CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2007

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-0649 94 XSS File Inclusion 2007-01-31 2008-11-15
4.3
None Remote High Multiple systems Partial Partial Partial
Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as conduct (a) remote file inclusion attacks via the srcdir parameter in custom/import_xml.php or (b) cross-site scripting (XSS) attacks via the rootdir parameter in interface/login/login_frame.php, via vectors associated with extract operations on the (1) POST and (2) GET superglobal arrays. NOTE: this issue was originally disputed before the extract behavior was identified in post-disclosure analysis. Also, the original report identified "Open Conference Systems," but this was an error.
2 CVE-2007-0648 DoS 2007-01-31 2009-03-04
7.8
None Remote Low Not required None None Complete
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
3 CVE-2007-0647 DoS 2007-01-31 2008-09-05
7.1
None Remote Medium Not required None None Complete
Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function.
4 CVE-2007-0646 134 DoS 2007-01-31 2008-09-05
7.1
None Remote Medium Not required None None Complete
Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function.
5 CVE-2007-0645 DoS 2007-01-31 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions.
6 CVE-2007-0644 DoS 2007-01-31 2008-09-05
7.1
None Remote Medium Not required None None Complete
Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions.
7 CVE-2007-0643 DoS Exec Code Overflow 2007-01-31 2008-11-13
4.3
None Remote Medium Not required None None Partial
Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long line in a .cpp file.
8 CVE-2007-0642 89 Exec Code Sql 2007-01-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp.
9 CVE-2007-0641 1 Exec Code Overflow 2007-01-31 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444.
10 CVE-2007-0640 Overflow 2007-01-31 2008-11-15
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."
11 CVE-2007-0639 2007-01-31 2008-11-15
7.5
User Remote Low Not required Partial Partial Partial
Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via (1) a REMOTE_ADDR cookie or (2) a cookie specifying an element of the msg array with an error number in the first dimension and 0 in the second dimension, as demonstrated by msg[999][0].
12 CVE-2007-0638 +Info 2007-01-31 2008-11-13
5.0
None Remote Low Not required Partial None None
show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers to obtain sensitive information (database contents) via a % (percent) character in the dbfieldv parameter.
13 CVE-2007-0637 Dir. Trav. 2007-01-31 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.
14 CVE-2007-0636 2007-01-31 2008-11-15
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in inotify before 0.3.5 has unknown impact and attack vectors, related to "access rights to watched files."
15 CVE-2007-0635 Exec Code File Inclusion 2007-01-31 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in EncapsCMS 0.3.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) config[path] parameter to (a) common_foot.php or (b) blogs.php, or (2) the config[theme] parameter to (c) admin/gallery_head.php.
16 CVE-2007-0634 DoS 2007-01-31 2008-11-15
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets.
17 CVE-2007-0633 Exec Code File Inclusion 2007-01-31 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in include/themes/themefunc.php in MyNews 4.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter.
18 CVE-2007-0632 Exec Code Sql 2007-01-31 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via a username cookie, a different vector than CVE-2007-0560.
19 CVE-2007-0631 Exec Code Sql 2007-01-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
20 CVE-2007-0630 Exec Code Sql 2007-01-31 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in the generate_csv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) from, and (3) q parameters, different vectors than CVE-2007-0569. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
21 CVE-2007-0629 2007-01-31 2008-11-15
6.4
None Remote Low Not required None Partial Partial
The www_purgeList method in Plain Black WebGUI before 7.3.8 does not properly check user permissions, which allows attackers to delete unauthorized assets. NOTE: some of these details are obtained from third party information.
22 CVE-2007-0628 XSS 2007-01-31 2008-11-15
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information.
23 CVE-2007-0627 +Info 2007-01-31 2008-11-15
4.9
None Local Low Not required Complete None None
Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process.
24 CVE-2007-0626 20 Exec Code 2007-01-31 2011-07-13
7.6
Admin Remote High Not required Complete Complete Complete
The comment_form_add_preview function in comment.module in Drupal before 4.7.6, and 5.x before 5.1, and vbDrupal, allows remote attackers with "post comments" privileges and access to multiple input filters to execute arbitrary code by previewing comments, which are not processed by "normal form validation routines."
25 CVE-2007-0625 DoS 2007-01-31 2008-11-13
4.9
None Local Low Not required None None Complete
nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service.
26 CVE-2007-0624 2007-01-31 2008-11-13
5.0
None Remote Low Not required Partial None None
user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) character, and possibly other invalid values, in the uname parameter in a userinfo operation.
