CVE-2007-3xxx

There are 982 CVE in this subgroup.
Last updated: 
← Back to 2007
ID Summary Flags Max Score
CVE-2007-3000 Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers to execute ar...
E
CVE-2007-3001 Multiple cross-site scripting (XSS) vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers ...
E
CVE-2007-3002 PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive information via (1) a request to i...
E
CVE-2007-3003 Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to exec...
CVE-2007-3004 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2788. Reason: This candida...
R
CVE-2007-3005 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2789. Reason: This candida...
R
CVE-2007-3006 Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted remote attackers to execute arb...
E
CVE-2007-3007 PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode restriction in certain cases, whic...
CVE-2007-3008 Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably re...
CVE-2007-3009 Format string vulnerability in the MprLogToFile::logEvent function in Mbedthis AppWeb 2.0.5-4, when ...
CVE-2007-3010 masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 an...
KEV E
CVE-2007-3011 The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.5...
E S
CVE-2007-3012 The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers t...
E
CVE-2007-3013 SQL injection vulnerability in activeWeb contentserver before 5.6.2964 allows remote authenticated u...
E S
CVE-2007-3014 Multiple cross-site scripting (XSS) vulnerabilities in activeWeb contentserver before 5.6.2964 allow...
E S
CVE-2007-3017 The WYSIWYG editor applet in activeWeb contentserver CMS before 5.6.2964 only filters malicious tags...
E
CVE-2007-3018 activeWeb contentserver CMS before 5.6.2964 does not limit the file-creation ability of editors who ...
CVE-2007-3021 Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client...
S
CVE-2007-3022 Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client...
S
CVE-2007-3023 unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a cert...
S
CVE-2007-3024 libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for tem...
S
CVE-2007-3025 Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1,...
S
CVE-2007-3026 Integer overflow in Panda Software AdminSecure allows remote attackers to execute arbitrary code via...
S
CVE-2007-3027 Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbi...
CVE-2007-3028 The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly ...
CVE-2007-3029 Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attac...
CVE-2007-3030 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers ...
CVE-2007-3031 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-3032 Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted rem...
S
CVE-2007-3033 Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Fee...
S
CVE-2007-3034 Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Window...
S
CVE-2007-3035 Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attacke...
CVE-2007-3036 Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UN...
CVE-2007-3037 Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code ...
CVE-2007-3038 The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certa...
CVE-2007-3039 Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 200...
E
CVE-2007-3040 Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows...
S
CVE-2007-3041 Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and ...
CVE-2007-3042 Cross-site scripting (XSS) vulnerability in Meneame before 2 allows remote attackers to inject arbit...
S
CVE-2007-3043 Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01...
CVE-2007-3044 Unspecified vulnerability in the Map I/O Service (xpwmap) in Hitachi XP/W on HI-UX/WE2 before 200703...
S
CVE-2007-3045 Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on HI-UX/WE2 before 20070213, and on HP...
S
CVE-2007-3046 Buffer overflow in Advanced Software Production Line Vortex Library before 1.0.3 allows remote attac...
S
CVE-2007-3047 The Vonage VoIP Telephone Adapter has a default administrator username "user" and password "user," w...
CVE-2007-3048 GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password promp...
CVE-2007-3049 Cross-site scripting (XSS) vulnerability in index.php in Buttercup web file manager (BWFM) May 2007 ...
E
CVE-2007-3050 Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack we...
CVE-2007-3051 SQL injection vulnerability in inc/class_users.php in RevokeSoft RevokeBB 1.0 RC4 and earlier allows...
E
CVE-2007-3052 SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earlier module for PostNuke allows...
E
CVE-2007-3053 Session fixation vulnerability in Calimero.CMS 3.3.1232 and earlier allows remote attackers to hijac...
CVE-2007-3054 Cross-site scripting (XSS) vulnerability in search.php in Codelib Linker 2.0.4 and earlier allows re...
CVE-2007-3055 Cross-site scripting (XSS) vulnerability in index.php in Codelib Linker 2.0.4 and earlier allows rem...
E
CVE-2007-3056 Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN 2.0rc4, and possibly earlier, ...
CVE-2007-3057 PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4....
E
CVE-2007-3058 Multiple PHP remote file inclusion vulnerabilities in Madirish Webmail 2.0 allow remote attackers to...
CVE-2007-3059 SendCard 3.3.0 allows remote attackers to obtain sensitive information via an invalid sc_language pa...
CVE-2007-3060 Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inj...
E
CVE-2007-3061 Cactushop 6 and earlier stores sensitive information under the web root with insufficient access con...
CVE-2007-3062 Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running...
S
CVE-2007-3063 SQL injection vulnerability in diary.php in My Databook allows remote attackers to execute arbitrary...
E
CVE-2007-3064 Cross-site scripting (XSS) vulnerability in diary.php in My Databook allows remote attackers to inje...
CVE-2007-3065 SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier all...
E
CVE-2007-3066 Multiple PHP remote file inclusion vulnerabilities in php(Reactor) 1.2.7 and earlier allow remote at...
CVE-2007-3067 Cross-site scripting (XSS) vulnerability in the Attunement and Key Tracker 0.95 and earlier plugin f...
CVE-2007-3068 Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbi...
E
CVE-2007-3069 xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology suppo...
S
CVE-2007-3070 Cross-site scripting (XSS) vulnerability in index.php in BDigital Web Solutions WebStudio allows rem...
E
CVE-2007-3071 Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365....
E
CVE-2007-3072 Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows allows remote attacke...
E
CVE-2007-3073 Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows...
CVE-2007-3074 Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox insta...
E
CVE-2007-3075 Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arb...
CVE-2007-3076 A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to downloa...
CVE-2007-3077 SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to...
E
CVE-2007-3078 Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers t...
S
CVE-2007-3079 listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to obtain sensitive information ...
CVE-2007-3080 SQL injection vulnerability in haberoku.asp in Hunkaray Okul Portaly 1.1 allows remote attackers to ...
E
CVE-2007-3081 PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote...
CVE-2007-3082 Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attack...
E
CVE-2007-3083 Z-Blog 1.7 stores sensitive information under the web root with insufficient access control, which a...
CVE-2007-3084 PHP remote file inclusion vulnerability in sampleblogger.php in Comdev Web Blogger 4.1 allows remote...
CVE-2007-3085 Multiple PHP remote file inclusion vulnerabilities in PBSite allow remote attackers to execute arbit...
CVE-2007-3086 Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier all...
CVE-2007-3087 Peercast places a cleartext password in a query string, which might allow attackers to obtain sensit...
CVE-2007-3088 SQL injection vulnerability in index.php in Comicsense allows remote attackers to execute arbitrary ...
CVE-2007-3089 Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) durin...
CVE-2007-3090 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0591. Reason: This candida...
R
CVE-2007-3091 Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for...
S
CVE-2007-3092 Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties incl...
E
CVE-2007-3093 Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solari...
S
CVE-2007-3094 Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun...
S
CVE-2007-3095 Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224....
CVE-2007-3096 Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and earlier, when magic_quo...
E
CVE-2007-3097 my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell co...
S
CVE-2007-3098 The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc before 7.0.19 allows remote att...
E S
CVE-2007-3099 usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UI...
S
CVE-2007-3100 usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insec...
S
CVE-2007-3101 Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces To...
S
CVE-2007-3102 Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedo...
CVE-2007-3103 The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local...
E S
CVE-2007-3104 The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 a...
CVE-2007-3105 Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel ...
CVE-2007-3106 lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent at...
S
CVE-2007-3107 The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC syst...
S
CVE-2007-3108 The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not proper...
S
CVE-2007-3109 The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determ...
CVE-2007-3110 Cross-site scripting (XSS) vulnerability in the Andy Frank Beatnik 1.0 extension for Firefox allows ...
CVE-2007-3111 Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet...
E
CVE-2007-3112 graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to c...
S
CVE-2007-3113 Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of se...
S
CVE-2007-3114 Memory leak in server/MaraDNS.c in MaraDNS before 1.2.12.05, and 1.3.x before 1.3.03, allows remote ...
S
CVE-2007-3115 Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, and 1.3.x before 1.3.05, allo...
S
CVE-2007-3116 Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a d...
S
CVE-2007-3117 Cross-site scripting (XSS) vulnerability in the SEO module in ADPLAN 3 allows remote attackers to in...
S
CVE-2007-3118 Multiple PHP remote file inclusion vulnerabilities in Kravchuk letter (K-letter) 1.0 allow remote at...
E
CVE-2007-3119 SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) ...
E
CVE-2007-3120 Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php in All In One Control Panel (AI...
S
CVE-2007-3121 Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the zvbi-ntsc-cc tool in Zapping VB...
S
CVE-2007-3122 The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass...
S
CVE-2007-3123 unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to caus...
S
CVE-2007-3124 Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in FreeVMS before 0.3.6 might all...
S
CVE-2007-3125 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-6772. Reason: This candida...
R
CVE-2007-3126 Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an IC...
S
CVE-2007-3127 content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain se...
CVE-2007-3128 SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allow...
CVE-2007-3129 Cross-site scripting (XSS) vulnerability in login.php in Utopia News Pro 1.4.0 allows remote attacke...
E
CVE-2007-3130 Multiple PHP remote file inclusion vulnerabilities in the OpenWiki (formerly JD-Wiki) component (com...
