CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
6851 CVE-2007-2746 +Info 2007-05-17 2011-03-08
3.5
None Remote Medium ??? Partial None None
The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain Black WebGUI before 7.3.14 does not properly use data structures containing privilege information, which allows remote authenticated users to obtain sensitive information or possibly have other unspecified impact.
6852 CVE-2007-2703 2007-05-16 2018-10-30
3.6
None Remote High ??? Partial Partial None
BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access privileged resources.
6853 CVE-2007-2702 XSS 2007-05-16 2018-10-30
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the rich text editor.
6854 CVE-2007-2693 +Info 2007-05-16 2019-12-17
3.5
None Remote Medium ??? Partial None None
MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
6855 CVE-2007-2683 Exec Code Overflow 2007-05-15 2017-10-11
3.5
None Local High ??? Partial Partial Partial
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.
6856 CVE-2007-2450 79 XSS 2007-06-14 2019-03-25
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.
6857 CVE-2007-1947 Exec Code Bypass 2007-04-11 2018-10-16
3.5
None Remote Medium ??? None Partial None
Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878.
6858 CVE-2007-1828 XSS 2007-04-03 2011-03-08
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the QUERY_STRING corresponding to drop downs or (2) various forms.
6859 CVE-2007-1742 2007-04-13 2008-11-13
3.7
None Local High Not required Partial Partial Partial
suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
6860 CVE-2007-1732 79 XSS 2007-03-28 2016-11-22
3.5
None Remote Medium ??? None Partial None
** DISPUTED ** Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: another researcher disputes this issue, stating that this is legitimate functionality for administrators. However, it has been patched by at least one vendor.
6861 CVE-2007-1716 +Priv 2007-03-27 2017-10-11
3.4
None Local High ??? Partial Partial Partial
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
6862 CVE-2007-1537 DoS 2007-03-20 2018-10-16
3.6
None Local Low Not required None Partial Partial
\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.
6863 CVE-2007-1467 XSS 2007-03-16 2018-10-16
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.
6864 CVE-2007-1368 2007-03-09 2017-07-29
3.5
None Remote Medium ??? Partial None None
The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2-beta for Drupal allows remote authenticated users, with "access project issues" permission, to read the contents of a private node via a URL with a modified node identifier.
6865 CVE-2007-1352 Exec Code Overflow 2007-04-06 2018-10-16
3.8
None Local Network Medium ??? None Partial Partial
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
6866 CVE-2007-1150 264 2007-03-02 2018-10-16
3.6
None Remote High ??? None Partial Partial
Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote authenticated administrators to upload arbitrary files to /modules/content/pictures/tmp/.
6867 CVE-2007-0830 79 XSS 2007-02-07 2018-10-16
3.5
None Remote Medium ??? None Partial None
** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the (1) User Group Manager, (2) User Rank Manager, (3) User Title Manager, (4) BB Code Manager, (5) Attachment Manager, (6) Calendar Manager, and (7) Forums & Moderators functions. NOTE: the vendor disputes this issue, stating that modifying HTML is an intended privilege of an administrator. NOTE: it is possible that this issue overlaps CVE-2006-6040.
6868 CVE-2007-0775 DoS Exec Code 2007-02-26 2018-10-16
3.7
None Local High Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.
6869 CVE-2007-0523 20 DoS 2007-01-26 2018-10-16
3.3
None Local Network Low Not required None None Partial
The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push.
6870 CVE-2007-0522 20 DoS 2007-01-26 2018-10-16
3.3
None Local Network Low Not required None None Partial
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push.
6871 CVE-2007-0521 20 DoS 2007-01-26 2018-10-16
3.3
None Local Network Low Not required None None Partial
The Sony Ericsson K700i and W810i phones allow remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push.
6872 CVE-2007-0519 79 XSS 2007-01-26 2021-04-29
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in memcp.php in XMB U2U Instant Messenger allows remote authenticated users to inject arbitrary web script or HTML via the recipient field.
6873 CVE-2007-0474 2007-02-03 2011-03-08
3.3
None Local Medium Not required None Partial Partial
Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary processes, related to a "design issue with smb4k_kill."
6874 CVE-2007-0472 2007-02-03 2011-03-08
3.7
None Local High Not required Partial Partial Partial
Multiple race conditions in Smb4K before 0.8.0 allow local users to (1) modify arbitrary files via unspecified manipulations of Smb4K's lock file, which is not properly handled by the remove_lock_file function in core/smb4kfileio.cpp, and (2) add lines to the sudoers file via a symlink attack on temporary files, which isn't properly handled by the writeFile function in core/smb4kfileio.cpp.
