CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 2007(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-1098 DoS 2007-02-26 2008-11-15
7.8
None Remote Low Not required None None Complete
Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have unknown impact and attack vectors, possibly related to denial of service caused by a search that begins with a .* sequence.
2 CVE-2007-1094 DoS 2007-02-26 2018-10-16
7.8
None Remote Low Not required None None Complete
Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document.
3 CVE-2007-1093 94 DoS Exec Code 2007-02-26 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior.
4 CVE-2007-1090 DoS 2007-02-26 2018-10-16
7.1
None Remote Medium Not required None None Complete
Microsoft Windows Explorer on Windows XP and 2003 allows remote user-assisted attackers to cause a denial of service (crash) via a malformed WMF file, which triggers the crash when the user browses the folder.
5 CVE-2007-1082 399 DoS 2007-02-22 2017-10-10
7.1
None Remote Medium Not required None None Complete
FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allows remote servers to cause a denial of service (CPU consumption) via a long response to a PWD command.
6 CVE-2007-1080 DoS Overflow 2007-02-22 2017-10-10
7.8
None Remote Low Not required None None Complete
Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via (1) long filename in a response to a LIST command, and (2) a long response to a CWD command.
7 CVE-2007-1079 DoS Overflow 2007-02-22 2017-10-10
7.8
None Remote Low Not required None None Complete
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command.
8 CVE-2007-1075 DoS 2007-02-22 2017-10-10
7.8
None Remote Low Not required None None Complete
TurboFTP 5.30 Build 572 allows remote servers to cause a denial of service (CPU consumption) via a response with a large number of newline characters.
9 CVE-2007-1072 264 DoS 2007-02-22 2019-05-23
7.2
Admin Local Low Not required Complete Complete Complete
The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.
10 CVE-2007-1071 DoS Exec Code Overflow 2007-02-22 2008-09-05
7.8
None Remote Low Not required None None Complete
Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503.
11 CVE-2007-1038 DoS 2007-02-21 2017-07-28
5.0
None Remote Low Not required None None Partial
Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a .nzb file with a subject field containing ';' (semicolon) characters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
12 CVE-2007-1030 DoS 2007-02-21 2018-10-16
7.8
None Remote Low Not required None None Complete
Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset.
13 CVE-2007-1014 DoS Exec Code Overflow 2007-02-21 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in VicFTPS before 5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long CWD command.
14 CVE-2007-1008 DoS Mem. Corr. 2007-02-19 2018-10-16
2.6
None Remote High Not required None None Partial
Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or man-in-the-middle attacks for exploitation.
15 CVE-2007-1007 DoS Exec Code 2007-02-20 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.
16 CVE-2007-1006 134 DoS Exec Code 2007-02-19 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.
17 CVE-2007-0988 119 DoS Overflow 2007-02-20 2019-10-09
4.3
None Remote Medium Not required None None Partial
The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.
18 CVE-2007-0967 DoS 2007-02-15 2017-07-28
7.8
None Remote Low Not required None None Complete
Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remote attackers to cause a denial of service (device reboot) via malformed SNMP requests.
19 CVE-2007-0966 DoS 2007-02-15 2017-07-28
7.8
None Remote Low Not required None None Complete
Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the HTTPS server is enabled, allows remote attackers to cause a denial of service (device reboot) via certain HTTPS traffic.
20 CVE-2007-0965 DoS 2007-02-15 2008-09-05
7.8
None Remote Low Not required None None Complete
Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request.
21 CVE-2007-0964 DoS 2007-02-15 2008-09-05
5.4
None Remote High Not required None None Complete
Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request.
22 CVE-2007-0963 DoS 2007-02-15 2008-09-05
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.3), when set to log at the "debug" level, allows remote attackers to cause a denial of service (device reboot) by sending packets that are not of a particular protocol such as TCP or UDP, which triggers the reboot during generation of Syslog message 710006.
23 CVE-2007-0962 DoS 2007-02-15 2018-10-30
7.8
None Remote Low Not required None None Complete
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic.
24 CVE-2007-0961 DoS 2007-02-15 2018-10-30
7.8
None Remote Low Not required None None Complete
Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the "inspect sip" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets.
25 CVE-2007-0959 DoS 2007-02-15 2018-10-30
7.8
None Remote Low Not required None None Complete
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-based protocols, allows remote attackers to cause a denial of service (device reboot) via malformed TCP packets.
