 1 Pilot-qof | 1 Datafreedom-perl | 2008-11-10 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/zenity temporary file. NOTE: the vendor disputes this vulnerability, stating that the vector is solely "an EXAMPLE used in the manpage." | |||||
| CVE-2008-4998 | 1 Twiki | 1 Twiki | 2008-11-10 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid." | |||||
| CVE-2006-2690 | 1 Eva-web | 1 Eva-web | 2008-11-09 | 7.8 HIGH | N/A |
| An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to obtain the full path of the web server via invalid (1) perso or (2) aide parameters. | |||||
| CVE-2008-4920 | 2008-11-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate was based on an incorrect claim regarding a directory issue in Agavi. The vendor has disputed the issue and the original researcher has retracted the original claim, so this is not a vulnerability. Further investigation by the vendor and original researcher show that the original issue was in a site-specific modification, which is outside the scope of CVE. Notes: CVE users should not use this identifier. | |||||