E
CVE-2007-3131 Cross-site scripting (XSS) vulnerability in add_comment.php in Light Blog 4.1 before 20070606 allows...
E
CVE-2007-3132 Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and ...
CVE-2007-3133 SQL injection vulnerability in urunbak.asp in W1L3D4 WEBmarket 0.1 allows remote attackers to execut...
E
CVE-2007-3134 Multiple cross-site scripting (XSS) vulnerabilities in atomPhotoBlog.php in Atom PhotoBlog 1.0.9 and...
S
CVE-2007-3135 Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom Photoblog 1.0.9 and earlier al...
E
CVE-2007-3136 PHP remote file inclusion vulnerability in inc/nuke_include.php in newsSync 1.5.0rc6 allows remote a...
E
CVE-2007-3137 Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in WmsCMS 2.0 and earlier allow re...
E
CVE-2007-3138 Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows re...
E
CVE-2007-3139 config/general.php in Quick.Cart 2.2 and earlier uses a default username and password, which allows ...
E
CVE-2007-3140 SQL injection vulnerability in xmlrpc.php in WordPress 2.2 allows remote authenticated users to exec...
E
CVE-2007-3141 PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote attac...
CVE-2007-3142 Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and p...
E
CVE-2007-3143 Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar ...
E
CVE-2007-3144 Visual truncation vulnerability in Mozilla 1.7.12 allows remote attackers to spoof the address bar a...
E
CVE-2007-3145 Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and...
E
CVE-2007-3146 Zen Help Desk 2.1 stores sensitive information under the web root with insufficient access control, ...
CVE-2007-3147 Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messeng...
E S
CVE-2007-3148 Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messeng...
E S
CVE-2007-3149 sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently a...
CVE-2007-3150 Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-...
E
CVE-2007-3151 rpttop.htm in the web management interface in Packeteer PacketShaper 7.3.0g2 and 7.5.0g1 allows remo...
E
CVE-2007-3152 c-ares before 1.4.0 uses a predictable seed for the random number generator for the DNS Transaction ...
S
CVE-2007-3153 The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facilit...
CVE-2007-3154 Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka wz_tooltips) before 4.01, as used by eGr...
S
CVE-2007-3155 Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors relat...
S
CVE-2007-3156 Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and User...
S
CVE-2007-3157 IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remot...
E
CVE-2007-3158 download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a file...
E
CVE-2007-3159 http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (applicatio...
E
CVE-2007-3160 PHP remote file inclusion vulnerability in admin/header.php in PHP Real Estate Classifieds Premium P...
E
CVE-2007-3161 Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrar...
E
CVE-2007-3162 Buffer overflow in the NotSafe function in the idaiehlp ActiveX control in idaiehlp.dll 1.9.1.74 in ...
E
CVE-2007-3163 Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 ...
CVE-2007-3164 Microsoft Internet Explorer 7, when prompting for HTTP Basic Authentication for an IDN web site, use...
CVE-2007-3165 Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit...
S
CVE-2007-3166 Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbi...
E
CVE-2007-3167 Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control (aka MjpegControl) in MjpegDe...
E
CVE-2007-3168 A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and...
E
CVE-2007-3169 Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer...
E
CVE-2007-3170 Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau Webmail allow remote attackers to in...
E
CVE-2007-3171 Uebimiau Webmail allows remote attackers to obtain sensitive information via a request to demo/pop3/...
E
CVE-2007-3172 Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers...
E
CVE-2007-3173 Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index...
CVE-2007-3174 Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers t...
CVE-2007-3175 Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbit...
CVE-2007-3176 Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated ...
CVE-2007-3177 Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a...
CVE-2007-3178 Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to e...
CVE-2007-3179 Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow r...
CVE-2007-3180 Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attacker...
S
CVE-2007-3181 Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute ar...
E S
CVE-2007-3182 Multiple cross-site scripting (XSS) vulnerabilities in Calendarix 0.7.20070307, when register_global...
E
CVE-2007-3183 Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magic_quotes_gpc is disabled...
E
CVE-2007-3184 Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical ac...
E S
CVE-2007-3185 Apple Safari Beta 3.0.1 for Windows public beta allows remote attackers to cause a denial of service...
CVE-2007-3186 Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell ...
CVE-2007-3187 Multiple unspecified vulnerabilities in Apple Safari for Windows allow remote attackers to cause a d...
CVE-2007-3188 SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX Download Portal allows remote...
E
CVE-2007-3189 Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun Network Management System (JFFN...
CVE-2007-3190 Multiple SQL injection vulnerabilities in auth.php in Just For Fun Network Management System (JFFNMS...
CVE-2007-3191 Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to obtain configuratio...
E
CVE-2007-3192 admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to ...
E
CVE-2007-3193 lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LE...
S
CVE-2007-3194 Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to exec...
CVE-2007-3195 Cross-site scripting (XSS) vulnerability in index.php in ERFAN WIKI 1.00 allows remote attackers to ...
CVE-2007-3196 SQL injection vulnerability in vBSupport.php in vSupport Integrated Ticket System 3.x.x allows remot...
E
CVE-2007-3197 SQL injection vulnerability in vBSupport.php in vBSupport 1.1 before 1.1a allows remote attackers to...
S
CVE-2007-3198 Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly on...
E S
CVE-2007-3199 Unrestricted file upload vulnerability in Link Request Contact Form 3.4 allows remote attackers to e...
E
CVE-2007-3200 NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invok...
CVE-2007-3201 Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 allows user-assisted remote at...
E
CVE-2007-3202 Cross-site scripting (XSS) vulnerability in the rich text editor in Webwiz allows remote attackers t...
CVE-2007-3203 Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.08...
S
CVE-2007-3204 SQL injection vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.4-pre...
CVE-2007-3205 The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second p...
CVE-2007-3207 Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, ...
S
CVE-2007-3208 CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obt...
S
CVE-2007-3209 Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses unencrypted connections for a...
CVE-2007-3210 Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens Object 2.0.0.6 extension for Vita...
CVE-2007-3211 Cross-site scripting (XSS) vulnerability in 404.php in Domain Technologie Control (DTC) before 0.25....
S
CVE-2007-3212 Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote...
CVE-2007-3213 Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and earlie...
CVE-2007-3214 SQL injection vulnerability in style.php in e-Vision CMS 2.02 and earlier, when magic_quotes_gpc is ...
E
CVE-2007-3215 PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell c...
CVE-2007-3216 Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve ...
CVE-2007-3217 Multiple PHP remote file inclusion vulnerabilities in Prototype of an PHP application 0.1 allow remo...
CVE-2007-3218 Cross-site scripting (XSS) vulnerability in request.php in PHP Live! 3.2.2 and earlier allows remote...
CVE-2007-3219 Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Boa...
S
CVE-2007-3220 PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content ...
E
CVE-2007-3221 PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the XT-Conteudo modu...
E
CVE-2007-3222 PHP remote file inclusion vulnerability in modify.php in the XFsection 1.07 module for XOOPS allows ...
E
CVE-2007-3223 Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attacker...
S
CVE-2007-3224 Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Pa...
S
CVE-2007-3225 Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4...
S
CVE-2007-3226 Cross-site scripting (XSS) vulnerability in dotProject before 2.1 RC2 allows remote attackers to inj...
S
CVE-2007-3227 Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Rub...
E
CVE-2007-3228 PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668...
E
CVE-2007-3229 index.php in Singapore Gallery allows remote attackers to obtain sensitive information via a request...
CVE-2007-3230 PHP remote file inclusion vulnerability in phphtml.php in Idan Sofer PHP::HTML 0.6.4 allows remote a...
E
CVE-2007-3231 Buffer overflow in MeCab before 0.96 has unknown impact and attack vectors....
S
CVE-2007-3232 The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) ...
CVE-2007-3233 The TEC-IT TBarCode OCX ActiveX control (TBarCode7.ocx) 7.0.2.3524 allows remote attackers to overwr...
E
CVE-2007-3234 SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arb...
E
CVE-2007-3235 Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers t...
E
CVE-2007-3236 PHP remote file inclusion vulnerability in footer.php in the Horoscope 1.0 module for XOOPS allows r...
E
CVE-2007-3237 PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 ...
E
CVE-2007-3238 Cross-site scripting (XSS) vulnerability in functions.php in the default theme in WordPress 2.2 allo...
CVE-2007-3239 Cross-site scripting (XSS) vulnerability in searchform.php in the AndyBlue theme before 20070607 for...
CVE-2007-3240 Cross-site scripting (XSS) vulnerability in 404.php in the Vistered-Little theme for WordPress allow...
CVE-2007-3241 Cross-site scripting (XSS) vulnerability in blogroll.php in the cordobo-green-park theme for WordPre...
CVE-2007-3242 The Menu Manager Mod for (1) web-app.net WebAPP (aka WebAPP NE) 0.9.9.3.3 through 0.9.9.8, and (2) w...
CVE-2007-3243 Cross-site scripting (XSS) vulnerability in bb-login.php in bbPress 0.8.1 allows remote attackers to...
E
CVE-2007-3244 SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might al...
S
CVE-2007-3245 IRC Services before 5.0.62, and 5.1 before 5.1pre3, allows remote attackers to disconnect users with...
S
CVE-2007-3246 The do_set_password function in modules/chanserv/set.c in IRC Services before 5.0.60 preserves chann...
S
CVE-2007-3247 SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary...