26 CVE-2007-0955 DoS 2007-02-14 2019-10-02
7.8
None Remote Low Not required None None Complete
The NTLM_UnPack_Type3 function in MENTLM.dll in MailEnable Professional 2.35 and earlier allows remote attackers to cause a denial of service (application crash) via certain base64-encoded data following an AUTHENTICATE NTLM command to the imap port (143/tcp), which results in an out-of-bounds read.
27 CVE-2007-0931 DoS Exec Code Overflow 2007-02-14 2018-10-16
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings.
28 CVE-2007-0918 20 DoS 2007-02-13 2018-10-30
7.1
None Remote Medium Not required None None Complete
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
29 CVE-2007-0916 DoS 2007-02-13 2017-10-10
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
30 CVE-2007-0914 DoS 2007-02-13 2017-10-10
7.1
None Remote Medium Not required None None Complete
Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors.
31 CVE-2007-0911 DoS 2007-02-13 2018-10-16
7.8
None Remote Low Not required None None Complete
Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash).
32 CVE-2007-0907 DoS 2007-02-13 2018-10-30
5.0
None Remote Low Not required None None Partial
Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.
33 CVE-2007-0906 119 DoS Exec Code Overflow 2007-02-13 2018-10-30
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).
34 CVE-2007-0897 DoS 2007-02-16 2017-07-28
4.3
None Remote Medium Not required None None Partial
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
35 CVE-2007-0887 476 DoS 2007-02-12 2017-10-18
7.8
None Remote Low Not required None None Complete
axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).
36 CVE-2007-0886 119 DoS Exec Code Overflow 2007-02-12 2017-10-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow.
37 CVE-2007-0884 DoS Exec Code Overflow 2007-02-12 2017-07-28
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors.
38 CVE-2007-0878 DoS Overflow 2007-02-12 2018-10-30
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attackers to cause a denial of service (loss of browser and other device functionality) via a malformed WML page, related to an "overflow state." NOTE: it is possible that this issue is related to CVE-2007-0685.
39 CVE-2007-0877 DoS 2007-02-12 2008-11-15
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in March Networks DVR 3000 and 4000 Digital Video Recorders allows attackers to cause an unspecified denial of service. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
40 CVE-2007-0870 DoS 2007-02-11 2018-10-16
7.6
Admin Remote High Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027.
41 CVE-2007-0868 DoS 2007-02-09 2008-11-15
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Chat Room functionality in Yahoo! Messenger 8.1.0.239 and earlier allows remote attackers to cause a denial of service via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
42 CVE-2007-0842 399 DoS 2007-02-13 2018-10-16
5.0
None Remote Low Not required None None Partial
The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions. However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition.
43 CVE-2007-0838 DoS 2007-02-07 2017-07-28
5.0
None Remote Low Not required None None Partial
FreeProxy before 3.92 Build 1626 allows malicious users to cause a denial of service (infinite loop) via a HOST: header with a hostname and port number that refers to the server itself.
44 CVE-2007-0825 DoS Overflow 2007-02-07 2017-10-18
7.8
None Remote Low Not required None None Complete
FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow.
45 CVE-2007-0816 DoS 2007-02-07 2017-10-18
5.0
None Remote Low Not required None None Partial
The RPC Server service (catirpc.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 SP2 and earlier allows remote attackers to cause a denial of service (service crash) via a crafted TADDR2UADDR that triggers a null pointer dereference in catirpc.dll, possibly related to null credentials or verifier fields.
46 CVE-2007-0811 DoS 2007-02-07 2017-10-18
4.3
None Remote Medium Not required None None Partial
Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById.
47 CVE-2007-0796 DoS Exec Code 2007-02-06 2017-07-28
7.5
None Remote Low Not required Partial Partial Partial
Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption.
48 CVE-2007-0777 119 DoS Exec Code Overflow Mem. Corr. 2007-02-26 2019-10-09
9.3
Admin Remote Medium Not required Complete Complete Complete
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.
49 CVE-2007-0775 DoS Exec Code 2007-02-26 2018-10-16
3.7
User Local High Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.
50 CVE-2007-0772 399 DoS 2007-02-20 2017-07-28
7.8
None Remote Low Not required None None Complete
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
Total number of vulnerabilities : 86   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.