CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2007(Gain Privilege) (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-6386 119 DoS Overflow +Priv 2007-12-14 2017-08-07
7.2
Admin Local Low Not required Complete Complete Complete
Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.
2 CVE-2007-6293 +Priv 2007-12-10 2008-11-15
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands."
3 CVE-2007-6211 264 +Priv 2007-12-03 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to override a non-setuid default during installation.
4 CVE-2007-6182 264 +Priv 2007-11-29 2017-07-28
7.2
None Local Low Not required Complete Complete Complete
The responder program in ISPsystem ISPmanager (aka ISPmgr) 4.2.15.1 allows local users to gain privileges via shell metacharacters in command line arguments.
5 CVE-2007-6174 264 +Priv 2007-11-29 2017-07-28
8.5
Admin Remote Medium Single system Complete Complete Complete
PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information.
6 CVE-2007-6081 264 +Priv 2007-11-21 2008-11-15
7.5
User Remote Low Not required Partial Partial Partial
AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
7 CVE-2007-5969 264 +Priv 2007-12-10 2018-10-15
7.1
None Remote High Single system Complete Complete Complete
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
8 CVE-2007-5956 22 +Priv Dir. Trav. 2007-11-14 2017-07-28
7.2
None Local Low Not required Complete Complete Complete
Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable.
9 CVE-2007-5838 16 +Priv 2007-11-06 2017-07-28
7.2
None Local Low Not required Complete Complete Complete
Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380.
10 CVE-2007-5667 20 +Priv Bypass 2007-11-13 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.
11 CVE-2007-5633 +Priv 2007-10-23 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the (1) IOCTL_RDMSR 0x9C402438 and (2) IOCTL_WRMSR 0x9C40243C IOCTLs to \Device\speedfan, as demonstrated by an IOCTL_WRMSR action on MSR_LSTAR.
12 CVE-2007-5619 +Priv 2007-10-21 2009-10-14
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in cleartext in server logs, which might allow local users to gain privileges.
13 CVE-2007-5618 +Priv 2007-10-21 2018-10-26
7.2
None Local Low Not required Complete Complete Complete
Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs.
14 CVE-2007-5539 +Priv 2007-10-17 2017-07-28
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686.
15 CVE-2007-5382 264 +Priv 2007-10-11 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.
16 CVE-2007-5350 264 +Priv 2007-12-11 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Microsoft Windows Vista allows local users to gain privileges via unspecified vectors involving "legacy reply paths."
17 CVE-2007-5254 264 +Priv 2007-10-06 2008-11-15
7.2
Admin Local Low Not required Complete Complete Complete
VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation directory, which allows local users to gain privileges by replacing application programs, as demonstrated by replacing vba32ldr.exe.
18 CVE-2007-5101 264 +Priv 2007-09-26 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
ChironFS before 1.0 RC7 sets user/group ownership to the mounter account instead of the creator account when files are created, which allows local users to gain privileges.
19 CVE-2007-5047 20 DoS +Priv 2007-09-23 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. NOTE: the NtCreateMutant and NtOpenEvent function hooks are already covered by CVE-2007-1793.
20 CVE-2007-4797 119 Overflow +Priv 2007-09-10 2008-11-15
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.
21 CVE-2007-4796 119 Overflow +Priv 2007-09-10 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
22 CVE-2007-4795 119 Overflow +Priv 2007-09-10 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.
23 CVE-2007-4794 119 Overflow +Priv 2007-09-10 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.
24 CVE-2007-4793 119 Overflow +Priv 2007-09-10 2008-11-15
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
25 CVE-2007-4792 119 Overflow +Priv 2007-09-10 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
26 CVE-2007-4791 119 Overflow +Priv 2007-09-10 2012-11-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.
27 CVE-2007-4752 20 +Priv 2007-09-11 2018-10-15
7.5
User Remote Low Not required Partial Partial Partial
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
28 CVE-2007-4686 189 DoS +Priv 2007-11-14 2018-10-15
7.2
None Local Low Not required Complete Complete Complete
Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request.
29 CVE-2007-4685 264 +Priv 2007-11-14 2017-07-28
7.2
None Local Low Not required Complete Complete Complete
The kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to gain privileges by executing setuid or setgid programs in which the stdio, stderr, or stdout file descriptors are "in an unexpected state."
30 CVE-2007-4649 264 +Priv 2007-08-31 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local users to gain privileges by replacing application files, as demonstrated by traysser.exe.
31 CVE-2007-4648 119 Overflow +Priv 2007-08-31 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak permissions (unrestricted write access) for the NvcOa device, which allows local users to gain privileges by (1) triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by (2) sending a crafted KEVENT structure through ioctl 0xBF672028 to overwrite arbitrary memory locations.
32 CVE-2007-4622 189 +Priv 2007-11-05 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig.
33 CVE-2007-4621 119 Overflow +Priv 2007-11-05 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
34 CVE-2007-4573 264 +Priv 2007-09-24 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
35 CVE-2007-4513 119 Overflow +Priv 2007-11-05 2017-09-28
7.2
Admin Local Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.
36 CVE-2007-4406 +Priv 2007-08-18 2018-10-15
7.5
None Remote Low Not required Partial Partial Partial
ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an older timestamp (TS), which allows remote attackers to gain control of a channel during a split.
37 CVE-2007-4395 +Priv 2007-08-17 2018-10-30
7.6
Admin Remote High Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role.
38 CVE-2007-4390 264 +Priv 2007-08-17 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
The Command Line Interface (CLI), aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command.
39 CVE-2007-4380 +Priv 2007-08-16 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer.
40 CVE-2007-4355 Overflow +Priv 2007-08-14 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
41 CVE-2007-4354 Overflow +Priv 2007-08-14 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
42 CVE-2007-4230 +Priv 2007-08-08 2018-10-15
7.5
User Remote Low Not required Partial Partial Partial
** DISPUTED ** BellaBiblio allows remote attackers to gain administrative privileges via a bellabiblio cookie with the value "administrator." NOTE: this issue is disputed by CVE and multiple third parties because the cookie value must be an MD5 hash.
43 CVE-2007-4223 +Priv 2007-11-08 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors.
44 CVE-2007-4217 119 Overflow +Priv 2007-11-05 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.
45 CVE-2007-4216 20 +Priv 2007-08-21 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations.
46 CVE-2007-3912 20 +Priv 2007-09-10 2017-07-28
7.2
Admin Local Low Not required Complete Complete Complete
checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.
47 CVE-2007-3880 134 +Priv 2007-11-13 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog.
48 CVE-2007-3787 +Priv CSRF 2007-07-15 2018-10-15
7.5
User Remote Low Not required Partial Partial Partial
The eSoft InstaGate EX2 UTM device does not require entry of the old password when changing the admin password, which might allow remote attackers to gain privileges by conducting a CSRF attack, making a password change from an unattended workstation, or other attacks.
49 CVE-2007-3777 +Priv 2007-07-15 2018-10-15
7.2
Admin Local Low Not required Complete Complete Complete
avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free Edition 7.5.446, provides an internal function that copies data to an arbitrary address, which allows local users to gain privileges via arbitrary address arguments to a function provided by the 0x5348E004 IOCTL for the generic DeviceIoControl handler.
50 CVE-2007-3751 Exec Code +Priv 2007-11-07 2018-10-26
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.
Total number of vulnerabilities : 124   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.