S
CVE-2007-3248 Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 interfaces are present but no...
S
CVE-2007-3249 Cross-site scripting (XSS) vulnerability in mod_lettermansubscribe.php in the Letterman Subscriber (...
E S
CVE-2007-3250 SQL injection vulnerability in mod_banners.php in Elxis CMS before 2006.4 20070613 allows remote att...
S
CVE-2007-3251 Multiple directory traversal vulnerabilities in e-Vision CMS 2.02 and earlier allow remote attackers...
E
CVE-2007-3252 PortalApp stores sensitive information under the web root with insufficient access control, which al...
CVE-2007-3253 Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote atta...
S
CVE-2007-3254 Multiple cross-site scripting (XSS) vulnerabilities in Xythos Enterprise Document Manager (XEDM) bef...
S
CVE-2007-3255 Multiple cross-site request forgery (CSRF) vulnerabilities in Xythos Enterprise Document Manager (XE...
S
CVE-2007-3256 Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and possibly WebFile Server before ...
S
CVE-2007-3257 Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMA...
CVE-2007-3258 calendar.php in Calendarix 0.7.20070307 allows remote attackers to obtain sensitive information via ...
CVE-2007-3259 Calendarix 0.7.20070307 allows remote attackers to obtain sensitive information via (1) an invalid m...
E
CVE-2007-3260 HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assign...
S
CVE-2007-3261 Cross-site scripting (XSS) vulnerability in widgets/widget_search.php in dKret before 2.6 allows rem...
CVE-2007-3262 Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WA...
S
CVE-2007-3263 Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WA...
S
CVE-2007-3264 Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1.0....
S
CVE-2007-3265 Cross-site scripting (XSS) vulnerability in the Samples component in IBM WebSphere Application Serve...
S
CVE-2007-3266 Directory traversal vulnerability in webif.cgi in ifnet WEBIF allows remote attackers to include and...
E
CVE-2007-3267 Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remo...
S
CVE-2007-3268 The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 a...
S
CVE-2007-3269 Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3.6 before 20070611 allow remote ...
E S
CVE-2007-3270 PHP remote file inclusion vulnerability in Includes/global.inc.php in phpMyInventory 2.8 allows remo...
E S
CVE-2007-3271 PHP remote file inclusion vulnerability in templates/2blue/bodyTemplate.php in YourFreeScreamer 1.0 ...
E
CVE-2007-3272 Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows remote attackers to read arbit...
E
CVE-2007-3273 SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrar...
CVE-2007-3274 Apple Safari 3.0 and 3.0.1 on Windows XP SP2 allows attackers to cause a denial of service (applicat...
CVE-2007-3275 MailWasher Server before 2.2.1, when used with LDAP or Active Directory (AD), does not properly hand...
S
CVE-2007-3276 Cross-site scripting (XSS) vulnerability in index.php in Site@School (S@S) 2.4.10 allows remote atta...
CVE-2007-3277 Unspecified vulnerability in the localization before 1.2 module for WIKINDX allows attackers to acce...
CVE-2007-3278 PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Datab...
CVE-2007-3279 PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, g...
CVE-2007-3280 The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that...
CVE-2007-3281 Cross-site scripting (XSS) vulnerability in index.php in Php Hosting Biller 1.0 allows remote attack...
E
CVE-2007-3282 Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers ...
E
CVE-2007-3283 GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, doe...
S
CVE-2007-3284 corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows remote attackers to cause a d...
E
CVE-2007-3285 Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type che...
E
CVE-2007-3286 Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 ...
CVE-2007-3288 Cross-site scripting (XSS) vulnerability in the skeltoac stats (Automattic Stats) 1.0 plugin for Wor...
CVE-2007-3289 PHP remote file inclusion vulnerability in spaw/spaw_control.class.php in the WiwiMod 0.4 module for...
E
CVE-2007-3290 categoria.php in LiveCMS 3.4 and earlier allows remote attackers to obtain sensitive information via...
E
CVE-2007-3291 Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier allows remote attackers to injec...
E
CVE-2007-3292 Unrestricted file upload vulnerability in LiveCMS 3.4 and earlier allows remote attackers to upload ...
E
CVE-2007-3293 SQL injection vulnerability in categoria.php in LiveCMS 3.4 and earlier allows remote attackers to e...
E
CVE-2007-3294 Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other...
E
CVE-2007-3295 Directory traversal vulnerability in Yet another Bulletin Board (YaBB) 2.1 and earlier allows remote...
CVE-2007-3296 The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote att...
CVE-2007-3297 Multiple PHP remote file inclusion vulnerabilities in Musoo 0.21 allow remote attackers to execute a...
E
CVE-2007-3298 SQL injection vulnerability in Spey before 0.4.1 allows remote attackers to execute arbitrary SQL co...
S
CVE-2007-3299 Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when AllSearchStr (aka the All Sea...
S
CVE-2007-3300 Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote a...
CVE-2007-3301 SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers...
E
CVE-2007-3302 The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (...
S
CVE-2007-3303 Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of ...
CVE-2007-3304 Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a de...
E
CVE-2007-3305 Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers t...
S
CVE-2007-3306 PHP remote file inclusion vulnerability in crontab/run_billing.php in MiniBill 1.2.5 allows remote a...
E
CVE-2007-3307 SQL injection vulnerability in game_listing.php in Solar Empire 2.9.1.1 and earlier allows remote at...
E
CVE-2007-3308 Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with insufficient randomization when c...
CVE-2007-3309 Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows remote attackers to execute ar...
CVE-2007-3310 Cross-site scripting (XSS) vulnerability in arama.asp in TDizin allows remote attackers to inject ar...
E
CVE-2007-3311 SQL injection vulnerability in print.php in the Articles 1.02 and earlier module for Xoops allows re...
E
CVE-2007-3312 Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authe...
E
CVE-2007-3313 Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrar...
E
CVE-2007-3314 Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable...
E
CVE-2007-3315 Multiple PHP remote file inclusion vulnerabilities in YourFreeScreamer 1.0, when register_globals is...
CVE-2007-3316 Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow r...
S
CVE-2007-3317 The Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X...
S
CVE-2007-3318 Buffer overflow in the Session Initiation Protocol (SIP) User Access Client (UAC) message parsing mo...
CVE-2007-3319 The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnon...
CVE-2007-3320 The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE re...
CVE-2007-3321 The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware allows remote attack...
CVE-2007-3322 The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant medi...
CVE-2007-3323 SQL injection vulnerability in comersus_optReviewReadExec.asp in Comersus Shop Cart 7.07 allows remo...
E
CVE-2007-3324 Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote attackers to ...
E
CVE-2007-3325 PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and...
E
CVE-2007-3326 Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow remote attackers to redirect v...
CVE-2007-3327 httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information (script sour...
E
CVE-2007-3328 Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 beta 1 allow remote attackers to...
CVE-2007-3329 Multiple array index errors in the (1) get_intra_block, (2) get_inter_block_h263, and (3) get_inter_...
CVE-2007-3330 Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to inject...
CVE-2007-3331 Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to...
CVE-2007-3332 Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers...
E
CVE-2007-3333 Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execu...
CVE-2007-3334 Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Acces...
S
CVE-2007-3335 Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS before 1.6 allow remote att...
S
CVE-2007-3336 Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5,...
S
CVE-2007-3337 wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Asso...
S
CVE-2007-3338 Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as use...
S
CVE-2007-3339 Multiple cross-site scripting (XSS) vulnerabilities in forum/include/error/autherror.cfm in FuseTalk...
CVE-2007-3340 BugHunter HTTP SERVER (httpsv.exe) 1.6.2 allows remote attackers to cause a denial of service (appli...
E
CVE-2007-3341 Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote att...
S
CVE-2007-3342 Multiple cross-site scripting (XSS) vulnerabilities in Movable Type (MT) before 3.34 allow remote at...
CVE-2007-3343 Cross-site scripting (XSS) vulnerability in RaidenHTTPD before 2.0.14 allows remote attackers to inj...
CVE-2007-3344 Multiple cross-site scripting (XSS) vulnerabilities in netjukebox 4.01b allow remote attackers to in...
CVE-2007-3345 Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 allow remote attackers to exe...
CVE-2007-3346 Directory traversal vulnerability in index.php in PHPAccounts 0.5 allows remote attackers to include...
CVE-2007-3347 The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP ...
CVE-2007-3348 The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage...
S
CVE-2007-3349 The Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attacker...
S
CVE-2007-3350 AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of serv...
CVE-2007-3351 The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim X3 running Windows Mobile 2003...
CVE-2007-3352 Cross-site scripting (XSS) vulnerability in the preview form in Stephen Ostermiller Contact Form bef...
S
CVE-2007-3353 PHP remote file inclusion vulnerability in includes/template.php in MyEvent 1.6 allows remote attack...
CVE-2007-3354 Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to e...
CVE-2007-3355 Multiple cross-site scripting (XSS) vulnerabilities in NetClassifieds Premium Edition allow remote a...
CVE-2007-3356 NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain r...
CVE-2007-3357 NetClassifieds Premium Edition does not use encryption for (1) stored passwords or (2) sensitive dat...
CVE-2007-3358 PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows rem...
E
CVE-2007-3359 Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attacker...
CVE-2007-3360 hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a clie...
E
CVE-2007-3361 The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to cause a denial ...
CVE-2007-3362 ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows re...