27 CVE-2007-0623 Exec Code Sql 2007-01-31 2008-11-15
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via the startrow parameter.
28 CVE-2007-0622 CSRF 2007-01-31 2008-11-15
5.0
None Remote Low Not required None Partial None
Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulletinBoard) 1.2.2 allows remote attackers to send messages to arbitrary users. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
29 CVE-2007-0620 2007-01-31 2008-11-13
5.0
None Remote Low Not required Partial None None
download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
30 CVE-2007-0619 Exec Code Mem. Corr. 2007-01-31 2008-11-15
9.3
Admin Remote Medium Not required Complete Complete Complete
chmlib before 0.39 allows user-assisted remote attackers to execute arbitrary code via a crafted page block length in a CHM file, which triggers memory corruption.
31 CVE-2007-0618 2007-01-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
32 CVE-2007-0617 2007-01-31 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.
33 CVE-2007-0616 Dir. Trav. 2007-01-31 2008-11-13
7.8
None Remote Low Not required Complete None None
Directory traversal vulnerability in zen/template-functions.php in zenphoto 1.0.4 up to 1.0.6 allows remote attackers to list arbitrary directories via ".." sequences in the album parameter to index.php.
34 CVE-2007-0615 DoS 2007-01-31 2008-11-13
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Hitachi JP1/HIBUN Advanced Edition Management Server and Log Server before 20070124 allows remote attackers to cause a denial of service (application stop) via unexpected data.
35 CVE-2007-0614 DoS 2007-01-31 2008-09-05
7.8
None Remote Low Not required None None Complete
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key.
36 CVE-2007-0613 DoS 2007-01-31 2008-09-05
5.0
None Remote Low Not required None None Partial
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.
37 CVE-2007-0612 DoS 2007-01-31 2008-11-15
7.8
None Remote Low Not required None None Complete
Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEditDocument.1 objects in (b) triedit.dll, which cause a NULL pointer dereference.
38 CVE-2007-0611 XSS 2007-01-30 2008-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) inc.page.php and (2) inc.text.php.
39 CVE-2007-0610 XSS 2007-01-30 2008-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote attackers to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
40 CVE-2007-0604 XSS 2007-01-30 2008-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in Movable Type (MT) before 3.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the MTCommentPreviewIsStatic tag, which can open the "comment entry screen," a different vulnerability than CVE-2007-0231.
41 CVE-2007-0603 Exec Code +Priv 2007-01-30 2008-11-15
7.1
Admin Remote High Single system Complete Complete Complete
PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address.
42 CVE-2007-0602 Overflow +Priv 2007-01-30 2008-11-13
6.9
Admin Local Medium Not required Complete Complete Complete
Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533.
43 CVE-2007-0601 Bypass 2007-01-30 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
common/safety.php in Aztek Forum 4.00 allows remote attackers to enter certain data containing %22 sequences (URL encoded double quotes) and other potentially dangerous manipulations by sending a cookie, which bypasses the blacklist matching against the GET and PUT superglobal arrays.
44 CVE-2007-0600 Exec Code Sql 2007-01-30 2008-11-15
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in news_page.asp in Martyn Kilbryde Newsposter Script (aka makit news/blog poster) 3 and earlier allows remote attackers to execute arbitrary SQL commands via the uid parameter.
45 CVE-2007-0599 2007-01-30 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/common_actions.php, via vectors associated with extract operations on the (1) POST, (2) GET, (3) COOKIE, and (4) SERVER superglobal arrays.
46 CVE-2007-0598 Exec Code Sql 2007-01-30 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote attackers to execute arbitrary SQL commands via the fid cookie to forum.php.
47 CVE-2007-0597 +Info 2007-01-30 2008-11-13
5.0
None Remote Low Not required Partial None None
Aztek Forum 4.00 allows remote attackers to obtain sensitive information via a direct request to forum.php with the fid=XD query string, which reveals the path in an error message.
48 CVE-2007-0596 Exec Code File Inclusion 2007-01-30 2008-11-13
6.0
User Remote Medium Single system Partial Partial Partial
PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter.
49 CVE-2007-0595 XSS 2007-01-30 2008-11-13
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in search in High 5 Review Site allows remote attackers to inject arbitrary web script or HTML via the q parameter (aka the search box).
50 CVE-2007-0594 2007-01-30 2008-11-13
5.0
None Remote Low Not required Partial None None
Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD.
Total number of vulnerabilities : 600   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.