Primary
Vendor — Product |
Description |
|
CVSS Score |
Source & Patch Info |
| AbleDesign — Dynamic Picture Frame |
Cross-site scripting (XSS) vulnerability in pframe.php in AbleDesign Dynamic Picture Frame 1.00 allows remote attackers to inject arbitrary web script or HTML via the img_url parameter. NOTE: some of these details are obtained from third party information. |
|
4.3 |
CVE-2007-4624
BUGTRAQ
BID
FRSIRT
SECUNIA
XF |
| ALTools — ALPass |
Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a “Site Information and Folder entry” with a ciphertext_length value much larger than the plaintext_length value. |
|
6.8 |
CVE-2007-4549
OTHER-REF
BID
XF |
| ALTools — ALPass |
Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file. |
|
5.1 |
CVE-2007-4550
OTHER-REF
BID |
| Asterisk — Asterisk |
Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an “invalid/corrupted” MIME body, which triggers a crash when the recipient listens to voicemail. |
|
5.0 |
CVE-2007-4521
BUGTRAQ
OTHER-REF
DEBIAN
BID
SECTRACK
SECUNIA
SECUNIA |
| BEA Systems — WebLogic Server |
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an error response, a different vulnerability than CVE-2006-2461. |
|
6.8 |
CVE-2007-4613
BEA
BID |
| BEA Systems — WebLogic Server |
The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 sometimes selects the null cipher when others are available, which might allow remote attackers to intercept communications. |
|
6.4 |
CVE-2007-4615
BEA
FRSIRT
SECTRACK
SECUNIA |
BEA Systems — WebLogic Server
BEA Systems — WebLogic Express |
The SSL server implementation in BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP1, and 10.0 sometimes selects the null cipher when no other cipher is compatible between the server and client, which might allow remote attackers to intercept communications. |
|
6.4 |
CVE-2007-4616
BEA
FRSIRT
SECTRACK
SECUNIA |
| Dale Mooney — Moon Gallery |
Unrestricted file upload vulnerability in config/upload.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to upload and execute arbitrary PHP files in images/, possibly related to config/admin.php. |
|
6.8 |
CVE-2007-4610
BUGTRAQ
BID
SECUNIA
XF |
| Dale Mooney — Contact Form |
CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers. |
|
4.3 |
CVE-2007-4612
BUGTRAQ
BID
XF |
| Entrust — Entelligence Security Provider |
Entrust Entelligence Security Provider (ESP) 8 does not properly validate certificates in certain circumstances involving (1) a chain that omits the root Certification Authority (CA) certificate, or an application that specifies disregarding (2) unknown revocation statuses during path validation or (3) certain errors in the certification path, which might allow context-dependent attackers to spoof certificate authentication. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
6.4 |
CVE-2007-4594
BID
SECUNIA |
| Eric Raymond — Fetchmail |
fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP. |
|
5.0 |
CVE-2007-4565
OTHER-REF |
| eyeOS Project — eyeOS |
eyeOS uses predictable checksum values in the checknum parameter for access control, which allows remote attackers to register many accounts via doCreateUser actions, add many eyeBoard messages via addMsg actions, and cause a denial of service or conduct certain unauthorized activities, by guessing valid parameter values. |
|
6.4 |
CVE-2007-4609
BUGTRAQ |
| GNU — tar |
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. |
|
6.8 |
CVE-2007-4131
OTHER-REF
REDHAT
BID |
| guliverkli — Media Player Classic |
Buffer overflow in the CFLICStream::_deltachunk function in FLICSource.cpp in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to execute arbitrary code via a crafted FLI file. |
|
6.8 |
CVE-2006-7222
OTHER-REF
BID
SECUNIA
XF |
Hitachi — Cosminexus DABroker
Hitachi — DABroker |
Unspecified vulnerability in Hitachi DABroker before 03-02-/D and Cosminexus DABroker before 02-04-/C and 03-05-/E allows remote attackers to cause a denial of service (connection prevention) by sending “data unexpectedly through a port.” |
|
4.3 |
CVE-2007-4562
OTHER-REF
BID
SECUNIA
XF |
Hitachi — Cosminexus Application Server Enterprise