CVE-2007-3363 Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 allow remote attackers to have a...
CVE-2007-3364 Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi sample page in MyServer 0.8.9 all...
CVE-2007-3365 MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, whi...
CVE-2007-3366 Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, a...
S
CVE-2007-3367 Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote...
S
CVE-2007-3368 Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ al...
CVE-2007-3369 Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3...
CVE-2007-3370 Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers...
E
CVE-2007-3371 PHP remote file inclusion vulnerability in plugins/widgets/htmledit/htmledit.php in Powl 0.94 allows...
E
CVE-2007-3372 The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via emp...
S
CVE-2007-3373 daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests...
S
CVE-2007-3374 Buffer overflow in cluster/cman/daemon/daemon.c in cman (redhat-cluster-suite) before 20070622 allow...
S
CVE-2007-3375 Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers...
CVE-2007-3376 Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cau...
E
CVE-2007-3377 Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixe...
E S
CVE-2007-3378 The (1) session_save_path, (2) ini_set, and (3) error_log functions in PHP 4.4.7 and earlier, and PH...
E S
CVE-2007-3379 Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform ...
S
CVE-2007-3380 The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote atta...
S
CVE-2007-3381 The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2....
CVE-2007-3382 Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 t...
S
CVE-2007-3383 Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (example...
S
CVE-2007-3384 Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomc...
S
CVE-2007-3385 Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 d...
S
CVE-2007-3386 Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0....
S
CVE-2007-3387 Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppl...
CVE-2007-3388 Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cp...
S
CVE-2007-3389 Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted c...
CVE-2007-3390 Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers ...
S
CVE-2007-3391 Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a mal...
S
CVE-2007-3392 Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL o...
CVE-2007-3393 Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to c...
CVE-2007-3394 Multiple SQL injection vulnerabilities in eNdonesia 8.4 allow remote attackers to execute arbitrary ...
E
CVE-2007-3395 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2836. Reason: This candida...
R
CVE-2007-3396 Cross-site scripting (XSS) vulnerability in index.wkf in KeyFocus (KF) web server 3.1.0 allows remot...
CVE-2007-3397 The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0....
S
CVE-2007-3398 LiteWEB 2.7 allows remote attackers to cause a denial of service (hang) via a large number of reques...
CVE-2007-3399 SQL injection vulnerability in include/get_userdata.php in Power Phlogger (PPhlogger) 2.2.5 and earl...
E
CVE-2007-3400 The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor a...
E
CVE-2007-3401 PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers ...
E
CVE-2007-3402 SQL injection vulnerability in index.php in pagetool 1.07 allows remote attackers to execute arbitra...
E
CVE-2007-3403 Unrestricted file upload vulnerability in upload.php in dreamLog (aka dreamblog) 0.5 allows remote a...
E
CVE-2007-3404 Directory traversal vulnerability in ShowImage.php in SiteDepth CMS 3.44 allows remote attackers to ...
E
CVE-2007-3405 Multiple cross-site scripting (XSS) vulnerabilities in defter_yaz.asp in Lebisoft zdefter 4.0 allow ...
CVE-2007-3406 Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 ...
E
CVE-2007-3407 Sergey Lyubka Simple HTTPD (shttpd) 1.38 allows remote attackers to obtain sensitive information (sc...
E S
CVE-2007-3408 Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impa...
S
CVE-2007-3409 Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack con...
CVE-2007-3410 Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in ...
CVE-2007-3411 SQL injection vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote a...
CVE-2007-3412 Cross-site scripting (XSS) vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier al...
CVE-2007-3413 Multiple cross-site scripting (XSS) vulnerabilities in bosDataGrid 2.50 and earlier allow remote att...
CVE-2007-3414 Multiple cross-site scripting (XSS) vulnerabilities in access2asp 4.5 and earlier allow remote attac...
CVE-2007-3415 Multiple SQL injection vulnerabilities in index.php in phpRaider 1.0.0 rc8 allow remote attackers to...
CVE-2007-3416 Multiple cross-site request forgery (CSRF) vulnerabilities in the administration of (1) polls, (2) p...
S
CVE-2007-3417 Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebA...
S
CVE-2007-3418 The displaypost function in cgi-bin/cgi-lib/forum_display.pl in web-app.org WebAPP before 0.9.9.7 do...
S
CVE-2007-3419 The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not p...
S
CVE-2007-3420 The Random Cookie Password functionality in the loaduser function in cgi-bin/cgi-lib/subs.pl in web-...
S
CVE-2007-3421 The (1) login, (2) admin profile edit, (3) reminder, (4) edit profile, (5) profile view, (6) gallery...
S
CVE-2007-3422 The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP before 0.9.9.7 attempts to pars...
S
CVE-2007-3423 cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an ins...
S
CVE-2007-3424 The moveim function in cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses t...
S
CVE-2007-3425 Directory traversal vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attack...
E S
CVE-2007-3426 Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote...
E S
CVE-2007-3427 SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to...
E S
CVE-2007-3428 Multiple unspecified vulnerabilities in phpTrafficA before 1.4.2 allow remote attackers to have an u...
S
CVE-2007-3429 Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and earlier, when photograph uplo...
E
CVE-2007-3430 SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to ex...
E
CVE-2007-3431 PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge...
E
CVE-2007-3432 Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers t...
E
CVE-2007-3433 SQL injection vulnerability in index.php in Pharmacy System 2 and earlier allows remote attackers to...
E
CVE-2007-3434 index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information v...
E
CVE-2007-3435 Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (b...
E
CVE-2007-3436 Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (reso...
CVE-2007-3437 AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of serv...
CVE-2007-3438 Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[...
CVE-2007-3439 The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, and snom320 jffs23.36, allows...
CVE-2007-3440 The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, and snom320 jffs23.36, allows...
CVE-2007-3441 Format string vulnerability in the Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version ...
CVE-2007-3442 Format string vulnerability on the Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 allo...
CVE-2007-3443 The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transactio...
CVE-2007-3444 The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a den...
CVE-2007-3445 Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i...
CVE-2007-3446 BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allow...
E
CVE-2007-3447 SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to exec...
E
CVE-2007-3448 Cross-site scripting (XSS) vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allow...
E
CVE-2007-3449 SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQ...
E
CVE-2007-3450 SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQ...
CVE-2007-3451 PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog allows remote authenticated ad...
E
CVE-2007-3452 SQL injection vulnerability in essentials/minutes/doc.php in eDocStore allows remote attackers to ex...
E
CVE-2007-3453 SQL injection vulnerability in Papoo 3.6, and possibly earlier, allows remote attackers to execute a...
S
CVE-2007-3454 Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate ...
S
CVE-2007-3455 cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote a...
S
CVE-2007-3456 Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute ...
S
CVE-2007-3457 Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might a...
S
CVE-2007-3458 The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Na...
S
CVE-2007-3459 A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax Vector 1.3 allows remote attackers...
E
CVE-2007-3460 Multiple PHP remote file inclusion vulnerabilities in index.php3 in EVA-Web 1.1 through 2.2 allow re...
E
CVE-2007-3461 SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers t...
E
CVE-2007-3462 Cross-site request forgery (CSRF) vulnerability in Check Point SofaWare Safe@Office, with firmware b...
S
CVE-2007-3463 Microsoft Windows XP SP2 allows local users, who have sessions created by another user's RunAs (run ...
CVE-2007-3464 Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, does not require entr...
S
CVE-2007-3465 Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, has a certain default...
S
CVE-2007-3467 Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c ...
S
CVE-2007-3468 input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of serv...
S
CVE-2007-3469 Unspecified vulnerability in the TCP Loopback/Fusion implementation in Sun Solaris 10 allows local u...
CVE-2007-3470 Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured wi...
S
CVE-2007-3471 Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, ...
S
CVE-2007-3472 Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35...
CVE-2007-3473 The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted ...
CVE-2007-3474 Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0...
S
CVE-2007-3475 The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denia...
S
CVE-2007-3476 Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assist...
S
CVE-2007-3477 The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow...
E S
CVE-2007-3478 Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) ...
CVE-2007-3479 Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers t...
CVE-2007-3480 PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to cause a denial of service (in...
CVE-2007-3481 Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to bypass ...
CVE-2007-3482 Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows remote attackers to bypass the "...
CVE-2007-3483 Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that per...
CVE-2007-3484 Cross-site scripting (XSS) vulnerability in search.php in Google Custom Search Engine allows remote ...
CVE-2007-3485 Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote attackers to injec...
CVE-2007-3486 Cross-site scripting (XSS) vulnerability in AltaVista search engine allows remote attackers to injec...
CVE-2007-3487 Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP)...
E
CVE-2007-3488 Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.3...
E
CVE-2007-3489 Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Chec...
S
CVE-2007-3490 Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown imp...
E
CVE-2007-3491 Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, ...
CVE-2007-3492 Conti FtpServer 1.0 allows remote authenticated users to cause a denial of service (daemon crash) vi...
CVE-2007-3493 A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2...
E
CVE-2007-3494 Papoo CMS 3.6, and possibly earlier, does not verify user privileges when accessing the backend admi...
S
CVE-2007-3495 Multiple cross-site scripting (XSS) vulnerabilities in the SAP Internet Communication Framework (BC-...
CVE-2007-3496 Cross-site scripting (XSS) vulnerability in SAP Web Dynpro Java (BC-WD-JAV) in SAP NetWeaver Nw04 SP...
