CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14201 CVE-2007-4414 +Priv 2007-08-18 2017-07-28
6.8
Admin Local Low Single system Complete Complete Complete
Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box.
14202 CVE-2007-4410 2007-08-18 2018-10-15
6.0
User Remote Medium Single system Partial Partial Partial
ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops.
14203 CVE-2007-4407 2007-08-18 2018-10-15
6.4
None Remote Low Not required None Partial Partial
ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel (zannel), which allows remote attackers to (1) set or remove certain channel modes via a "netriding" attack or (2) take over a channel by joining an unlinked server with the A/Upass and then setting a new Apass.
14204 CVE-2007-4403 264 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
14205 CVE-2007-4402 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
14206 CVE-2007-4401 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple CRLF injection vulnerabilities in the Advanced mIRC Integration Plugin and possibly other unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
14207 CVE-2007-4400 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
CRLF injection vulnerability in the included media script in Konversation allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
14208 CVE-2007-4399 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
14209 CVE-2007-4398 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for WeeChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
14210 CVE-2007-4397 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
14211 CVE-2007-4386 Exec Code Sql 2007-08-17 2017-09-28
6.0
None Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in search.php in GetMyOwnArcade allows remote attackers to execute arbitrary SQL commands via the query parameter.
14212 CVE-2007-4385 Bypass 2007-08-17 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
OWASP Stinger before 2.5 allows remote attackers to bypass input validation routines by using multipart encoded requests instead of form-urlencoded requests. NOTE: this might be used to expose vulnerabilities in applications that would otherwise be protected by the validation routines.
14213 CVE-2007-4384 Exec Code File Inclusion 2007-08-17 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the (1) NomVote and (2) FilePalHex parameters.
14214 CVE-2007-4383 Exec Code File Inclusion 2007-08-17 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: CVE and a third party dispute this vulnerability because header is defined before use. The researcher is known to be unreliable.
14215 CVE-2007-4378 Exec Code 2007-08-16 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login.
14216 CVE-2007-4377 Exec Code Overflow 2007-08-16 2017-10-18
6.0
User Remote Medium Single system Partial Partial Partial
Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372.
14217 CVE-2007-4376 2007-08-16 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/.
14218 CVE-2007-4373 Bypass 2007-08-16 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes.
14219 CVE-2007-4371 2007-08-15 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/.
14220 CVE-2007-4362 Exec Code Sql 2007-08-15 2017-10-18
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
14221 CVE-2007-4359 Exec Code Sql 2007-08-15 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.
14222 CVE-2007-4353 Overflow +Priv 2007-08-14 2017-07-28
6.9
Admin Local Medium Not required Complete Complete Complete
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.
14223 CVE-2007-4330 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
14224 CVE-2007-4329 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
14225 CVE-2007-4328 94 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) galerie.php, or (3) anzagien.php. NOTE: A later report states that 1.1 is also affected, but that the filename for vector 3 is anzeigen.php.
14226 CVE-2007-4327 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php.
14227 CVE-2007-4326 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts.
14228 CVE-2007-4325 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter.
14229 CVE-2007-4323 DoS 2007-08-13 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
14230 CVE-2007-4322 DoS 2007-08-13 2012-10-30
6.8
None Remote Medium Not required Partial Partial Partial
BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
14231 CVE-2007-4321 DoS 2007-08-13 2012-10-30
6.8
None Remote Medium Not required Partial Partial Partial
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
14232 CVE-2007-4315 264 +Priv Bypass 2007-08-13 2012-10-18
6.9
Admin Local Medium Not required Complete Complete Complete
The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
14233 CVE-2007-4314 DoS 2007-08-13 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
pixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the root parameter. NOTE: this can be leveraged for traffic amplification or other denial of service.
14234 CVE-2007-4313 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in public_includes/pub_blocks/activecontent.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, a different vector than CVE-2006-2392, CVE-2006-3076, and CVE-2006-6958.
14235 CVE-2007-4311 310 2007-08-13 2011-05-25
6.8
None Remote Medium Not required Partial Partial Partial
The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof operator.
14236 CVE-2007-4305 Bypass 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
14237 CVE-2007-4304 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".
14238 CVE-2007-4303 +Priv Bypass 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
14239 CVE-2007-4302 +Priv Bypass 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing.
14240 CVE-2007-4295 Exec Code 2007-08-09 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
14241 CVE-2007-4294 Exec Code 2007-08-09 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
14242 CVE-2007-4289 2007-08-09 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715.
14243 CVE-2007-4277 119 Overflow 2007-10-30 2008-09-05
6.6
None Local Low Not required None Complete Complete
The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403.
14244 CVE-2007-4276 119 Exec Code Overflow 2007-08-18 2017-07-28
6.9
None Local Medium Not required Complete Complete Complete
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.
14245 CVE-2007-4275 +Priv 2007-08-18 2017-07-28
6.9
Admin Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd.
14246 CVE-2007-4270 +Priv 2007-08-18 2017-07-28
6.9
Admin Local Medium Not required Complete Complete Complete
Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files.
14247 CVE-2007-4257 Exec Code Overflow 2007-08-08 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name or (2) a .ply file containing a long number plate string, different vectors than CVE-2007-4140.
14248 CVE-2007-4254 Exec Code Overflow 2007-08-08 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127.
14249 CVE-2007-4246 Exec Code Overflow 2007-08-08 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
14250 CVE-2007-4238 +Priv 2007-08-08 2008-11-15
6.9
Admin Local Medium Not required Complete Complete Complete
AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.