Hitachi — uCosminexus Application Server Standard
Hitachi — uCosminexus Application Server Enterprise
Hitachi — Electronic Form Workflow – Standard Set
Hitachi — Electronic Form Workflow -Professional Library Set
Hitachi — Cosminexus Application Server Standard
Hitachi — uCosminexus Service Platform |
Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user’s group permissions to logical J2EE server processes, which allows local users to gain privileges. |
|
4.4 |
CVE-2007-4563
OTHER-REF
BID
SECUNIA
XF |
Hitachi — Cosminexus Application Server Enterprise
Hitachi — uCosminexus Application Server Standard
Hitachi — uCosminexus Application Server Enterprise
Hitachi — Electronic Form Workflow – Standard Set
Hitachi — Electronic Form Workflow -Professional Library Set
Hitachi — Cosminexus Application Server Standard
Hitachi — uCosminexus Service Platform |
Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user’s group permissions to logical user server processes, which allows local users to gain privileges. |
|
4.6 |
CVE-2007-4564
OTHER-REF
BID
SECUNIA
XF |
| IBM — SurePOS 500 series |
IBM SurePOS 500 has (1) a default password of “12345” for the manager and (2) blank default passwords for operator accounts. |
|
4.6 |
CVE-2007-4598
OTHER-REF
OTHER-REF
OTHER-REF |
| Implied by Design — Micro CMS |
SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS (Micro-CMS) 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
|
6.8 |
CVE-2007-4602
MILW0RM
SECUNIA |
| Ipswitch — WS_FTP |
Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to create a new admin account. |
|
4.3 |
CVE-2007-4555
FULLDISC
SECUNIA
XF |
| Mozilla — Bugzilla |
email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters. |
|
5.0 |
CVE-2007-4538
OTHER-REF
OTHER-REF
BID
SECUNIA |
| Mozilla — Bugzilla |
The WebService (XML-RPC) interface in Bugzilla 2.23.3 through 3.0.0 does not enforce permissions for the time-tracking fields of bugs, which allows remote attackers to obtain sensitive information via certain XML-RPC requests, as demonstrated by the (1) Deadline and (2) Estimated Time fields. |
|
5.0 |
CVE-2007-4539
OTHER-REF
OTHER-REF
BID
SECUNIA |
| Mozilla — Bugzilla |
Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla 2.17.1 through 2.20.4, 2.22.x before 2.22.3, and 3.x before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the buildid field in the “guided form.” |
|
4.3 |
CVE-2007-4543
OTHER-REF
OTHER-REF
BID
SECUNIA |
| Novell — GroupWise WebAccess |
Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an incomplete fix for CVE-2004-2103.2. |
|
4.3 |
CVE-2007-4557
OTHER-REF |
| Olate — OlateDownload |
Multiple cross-site scripting (XSS) vulnerabilities in Olate Download (od) 3.4.2 allow remote attackers to inject arbitrary web script or HTML via (1) the PHP_SELF variable in modules/core/uim.php and (2) [url] tags in a comment in modules/core/fldm.php. |
|
4.3 |
CVE-2007-4541
BUGTRAQ
BUGTRAQ
OTHER-REF
OTHER-REF
BID
SECUNIA
XF
XF |
| OpenSymphony — XWork |
Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a “%{” sequence and ending with a “}” character. |
|
6.8 |
CVE-2007-4556
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF |
| Polipo — Polipo |
Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request. |
|
4.3 |
CVE-2007-4625
OTHER-REF
FRSIRT
SECUNIA
XF |
| Polipo — Polipo |
Unspecified vulnerability in Polipo before 1.0.2 allows remote attackers to cause a denial of service (daemon crash) via certain network traffic associated with entities larger than 2 Gb. |
|
5.0 |
CVE-2007-4626
OTHER-REF
SECUNIA |
| Python Software Foundation — Python |
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. |
|
6.8 |
CVE-2007-4559
MLIST
MLIST |
| Red Hat — Network Satelite Server |
Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a “back-end XMLRPC handler.” |
|
6.5 |
CVE-2007-4132
REDHAT
BID |
| Red Hat — Fedora |
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. |
|
6.8 |
CVE-2007-4134
FEDORA
OTHER-REF
OTHER-REF |
| Skulltag Team — Skulltag |
Heap-based buffer overflow in the Huffman decompression algorithm implemented in Skulltag 0.97d-beta4.1 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet. |