CVE-2007-3497 Microsoft Internet Explorer 7 allows remote attackers to determine the existence of page history via...
CVE-2007-3498 Cross-site scripting (XSS) vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 ...
S
CVE-2007-3499 SlackRoll before 8 accepts gpg exit codes other than 0 and 1 as evidence of a valid signature, which...
S
CVE-2007-3500 Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie....
CVE-2007-3501 Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin 1.30.1 and earlier allows ...
CVE-2007-3502 Unspecified vulnerability in the web-based product configuration system in Kaspersky Anti-Spam befor...
S
CVE-2007-3503 The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that conta...
CVE-2007-3504 Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0...
S
CVE-2007-3505 Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to includ...
E
CVE-2007-3506 The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependen...
S
CVE-2007-3507 Stack-based buffer overflow in the local__vcentry_parse_value function in vorbiscomment.c in flac123...
S
CVE-2007-3508 Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow l...
CVE-2007-3509 Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10...
S
CVE-2007-3510 Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allo...
S
CVE-2007-3511 The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions b...
E
CVE-2007-3512 Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows user-assisted remote attackers...
S
CVE-2007-3513 The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not l...
CVE-2007-3514 Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the S...
CVE-2007-3515 SQL injection vulnerability in view_event.php in TotalCalendar 2.402 and earlier allows remote attac...
E
CVE-2007-3516 Multiple cross-site scripting (XSS) vulnerabilities in kayit.asp in Gorki Online Santrac Sitesi allo...
CVE-2007-3517 Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3 allow remote attackers to inj...
S
CVE-2007-3518 SQL injection vulnerability in msg.php in HispaH YouTube Clone Script (youtubeclone) allows remote a...
E
CVE-2007-3519 SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote ...
E
CVE-2007-3520 SQL injection vulnerability in process.php in Easybe 1-2-3 Music Store allows remote attackers to ex...
E
CVE-2007-3521 SQL injection vulnerability in ArcadeBuilder Game Portal Manager 1.7 allows remote attackers to exec...
E
CVE-2007-3522 Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 allow remote attackers to execute...
E
CVE-2007-3523 Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote attacker...
E
CVE-2007-3524 Multiple PHP remote file inclusion vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow r...
E
CVE-2007-3525 Ripe Website Manager 0.8.9 and earlier allows remote attackers to obtain configuration information v...
CVE-2007-3526 Multiple SQL injection vulnerabilities in Buddy Zone 1.5 and earlier allow remote attackers to execu...
E
CVE-2007-3527 Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (C...
S
CVE-2007-3528 The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by (1) discarding random b...
S
CVE-2007-3529 videos.php in PHPDirector 0.21 and earlier allows remote attackers to obtain sensitive information v...
E
CVE-2007-3530 PHPDirector 0.21 and earlier stores the admin account name and password in config.php, which allows ...
E
CVE-2007-3531 The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local use...
S
CVE-2007-3532 NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux an...
CVE-2007-3533 The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service...
CVE-2007-3534 SQL injection vulnerability in login.php in WebChat 0.78 allows remote attackers to execute arbitrar...
E
CVE-2007-3535 Multiple directory traversal vulnerabilities in GL-SH Deaf Forum 6.4.4 and earlier allow remote atta...
E
CVE-2007-3536 Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 all...
E
CVE-2007-3537 IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN pack...
CVE-2007-3538 SQL injection vulnerability in qtg_msg_view.php in QuickTalk guestbook 1.2 allows remote attackers t...
CVE-2007-3539 Multiple SQL injection vulnerabilities in QuickTicket 1.2 build:20070621 and QuickTalk Forum 1.3 all...
E
CVE-2007-3540 Multiple cross-site scripting (XSS) vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote ...
CVE-2007-3541 Cross-site scripting (XSS) vulnerability in Kurinton sHTTPd 20070408 and earlier allows remote attac...
S
CVE-2007-3542 Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0.3.1 allows remote attackers t...
E
CVE-2007-3543 Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allow...
CVE-2007-3544 Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and Word...
CVE-2007-3545 Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows remote attackers to cause a denial ...
S
CVE-2007-3546 Cross-site scripting (XSS) vulnerability in the Windows GUI in Nessus Vulnerability Scanner before 3...
CVE-2007-3547 Directory traversal vulnerability in qti_checkname.php in QuickTicket 1.2 allows remote attackers to...
E
CVE-2007-3548 Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service ...
E
CVE-2007-3549 SQL injection vulnerability in view_sub_cat.php in Buddy Zone 1.5 allows remote attackers to execute...
E
CVE-2007-3550 Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains...
S
CVE-2007-3551 Buffer overflow in bbs100 before 3.2 allows remote attackers to cause a denial of service (crash) by...
S
CVE-2007-3552 Multiple unspecified vulnerabilities in bbs100 before 3.2 allow remote attackers to cause a denial o...
S
CVE-2007-3553 Cross-site scripting (XSS) vulnerability in Rapid Install Web Server in Oracle Application Server 11...
CVE-2007-3554 Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Suppo...
E S
CVE-2007-3555 Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 allows remote attackers to inj...
CVE-2007-3556 Liesbeth base CMS stores sensitive information under the web root with insufficient access control, ...
CVE-2007-3557 SQL injection vulnerability in admin/login.php in Wheatblog (wB) 1.1, when magic_quotes_gpc is disab...
S
CVE-2007-3558 SQL injection vulnerability in Coppermine Photo Gallery (CPG) before 1.4.11 allows remote attackers ...
S
CVE-2007-3559 Cross-site scripting (XSS) vulnerability in infusions/shoutbox_panel/shoutbox_panel.php in PHP-Fusio...
CVE-2007-3560 Multiple unspecified vulnerabilities in Esqlanelapse before 2.6 have unknown impact and attack vecto...
S
CVE-2007-3561 Cross-site scripting (XSS) vulnerability in ara.asp in Efendy Blog 1.0 allows remote attackers to in...
CVE-2007-3562 SQL injection vulnerability in videos.php in PHP Director 0.21 and earlier allows remote attackers t...
E
CVE-2007-3563 SQL injection vulnerability in includes/view_page.php in AV Arcade 2.1b allows remote attackers to e...
E
CVE-2007-3564 libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does not check SSL/TLS certificate ex...
S
CVE-2007-3566 Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before ...
S
CVE-2007-3567 MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication m...
E
CVE-2007-3568 The _LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a deni...
E
CVE-2007-3569 Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote...
E
CVE-2007-3570 The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows re...
CVE-2007-3571 The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain ...
CVE-2007-3572 Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi in the web interface on the Yoggie ...
E
CVE-2007-3573 Multiple SQL injection vulnerabilities in akocomment allow remote attackers to execute arbitrary SQL...
CVE-2007-3574 Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wirele...
E
CVE-2007-3575 SQL injection vulnerability in includes/functions in FreeDomain.co.nr Clone allows remote attackers ...
CVE-2007-3576 Microsoft Internet Explorer 6 executes web script from URIs of arbitrary scheme names ending with th...
E
CVE-2007-3577 PHPIDS before 20070703 does not properly handle use of the substr method in (1) document.location.se...
CVE-2007-3578 PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments...
CVE-2007-3579 PHPIDS before 20070703 does not properly handle setting the .text property of a SCRIPT element befor...
CVE-2007-3580 PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch blo...
CVE-2007-3581 The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to...
CVE-2007-3582 SQL injection vulnerability in index.php in SuperCali PHP Event Calendar 0.4.0 allows remote attacke...
E
CVE-2007-3583 SQL injection vulnerability in details_news.php in Girlserv ads 1.5 and earlier allows remote attack...
E
CVE-2007-3584 SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and earlier for Postnuke allows remote...
E
CVE-2007-3585 PHP remote file inclusion vulnerability in games.php in MyCMS 0.9.8 and earlier allows remote attack...
E
CVE-2007-3586 Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 and earlier allow remote attack...
E
CVE-2007-3587 MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, a...
E
CVE-2007-3588 SQL injection vulnerability in reply.php in VBZooM 1.12 allows remote attackers to execute arbitrary...
CVE-2007-3589 Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary S...
E
CVE-2007-3590 Cross-site scripting (XSS) vulnerability in visitenkarte.php in b1gBB 2.24.0 allows remote attackers...
E
CVE-2007-3591 Unspecified vulnerability in Profile.php in Elite Bulletin Board before 1.0.10 allows remote attacke...
S
CVE-2007-3592 PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticated users to delete arbitrary P...
S
CVE-2007-3593 Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote ...
CVE-2007-3594 Multiple cross-site scripting (XSS) vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allo...
E
CVE-2007-3595 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3399. Reason: This candida...
R
CVE-2007-3596 inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric characters in the sess_id par...
S
CVE-2007-3597 Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack web s...
S
CVE-2007-3598 index.php in vtiger CRM before 5.0.3 allows remote authenticated users to obtain all users' names an...
CVE-2007-3599 vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a...
S
CVE-2007-3600 WordPlugin in the wordintegration component in vtiger CRM before 5.0.3 allows remote authenticated u...
S
CVE-2007-3601 vtiger CRM before 5.0.3, when a migrated build is used, allows remote authenticated users to read ce...
CVE-2007-3602 The SOAP webservice in vtiger CRM before 5.0.3 does not ensure that authenticated accounts are activ...
