CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2007(Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-2359 Overflow +Priv 2007-04-30 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
2 CVE-2007-2251 +Priv 2007-04-25 2017-07-28
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and earlier allows attackers to gain privileges via unspecified vectors, probably related to incorrect permission checking in xartemplates/user-view.xd.
3 CVE-2007-2249 +Priv 2007-04-25 2018-10-16
6.5
User Remote Low Single system Partial Partial Partial
include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to gain privileges via a modified (1) user_ids POST parameter or (2) userdata array.
4 CVE-2007-2149 +Priv 2007-04-19 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
Stephen Craton (aka WiredPHP) Chatness 2.5.3 and earlier stores usernames and unencrypted passwords in (1) classes/vars.php and (2) classes/varstuff.php, and recommends 0666 or 0777 permissions for these files, which allows local users to gain privileges by reading the files, and allows remote attackers to obtain credentials via a direct request for admin/options.php.
5 CVE-2007-2138 264 +Priv 2007-04-24 2018-10-19
6.0
User Remote Medium Single system Partial Partial Partial
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings."
6 CVE-2007-2108 264 +Priv 2007-04-18 2018-10-16
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote attackers to have an unknown impact, aka DB01. NOTE: as of 20070424, Oracle has not disputed reliable claims that this issue occurs because the NTLM SSPI AcceptSecurityContext function grants privileges based on the username provided even though all users are authenticated as Guest, which allows remote attackers to gain privileges.
7 CVE-2007-2075 +Priv 2007-04-17 2017-07-28
6.9
Admin Local Medium Not required Complete Complete Complete
ScramDisk 4 Linux before 1.0-1 does not perform permission checks on mount points, which allows local users to gain privileges by using a system directory as a mount point for a container.
8 CVE-2007-2074 +Priv 2007-04-17 2017-07-28
4.6
None Local Low Not required Partial Partial Partial
Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execute with SUID permissions, which allows local users to gain privileges via mounted containers.
9 CVE-2007-2034 +Priv 2007-04-16 2017-07-28
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190.
10 CVE-2007-1973 +Priv 2007-04-11 2018-10-16
6.9
Admin Local Medium Not required Complete Complete Complete
Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.
11 CVE-2007-1881 +Priv 2007-04-05 2008-09-05
6.8
Admin Local Low Single system Complete Complete Complete
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
12 CVE-2007-1741 362 Exec Code +Priv 2007-04-13 2017-07-28
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
13 CVE-2007-1279 +Priv 2007-04-11 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in the installer for Adobe Bridge 1.0.3 update for Apple OS X, when patching with desktop management tools, allows local users to gain privileges via unspecified vectors during installation of the update by a different user who has administrative privileges.
14 CVE-2007-1271 DoS Overflow +Priv 2007-04-05 2018-10-30
6.6
Admin Local Medium Single system Complete Complete Complete
Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors.
15 CVE-2007-1215 Overflow +Priv 2007-04-04 2018-10-16
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.
16 CVE-2007-1213 +Priv 2007-04-04 2018-10-16
7.2
Admin Local Low Not required Complete Complete Complete
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
17 CVE-2007-1212 Overflow +Priv 2007-04-04 2018-10-16
6.6
Admin Local Medium Single system Complete Complete Complete
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file.
18 CVE-2007-1209 399 +Priv 2007-04-10 2018-10-16
7.2
Admin Local Low Not required Complete Complete Complete
Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a "dangling pointer" to a process data structure.
19 CVE-2007-1206 264 +Priv 2007-04-10 2018-10-16
7.2
Admin Local Low Not required Complete Complete Complete
The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions (PAGE_READWRITE) for a physical memory view, which allows local users to gain privileges by modifying the "zero page" during a race condition before the view is unmapped.
20 CVE-2007-0747 +Priv 2007-04-24 2013-07-03
7.2
Admin Local Low Not required Complete Complete Complete
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables.
21 CVE-2007-0744 +Priv 2007-04-24 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.
22 CVE-2007-0737 +Priv 2007-04-24 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors.
23 CVE-2007-0732 +Priv 2007-04-24 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port."
24 CVE-2007-0729 264 +Priv 2007-04-24 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment before executing commands, which allows local users to gain privileges by setting unspecified environment variables.
25 CVE-2006-7191 +Priv 2007-04-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program.
26 CVE-2006-5586 +Priv 2007-04-04 2018-10-17
7.2
Admin Local Low Not required Complete Complete Complete
The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."
Total number of vulnerabilities : 26   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.