6875 CVE-2007-0437 XSS 2007-08-20 2008-09-05
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the sample Cache' Server Page (CSP) scripts in InterSystems Cache' allow remote attackers to inject arbitrary web script or HTML via (1) the TO parameter to loop.csp, (2) the VALUE parameter to cookie.csp, and (3) the PAGE parameter to showsource.csp in csp/samples/; and allow remote authenticated users to inject arbitrary web script or HTML via (4) the ERROR parameter to csp/samples/xmlclasseserror.csp, and unspecified vectors in (5) object.csp and (6) lotteryhistory.csp in csp/samples/.
6876 CVE-2007-0282 2007-01-17 2017-07-29
3.2
None Local Low ??? Partial Partial None
Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02.
6877 CVE-2007-0275 79 XSS 2007-01-17 2018-10-16
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and Applications 11.5.10CU2; allows remote authenticated users to inject arbitrary HTML or web script via the genuser parameter to rwcgi60, aka OWF01.
6878 CVE-2007-0235 119 DoS Exec Code Overflow 2007-01-16 2017-10-11
3.7
None Local High Not required Partial Partial Partial
Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
6879 CVE-2007-0124 DoS 2007-01-09 2018-10-16
3.5
None Remote Medium ??? None None Partial
Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
6880 CVE-2007-0007 2007-02-20 2017-07-29
3.6
None Local Low Not required None Partial Partial
gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files.
6881 CVE-2006-7246 295 2020-01-27 2020-01-31
3.2
None Local Network High Not required Partial Partial None
NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.
6882 CVE-2006-7232 89 DoS Sql 2006-12-31 2018-10-17
3.5
None Remote Medium ??? None None Partial
sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
6883 CVE-2006-7043 XSS 2007-02-24 2017-07-29
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blogger allow remote authenticated users to inject arbitrary web script or HTML via script tags in (1) posts and (2) profile names; and (3) a javascript URI in a URL argument in the photo gallery.
6884 CVE-2006-6822 2006-12-29 2017-10-19
3.5
None Remote Medium ??? None Partial None
myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
6885 CVE-2006-6821 2006-12-29 2017-10-19
3.5
None Remote Medium ??? None Partial None
myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
6886 CVE-2006-6820 2006-12-29 2017-10-19
3.5
None Remote Medium ??? None Partial None
myprofile.asp in Enthrallweb eCoupons does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
6887 CVE-2006-6775 DoS 2006-12-27 2017-10-19
3.5
None Remote Medium ??? None None Partial
acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command.
6888 CVE-2006-6548 XSS 2006-12-14 2018-10-17
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to (1) scripts2/changeemail, (2) scripts2/limitbw, or (3) scripts/rearrangeacct. NOTE: the feature parameter to scripts2/dofeaturemanager is already covered by CVE-2006-6198.
6889 CVE-2006-6514 2006-12-14 2018-10-17
3.5
None Remote Medium ??? Partial None None
Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name of the root directory is a substring of the name of the target directory, as demonstrated by accessing C:\folder2 when the root directory is C:\folder.
6890 CVE-2006-6513 2006-12-14 2018-10-17
3.5
None Remote Medium ??? Partial None None
The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous behavior of the IsWinampFile function.
6891 CVE-2006-6512 Dir. Trav. 2006-12-14 2018-10-17
3.5
None Remote Medium ??? Partial None None
Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to list arbitrary directories via URL encoded backslashes ("%2F") in the path parameter.
6892 CVE-2006-5883 XSS 2006-11-14 2018-10-17
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html.
6893 CVE-2006-5453 XSS 2006-10-23 2018-10-17
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in global/header.html.tmpl, (2) description fields of certain items in various edit cgi scripts, and (3) the id parameter in showdependencygraph.cgi.
6894 CVE-2006-5406 2006-10-19 2017-07-20
3.6
None Local Low Not required Partial Partial None
Passgo Defender 5.2 creates the application directory with insecure permissions (Everyone/Full Control), which allows local users to read and modify sensitive files. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
6895 CVE-2006-5213 2006-10-10 2017-07-20
3.6
None Local Low Not required Partial Partial None
Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation (network device aggregation).
6896 CVE-2006-5163 2006-10-05 2018-10-17
3.6
None Local Low Not required None Partial Partial
IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack.
6897 CVE-2006-5158 DoS 2006-10-05 2017-10-11
3.3
None Local Network Low Not required None None Partial
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.
6898 CVE-2006-4991 2006-09-26 2018-10-17
3.6
None Local Low Not required Partial Partial None
RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows privileged local users to hide malicious Certificate Authority (CA) activities by modifying CA auditor logs without detection by (1) modifying or deleting a <LOG BLOCK> and its signature from the XML log in a way that is not detected by the integrity check function that operates on the entire pool, or (2) modifying entries in the live log file, which is only signed during rotation.
6899 CVE-2006-4886 Bypass 2006-09-19 2018-10-17
3.7
None Local High Not required Partial Partial Partial
The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition.
6900 CVE-2006-4842 20 2006-10-12 2018-10-17
3.6
None Local Low Not required None Partial Partial
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.