S
CVE-2007-3603 SQL injection vulnerability in the dashboard (include/utils/SearchUtils.php) in vtiger CRM before 5....
S
CVE-2007-3604 vtiger CRM before 5.0.3 allows remote authenticated users with access to the Analytics DashBoard men...
S
CVE-2007-3605 Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit....
E S
CVE-2007-3606 Heap-based buffer overflow in the rfcguisink.rfcguisink.1 ActiveX control in the EnjoySAP SAP GUI, o...
E
CVE-2007-3607 Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attack...
E
CVE-2007-3608 Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attack...
E
CVE-2007-3609 Multiple SQL injection vulnerabilities in eMeeting Online Dating Software 5.2 allow remote attackers...
E
CVE-2007-3610 SQL injection vulnerability in categories_type.php in phpVID 0.9.9 allows remote attackers to execut...
E
CVE-2007-3611 admin.php in VRNews 1.1.1, and possibly other 1.x versions, does not require authentication, which a...
E
CVE-2007-3612 Stack-based buffer overflow in Visual IRC (ViRC) 2.0 allows remote IRC servers to execute arbitrary ...
E
CVE-2007-3613 Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service (IGS) al...
E
CVE-2007-3614 Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly ...
E S
CVE-2007-3615 Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7....
S
CVE-2007-3616 index.php in vtiger CRM before 5.0.3 allows remote authenticated users to perform administrative cha...
S
CVE-2007-3617 The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows re...
S
CVE-2007-3618 Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetW...
S
CVE-2007-3619 Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 and earlier allows remote att...
E S
CVE-2007-3620 Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote ...
CVE-2007-3621 Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3.0 and earlier allow remote at...
E S
CVE-2007-3622 Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attac...
S
CVE-2007-3623 Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage...
S
CVE-2007-3624 Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers ...
E S
CVE-2007-3625 The Program Neighborhood Agent in Citrix Presentation Server Clients for 32-bit Windows before 10.10...
S
CVE-2007-3626 Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attack...
S
CVE-2007-3627 Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to ex...
E
CVE-2007-3628 Unspecified vulnerability in the fetch function in MDB2.php in PEAR Structures-DataGrid-DataSource-M...
S
CVE-2007-3629 SQL injection vulnerability in oku.asp in Levent Veysi Portal 1.0 allows remote attackers to execute...
CVE-2007-3630 changePW.php in AV Tutorial Script (avtutorial) 1.0 does not require authentication or knowledge of ...
E
CVE-2007-3631 SQL injection vulnerability in index.php in GameSiteScript (gss) 3.1 and earlier allows remote attac...
E
CVE-2007-3632 Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow rem...
E
CVE-2007-3633 Absolute path traversal vulnerability in the Chilkat Software Chilkat Zip ActiveX control in Chilkat...
E
CVE-2007-3634 Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for Squirrelmail 1.4.10a allows remote authe...
S
CVE-2007-3635 Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might all...
S
CVE-2007-3636 Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote att...
CVE-2007-3637 SQL injection vulnerability in MKPortal 1.1.1 allows remote attackers to execute arbitrary SQL comma...
CVE-2007-3638 Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are lis...
CVE-2007-3639 WordPress before 2.2.2 allows remote attackers to redirect visitors to other websites and potentiall...
CVE-2007-3640 Adobe Integrated Runtime (AIR, aka Apollo) allows context-dependent attackers to modify arbitrary fi...
CVE-2007-3641 archive_read_support_format_tar.c in libarchive before 2.2.4 does not properly compute the length of...
S
CVE-2007-3642 The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6....
S
CVE-2007-3643 admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value ...
CVE-2007-3644 archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers t...
S
CVE-2007-3645 archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers t...
S
CVE-2007-3646 SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers ...
E
CVE-2007-3647 The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attacker...
E
CVE-2007-3648 SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows...
S
CVE-2007-3649 Absolute path traversal vulnerability in a certain ActiveX control in hpqvwocx.dll 2.1.0.556 in Hewl...
E
CVE-2007-3650 myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid ...
E
CVE-2007-3651 class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive...
E
CVE-2007-3652 SQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remot...
CVE-2007-3653 Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script (aka FaScript) FaName 1.0 allow ...
CVE-2007-3654 The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20...
CVE-2007-3655 Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, an...
E
CVE-2007-3656 Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check wh...
E
CVE-2007-3657 Mozilla Firefox 2.0.0.4 allows remote attackers to cause a denial of service by opening multiple tab...
E
CVE-2007-3658 Unspecified vulnerability in Microsoft Register Server (REGSVR) allows attackers to cause a denial o...
CVE-2007-3659 Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allows local users to execute arbi...
CVE-2007-3660 The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows remote attackers to overwrite ...
CVE-2007-3661 Eltima Software Virtual Serial Port (VSPAX) ActiveX control (VSPort.DLL) allows remote attackers to ...
CVE-2007-3662 Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to cause a denial of servic...
E
CVE-2007-3663 Divide-by-zero error in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to ...
CVE-2007-3664 Multiple unspecified vulnerabilities in Eltima Software RunService ActiveX control (RunService.dll) ...
CVE-2007-3665 Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote at...
E
CVE-2007-3666 Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execut...
CVE-2007-3667 Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport allows remote attackers to cau...
E
CVE-2007-3668 Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia NMSDVDX allow remote attackers to ca...
E
CVE-2007-3669 Multiple unspecified vulnerabilities in the Innovasys DockStudioXP InnovaDSXP2.OCX ActiveX Control h...
CVE-2007-3670 Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefo...
CVE-2007-3671 Unspecified vulnerability in the kernel in Microsoft Windows Vista has unspecified remote attack vec...
CVE-2007-3672 Cross-site scripting (XSS) vulnerability in ecrire/tools.php in DotClear 1.2.6 allows remote attacke...
CVE-2007-3673 Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 1...
E S
CVE-2007-3675 Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll...
S
CVE-2007-3676 IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix P...
S
CVE-2007-3677 Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow remote attackers to execute arb...
CVE-2007-3678 Stack-based buffer overflow in the MSWord text-import extension (Word 6-2000 Filter.xnt) in QuarkXPr...
E
CVE-2007-3679 The Citrix EPA ActiveX control (aka the "endpoint checking control" or CCAOControl Object) before 4....
S
CVE-2007-3680 Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allo...
S
CVE-2007-3681 The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows loca...
E S
CVE-2007-3682 SQL injection vulnerability in index.php in OpenLD 1.2.2 and earlier allows remote attackers to exec...
E
CVE-2007-3683 SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and earlier allows remote attackers to...
E
CVE-2007-3684 Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote...
CVE-2007-3685 Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive Ajax Star Rating Bar before 1.2.0...
S
CVE-2007-3686 CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remot...
S
CVE-2007-3687 SQL injection vulnerability in inferno.php in the Inferno Technologies RPG Inferno 2.4 and earlier, ...
E
CVE-2007-3688 Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear 1.2.6 allow remote attackers ...
CVE-2007-3689 The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read re...
S
CVE-2007-3690 The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read ...
S
CVE-2007-3691 Multiple SQL injection vulnerabilities in changePW.php in AV Tutorial Script (avtutorial) 1.0, when ...
CVE-2007-3692 Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote a...
S
CVE-2007-3693 Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built on Helma, allows remote attac...
CVE-2007-3694 Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allo...
E
CVE-2007-3695 Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.1 ...
CVE-2007-3696 CA ERwin Data Model Validator (formerly AllFusion Data Model Validator) allows remote attackers to (...
CVE-2007-3697 PHP remote file inclusion vulnerability in phpbb/sendmsg.php in FlashBB 1.1.8 and earlier allows rem...
E
CVE-2007-3698 The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 U...
S
CVE-2007-3699 The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of ...
S
CVE-2007-3700 Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the mess...
S
CVE-2007-3701 TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash...
E S
CVE-2007-3702 Directory traversal vulnerability in the load function in cgi-bin/mail/mailmachine.cgi in Mail Machi...
E
CVE-2007-3703 Stack-based buffer overflow in a certain ActiveX control in sasatl.dll 1.5.0.531 in Zenturi Program ...
E
CVE-2007-3704 Entertainment CMS allows remote attackers to bypass authentication and perform certain administrativ...
CVE-2007-3705 SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL command...
CVE-2007-3706 The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset...
CVE-2007-3707 Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_que...
CVE-2007-3708 Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attacker...
CVE-2007-3709 CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows ...
CVE-2007-3710 PHP remote file inclusion vulnerability in example/gamedemo/inc.functions.php in PHP Comet-Server al...
CVE-2007-3711 Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint I...
CVE-2007-3712 Multiple cross-site scripting (XSS) vulnerabilities in HiddenChest "is ve Bayi Basvuru Formu" (Yb ve...
CVE-2007-3713 Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow remote attackers to execute a...
CVE-2007-3714 Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 allows remote attackers to read...
CVE-2007-3715 Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly pr...
S
CVE-2007-3716 The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly...
S
CVE-2007-3717 rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, ...
S
CVE-2007-3718 Multiple unspecified vulnerabilities in the SVG parsing engine in Apple Safari 3 Beta for Windows ha...
CVE-2007-3719 The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that pe...
CVE-2007-3720 The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from...
CVE-2007-3721 The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that per...
CVE-2007-3722 The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered f...