|
6.8 |
CVE-2007-4537
OTHER-REF
BID
SECUNIA |
Sophos — Anti-Virus
Sophos — Scanning Engine
Sophos — Small Business Suite |
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a “BZip bomb”). |
|
5.0 |
CVE-2007-4577
BUGTRAQ
OTHER-REF
OTHER-REF
BID
FRSIRT
SECTRACK
SECUNIA |
| star — star |
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. |
|
5.0 |
CVE-2007-4558
OTHER-REF
OTHER-REF |
Subversion — Subversion
TortoiseSVN — TortoiseSVN |
Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a .. (dot dot backslash) sequence in the filename, as stored in the file repository. |
|
6.0 |
CVE-2007-3846
MLIST
OTHER-REF
OTHER-REF
SECUNIA
SECUNIA |
| The Seasar Foundation — escafeWeb |
Cross-site scripting (XSS) vulnerability in Easy Software Cafeteria escafeWeb (aka Tuigwaa) 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties. |
|
4.3 |
CVE-2007-4587
OTHER-REF
OTHER-REF
BID
SECUNIA
XF |
| The Seasar Foundation — Mayaa |
Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving (1) lack of charset specification within a META element or (2) a META element that specifies an unrecognized charset, which trigger automatic character set recognition by the web browser, as demonstrated by improper handling of UTF-7 data. |
|
4.3 |
CVE-2007-4595
OTHER-REF
OTHER-REF
SECUNIA
XF |
| Thomson — ST 2030 SIP phone |
The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via an INVITE message with a Via header that contains a ‘/’ (slash) instead of the required space following the SIP version number. |
|
5.0 |
CVE-2007-4553
FULLDISC
XF |
| TikiWiki Project — TikiWiki |
Cross-site scripting (XSS) vulnerability in tiki-remind_password.php in Tikiwiki (aka Tiki CMS/Groupware) 1.9.7 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: this issue might be related to CVE-2006-2635.7. |
|
4.3 |
CVE-2007-4554
BUGTRAQ
BID |
| Ubuntu — Ubuntu Linux |
A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 does not properly handle connections to services that use libwrap but do not specify server connection information, which might allow remote attackers to bypass intended access restrictions. |
|
5.0 |
CVE-2007-4601
OTHER-REF
OTHER-REF
UBUNTU |
| University of Minnesota — Mapserver |
Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program. |
|
4.3 |
CVE-2007-4542
OTHER-REF
OTHER-REF
OTHER-REF
SECUNIA |
| Vavoom — Vavoom |
Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a chat message, related to a call to the BroadcastPrintf function. |
|
6.8 |
CVE-2007-4533
OTHER-REF
SECUNIA |
| VMWare — VMWare Workstation |
vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) and possibly gain privileges by sending a small file buffer size value to the FsSetVolumeInformation IOCTL handler with an FsSetFileInformation subcode. |
|
6.9 |
CVE-2007-4591
BUGTRAQ
OTHER-REF
BID
FRSIRT
SECTRACK
SECUNIA
XF |
| VMWare — VMWare Workstation |
Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) via unspecified vectors, as demonstrated by the DC2 test suite, possibly a related issue to CVE-2007-4591. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
6.9 |
CVE-2007-4593
SECUNIA |
| WordPress — WordPress MU |
Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the weblog_id parameter (Username field). |
|
4.3 |
CVE-2007-4544
OTHER-REF |
| X-Diesel — Unreal Commander |
Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) ZIP or (2) RAR archive. |
|
6.8 |
CVE-2007-4545
BUGTRAQ
BID |
| X-Diesel — Unreal Commander |
Unreal Commander 0.92 build 565 and 573 lists the filenames from the Central Directory of a ZIP archive, but extracts to local filenames corresponding to names in Local File Header fields in this archive, which might allow remote attackers to trick a user into performing a dangerous file overwrite or creation. |
|
5.8 |
CVE-2007-4546
BUGTRAQ
BID |
| X-Diesel — Unreal Commander |
Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users. |
|
4.3 |
CVE-2007-4547
BUGTRAQ
BID |
| XIGLA — Absolute Poll Manager XE |
Cross-site scripting (XSS) vulnerability in xlaapmview.asp in Absolute Poll Manager XE 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. |
|
4.3 |
CVE-2007-4630
BUGTRAQ |