CVE-2007-3723 The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by ...
CVE-2007-3724 The process scheduler in the Microsoft Windows XP kernel does not make use of the process statistics...
CVE-2007-3725 The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers ...
E S
CVE-2007-3726 Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in pro...
CVE-2007-3727 Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, ...
CVE-2007-3728 Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allow...
CVE-2007-3729 The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates diff...
CVE-2007-3730 The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log t...
CVE-2007-3731 The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (...
E S
CVE-2007-3732 In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuri...
S
CVE-2007-3733 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2007-3734 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thu...
S
CVE-2007-3735 Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and ...
S
CVE-2007-3736 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers t...
S
CVE-2007-3737 Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privile...
S
CVE-2007-3738 Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to exe...
S
CVE-2007-3739 mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from ...
CVE-2007-3740 The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does ...
CVE-2007-3741 The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote att...
S
CVE-2007-3742 WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, does not properly handle...
E S
CVE-2007-3743 Stack-based buffer overflow in bookmark handling in Apple Safari 3 Beta before Update 3.0.3 on Windo...
S
CVE-2007-3744 Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Prot...
S
CVE-2007-3745 The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface th...
S
CVE-2007-3746 The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not properly check the bou...
S
CVE-2007-3747 The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 does not restrict object instan...
S
CVE-2007-3748 Buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) imple...
S
CVE-2007-3749 The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thr...
CVE-2007-3750 Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrar...
CVE-2007-3751 Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attacker...
S
CVE-2007-3752 Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of s...
S
CVE-2007-3753 Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a denial ...
S
CVE-2007-3754 Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or i...
S
CVE-2007-3755 Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make ca...
S
CVE-2007-3756 Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 thr...
S
CVE-2007-3757 Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to trick the iPhone user into mak...
S
CVE-2007-3758 Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and in Mac OS X 10.4 ...
S
CVE-2007-3759 Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari...
S
CVE-2007-3760 Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta U...
S
CVE-2007-3761 Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to ...
S
CVE-2007-3762 Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4...
S
CVE-2007-3763 The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Editi...
S
CVE-2007-3764 The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business E...
S
CVE-2007-3765 The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Develope...
S
CVE-2007-3768 The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of...
S
CVE-2007-3769 Cross-site scripting (XSS) vulnerability in the mirrored server management interface in SurgeFTP 2.3...
S
CVE-2007-3770 The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assis...
CVE-2007-3771 Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corpor...
S
CVE-2007-3772 Directory traversal vulnerability in news/show.php in PsNews 1.1 allows remote attackers to include ...
E
CVE-2007-3773 Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clon...
CVE-2007-3774 Dvbbs 7.1.0 SP1 stores sensitive information under the web root with insufficient access control, wh...
CVE-2007-3775 Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and U...
S
CVE-2007-3776 Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS)...
S
CVE-2007-3777 avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free Edition 7.5.446, provides an inter...
S
CVE-2007-3778 The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to ...
S
CVE-2007-3779 PHP local file inclusion vulnerability in gpg_pop_init.php in the G/PGP (GPG) Plugin before 20070707...
S
CVE-2007-3780 MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon cr...
S
CVE-2007-3781 MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table...
CVE-2007-3782 MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for...
CVE-2007-3783 SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrar...
CVE-2007-3784 Cross-site scripting (XSS) vulnerability in the Belkin G Plus Router F5D7231-4 with firmware 4.05.03...
CVE-2007-3785 Absolute path traversal vulnerability in a certain ActiveX control in PGPBBox.dll in EldoS SecureBla...
E
CVE-2007-3786 Cross-site request forgery (CSRF) vulnerability on the eSoft InstaGate EX2 UTM device before firmwar...
S
CVE-2007-3787 The eSoft InstaGate EX2 UTM device does not require entry of the old password when changing the admi...
S
CVE-2007-3788 The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, whic...
S
CVE-2007-3789 SQL injection vulnerability in admin/index.php in Inmostore 4.0 allows remote attackers to execute a...
E
CVE-2007-3790 The com_print_typeinfo function in the bz2 extension in PHP 5.2.3 allows context-dependent attackers...
E
CVE-2007-3791 Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd before...
CVE-2007-3792 Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers ...
E
CVE-2007-3793 SQL injection vulnerability in Job Management Partner 1/NETM/DM (JP1/NETM/DM) Manager on Windows bef...
S
CVE-2007-3794 Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Develop...
CVE-2007-3795 Unspecified vulnerability in Hitachi TP1/Server Base before 03-05-/P, 05-00-x before 05-00-/G, 05-01...
CVE-2007-3796 The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before...
S
CVE-2007-3798 Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote atta...
E S
CVE-2007-3799 The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote a...
CVE-2007-3800 Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corpora...
CVE-2007-3801 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3699. Reason: This candida...
R
CVE-2007-3802 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0447. Reason: This candida...
R
CVE-2007-3803 The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP command...
CVE-2007-3804 The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow re...
S
CVE-2007-3805 The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate...
S
CVE-2007-3806 The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and p...
E
CVE-2007-3807 Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum before 7.3 allow remote attac...
S
CVE-2007-3808 SQL injection vulnerability in includes/search.php in paFileDB 3.6 allows remote attackers to execut...
E
CVE-2007-3809 Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execut...
E
CVE-2007-3810 SQL injection vulnerability in index.php in Realtor 747 allows remote attackers to execute arbitrary...
E
CVE-2007-3811 Multiple SQL injection vulnerabilities in eSyndiCat allow remote attackers to execute arbitrary SQL ...
E
CVE-2007-3812 SQL injection vulnerability in forums.php in CMScout 1.23 and earlier allows remote attackers to exe...
E
CVE-2007-3813 PHP remote file inclusion vulnerability in include/user.php in the NoBoard BETA module for MKPortal ...
E
CVE-2007-3814 Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote attackers to execute arbitrary...
E
CVE-2007-3815 Buffer overflow in pirs32.exe in Poslovni informator Republike Slovenije (PIRS) 2007 allows local us...
S
CVE-2007-3816 JWIG might allow context-dependent attackers to cause a denial of service (service degradation) via ...
CVE-2007-3817 Cross-site scripting (XSS) vulnerability in the LoginToboggan module 4.7.x-1.0, 4.7.x-1.x-dev, and 5...
S
CVE-2007-3818 Cross-site scripting (XSS) vulnerability in the LoginToboggan module 5.x-1.x-dev before 20070712 for...
S
CVE-2007-3819 Opera 9.21 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI w...
CVE-2007-3820 konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in ...
CVE-2007-3821 Cross-site request forgery (CSRF) vulnerability in Webcit before 7.11 allows remote attackers to mod...
E S
CVE-2007-3822 Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7.11 allow remote attackers to ...
E
CVE-2007-3823 The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denia...
CVE-2007-3824 SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows remote attackers to execute arb...
E
CVE-2007-3825 Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA ...
S
CVE-2007-3826 Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leavin...
E
CVE-2007-3827 Mozilla Firefox allows for cookies to be set with a null domain (aka "domainless cookies"), which al...
CVE-2007-3828 Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbi...
CVE-2007-3829 Multiple stack-based buffer overflows in (a) InterActual Player 2.60.12.0717 and (b) Roxio CinePlaye...
CVE-2007-3830 Cross-site scripting (XSS) vulnerability in alert.php in ISS Proventia Network IPS GX5108 1.3 and GX...
E
CVE-2007-3831 PHP remote file inclusion in main.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows ...
CVE-2007-3832 Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios T...
CVE-2007-3833 The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attacker...
E
CVE-2007-3834 Multiple cross-site scripting (XSS) vulnerabilities in Ex Libris ALEPH allow remote attackers to inj...
CVE-2007-3835 Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to ...
CVE-2007-3836 Format string vulnerability in HydraIRC 0.3.151 allows remote attackers to cause a denial of service...
CVE-2007-3837 Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC servers to cause a denial of servic...
S
CVE-2007-3838 Cross-site scripting (XSS) vulnerability in takeprofedit.php in TBDev.NET DR 11-10-05-BETA-SF1:11100...
E
CVE-2007-3839 Cross-site scripting (XSS) vulnerability in takeprofedit.php in TBDev.NET DR 010306 and earlier allo...
E
CVE-2007-3840 SQL injection vulnerability in referralUrl.php in Traffic Stats allows remote attackers to execute a...
E
CVE-2007-3841 Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated user...
CVE-2007-3842 Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows rem...
CVE-2007-3843 The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, w...
CVE-2007-3844 Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote ...
E S
CVE-2007-3845 Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey be...
CVE-2007-3846 Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 an...
S
CVE-2007-3847 The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threa...
CVE-2007-3848 Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child proce...
CVE-2007-3849 Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AI...
S
CVE-2007-3850 The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map us...
S
CVE-2007-3851 The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets,...
CVE-2007-3852 The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which...
CVE-2007-3853 Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authentic...
CVE-2007-3854 Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote...
S
CVE-2007-3855 Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and ...
CVE-2007-3856 Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2...
CVE-2007-3857 Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow remote authenticated users to...
CVE-2007-3858 Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow remote authenticated users to...
CVE-2007-3859 Unspecified vulnerability in the Oracle Internet Directory component for Oracle Database 9.2.0.8 and...
CVE-2007-3860 Unspecified vulnerability in Oracle Application Express (formerly Oracle HTML DB) 2.2.0.00.32 up to ...
CVE-2007-3861 Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaborati...
CVE-2007-3862 Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attacker...
CVE-2007-3863 Unspecified vulnerability in Oracle JDeveloper for Application Server 10.1.2.2 and 10.1.3.1, and Col...
CVE-2007-3864 Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10.1.2 have unknown impact and re...
CVE-2007-3865 Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 1...
CVE-2007-3866 Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote a...
CVE-2007-3867 Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and a...
CVE-2007-3868 Multiple unspecified vulnerabilities in PeopleTools in Oracle PeopleSoft Enterprise 8.22.15, 8.47.13...
CVE-2007-3869 Multiple unspecified vulnerabilities in the Customer Relationship Management Online Marketing compon...
CVE-2007-3870 Multiple unspecified vulnerabilities in the Human Capital Management component in Oracle PeopleSoft ...
CVE-2007-3871 Stampit Web uses guessable id values for online stamp purchases, which allows remote attackers to ca...
CVE-2007-3872 Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView ...
S
CVE-2007-3873 Stack-based buffer overflow in vstlib32.dll 1.2.0.1012 in the SSAPI Engine 5.0.0.1066 through 5.2.0....
S
CVE-2007-3874 Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe)...
S
CVE-2007-3875 arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA produc...
S
CVE-2007-3876 Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary...
E
CVE-2007-3880 Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as ...
S
CVE-2007-3881 SQL injection vulnerability in index.php in Pictures Rating (Picture Rating) allows remote attackers...
E
CVE-2007-3882 SQL injection vulnerability in index.php in Expert Advisor allows remote attackers to execute arbitr...
E
CVE-2007-3883 The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and earlier allows remote attackers to...
E
CVE-2007-3884 SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to e...
CVE-2007-3885 Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote ...
CVE-2007-3886 Cross-site scripting (XSS) vulnerability in default.asp in Element CMS allows remote attackers to in...
CVE-2007-3887 Multiple cross-site scripting (XSS) vulnerabilities in mesaj_formu.asp in ASP Ziyaretci Defteri 1.1 ...
E
CVE-2007-3888 Multiple cross-site scripting (XSS) vulnerabilities in Insanely Simple Blog 0.5 and earlier allow re...
E
CVE-2007-3889 Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attacker...
E
CVE-2007-3890 Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows r...
CVE-2007-3891 Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers ...
S
CVE-2007-3892 Microsoft Internet Explorer 5.01 through 7 allows remote attackers to spoof the URL address bar and ...
CVE-2007-3893 Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to e...
CVE-2007-3894 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-3895 Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attacker...
S
CVE-2007-3896 The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with I...
CVE-2007-3897 Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, a...
S
CVE-2007-3898 The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable t...
E S
CVE-2007-3899 Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows ...
CVE-2007-3900 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-3901 Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parse...
E
CVE-2007-3902 Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Exp...
CVE-2007-3903 Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitiali...
CVE-2007-3904 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-3905 SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote attackers to execute arbitrary...
S
CVE-2007-3906 Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (...
S
CVE-2007-3907 Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to by...
CVE-2007-3908 Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A....
S
CVE-2007-3909 Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote attackers to execute arbitra...
CVE-2007-3910 Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows remote attackers to inject arbit...
CVE-2007-3911 Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvsched...
S
CVE-2007-3912 checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metachara...
S
CVE-2007-3913 SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL co...
CVE-2007-3915 Mondo 2.24 has insecure handling of temporary files....
CVE-2007-3916 The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitr...
CVE-2007-3917 The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to...
CVE-2007-3918 Cross-site scripting (XSS) vulnerability in account/verify.php in GForge 4.6b2 allows remote attacke...
CVE-2007-3919 (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files ...
CVE-2007-3920 GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus,...
S
CVE-2007-3921 gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on tempora...
CVE-2007-3922 Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and J...
CVE-2007-3923 The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4...
S
CVE-2007-3924 Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netsca...
CVE-2007-3925 Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 200...
S
CVE-2007-3926 Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to cause a denial of service (daem...
CVE-2007-3927 Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to...
S
CVE-2007-3928 Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute a...
S
CVE-2007-3929 Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted rem...
S
CVE-2007-3930 Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows r...
CVE-2007-3931 The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200...
CVE-2007-3932 uploadimg.php in the Expose RC35 and earlier (com_expose) component for Joomla! sends an error messa...
E
CVE-2007-3933 SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and earlier allows remote attacker...
E
CVE-2007-3934 PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote a...
E
CVE-2007-3935 PHP remote file inclusion vulnerability in link_main.php in the SupaNav 1.0.0 module for phpBB allow...
E
CVE-2007-3936 Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly ...
E
CVE-2007-3937 Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute ...
E
CVE-2007-3938 SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720...
E
CVE-2007-3939 SQL injection vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress...
E
CVE-2007-3940 Cross-site scripting (XSS) vulnerability in default.asp in QuickerSite 1.7.2 allows remote attackers...
E
CVE-2007-3941 Cross-site scripting (XSS) vulnerability in profile.php in Jasmine CMS 1.0_1 allows remote authentic...
E
CVE-2007-3942 Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.1.3 allows remote at...
CVE-2007-3943 SQL injection vulnerability in Infinite Responder before 1.48 allows remote attackers to execute arb...
S
CVE-2007-3944 Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in th...
CVE-2007-3945 Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API...
CVE-2007-3946 mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of servic...
S
CVE-2007-3947 request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by ...
CVE-2007-3948 connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, w...
S
CVE-2007-3949 mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remot...
S
CVE-2007-3950 lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service ...
S
CVE-2007-3951 Multiple buffer overflows in Norman Antivirus 5.90 allow remote attackers to execute arbitrary code ...
CVE-2007-3952 The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware de...
CVE-2007-3953 The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to cause a denial of ser...
CVE-2007-3954 Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMon...
CVE-2007-3955 Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in LinkedInIEToolbar.dll in the Lin...
E
CVE-2007-3956 TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TC...
E
CVE-2007-3957 Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote attackers to cause a denial of service...
E
CVE-2007-3958 Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of...
E
CVE-2007-3959 The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging ...
S
CVE-2007-3960 Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6...
S
CVE-2007-3961 Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib before 0.9 allows remote attack...
S
CVE-2007-3962 Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers ...
S
CVE-2007-3963 Multiple cross-site scripting (XSS) vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x version...
CVE-2007-3964 Itaka before 0.2.1, when using Authentication mode, allows remote attackers to bypass authentication...
E S
CVE-2007-3965 Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and attack vectors, possibly rela...
CVE-2007-3966 SQL injection vulnerability in Munch Pro allows remote attackers to execute arbitrary SQL commands v...
E
CVE-2007-3967 Directory traversal vulnerability in index.php in PHP Directory Lister (dirLIST) before 0.1.1 allows...
E S
CVE-2007-3968 index.php in dirLIST before 0.1.1 allows remote attackers to list the contents of an excluded folder...
E S
CVE-2007-3969 Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code...
CVE-2007-3970 Race condition in ESET NOD32 Antivirus before 2.2289 allows remote attackers to execute arbitrary co...
S
CVE-2007-3971 Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of ...
E S
CVE-2007-3972 ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafte...
E S
CVE-2007-3973 Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow remote attackers to inject ar...
E
CVE-2007-3974 admin/ajoutaut.php in JBlog 1.0 does not require authentication, which allows remote attackers to cr...
E
CVE-2007-3975 Cross-site scripting (XSS) vulnerability in index.php in Elite Forum 1.0.0.0 allows remote attackers...
CVE-2007-3976 SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL ...
E
CVE-2007-3977 Cross-site scripting (XSS) vulnerability in bwired allows remote attackers to inject arbitrary web s...
E
CVE-2007-3978 Session fixation vulnerability in bwired allows remote attackers to hijack web sessions by setting t...
E
CVE-2007-3979 SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remot...
E
CVE-2007-3980 PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attack...
E
CVE-2007-3981 SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execu...
E
CVE-2007-3982 Absolute path traversal vulnerability in the Data Dynamics ActiveReport (ActiveReports) ActiveX cont...
E
CVE-2007-3983 Absolute path traversal vulnerability in the Data Dynamics DDActiveReports2.ActiveReport.2 (ActiveRe...
CVE-2007-3984 Buffer overflow in a certain ActiveX control in the NixonMyPrograms class in sasatl.dll 1.5.0.531 in...
E
CVE-2007-3985 Directory traversal vulnerability in file.cgi in Secure Computing SecurityReporter (aka Network Secu...
E S
CVE-2007-3986 file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) 4.6.3 allows remote at...
E S
CVE-2007-3987 SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, ...
E
CVE-2007-3988 Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier allows r...
CVE-2007-3989 Multiple cross-site scripting (XSS) vulnerabilities in default.asp in Dora Emlak 1.0, when the goste...
CVE-2007-3990 SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the goster parameter is set to em...
CVE-2007-3991 Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and earlier allow r...
E
CVE-2007-3992 SQL injection vulnerability in vir_login.asp in iExpress Property Pro allows remote attackers to exe...
CVE-2007-3993 Unspecified vulnerability in the attachment filter in Kerio MailServer before 6.4.1 has unknown impa...
S
CVE-2007-3996 Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of ...
S
CVE-2007-3997 The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote ...
E
CVE-2007-3998 The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the break...
CVE-2007-3999 Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RP...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.