CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
13001 CVE-2007-3572 Exec Code 2007-07-05 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi in the web interface on the Yoggie Pico and Pico Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the param parameter, as demonstrated by URL encoded "`" (backtick) characters (%60 sequences).
13002 CVE-2007-3515 Exec Code Sql 2007-07-03 2017-09-28
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in view_event.php in TotalCalendar 2.402 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
13003 CVE-2007-3512 Exec Code Overflow 2007-07-03 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows user-assisted remote attackers to execute arbitrary code via a large LHA "Extended Header Size" value in an LZH archive, a different issue than CVE-2007-3375.
13004 CVE-2007-3510 119 Exec Code Overflow 2007-10-29 2017-07-28
9.0
None Remote Low Single system Complete Complete Complete
Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name.
13005 CVE-2007-3507 Exec Code Overflow 2007-07-02 2018-10-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the local__vcentry_parse_value function in vorbiscomment.c in flac123 (aka flac-tools or flac) before 0.0.10 allows user-assisted remote attackers to execute arbitrary code via a large comment value_length.
13006 CVE-2007-3504 22 Exec Code Dir. Trav. 2007-06-29 2018-10-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file.
13007 CVE-2007-3500 264 +Priv 2007-06-29 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.
13008 CVE-2007-3489 CSRF 2007-06-29 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and swupass parameters, which adds an administrator account. NOTE: the CSRF attack has no timing window because there is no logout capability in the management interface.
13009 CVE-2007-3488 Exec Code Overflow 2007-06-29 2017-09-28
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.30; SNC-P1 and SNC-P5 before 1.29; SNC-CS10 and SNC-CS11 before 1.06; SNC-DF40N and SNC-DF70N before 1.18; SNC-RZ50N and SNC-CS50N before 2.22; SNC-DF85N, SNC-DF80N, and SNC-DF50N before 1.12; and SNC-RX570N/W, SNC-RX570N/B, SNC-RX550N/W, SNC-RX550N/B, SNC-RX530N/W, and SNC-RX530N/B 3.00 and 2.x before 2.31; allows remote attackers to execute arbitrary code via a long first argument to the PrmSetNetworkParam method.
13010 CVE-2007-3483 2007-06-28 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.
13011 CVE-2007-3465 2007-06-27 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
Check Point SofaWare [email protected], with firmware before Embedded NGX 7.0.45 GA, has a certain default password.
13012 CVE-2007-3456 189 Exec Code Overflow 2007-07-11 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of values that are assumed to be non-negative.
13013 CVE-2007-3455 264 Bypass 2007-06-26 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the password requirement and gain access to the Management Console via an empty hash and empty encrypted password string, related to "stored decrypted user logon information."
13014 CVE-2007-3454 119 Exec Code Overflow 2007-06-26 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library.
13015 CVE-2007-3435 Exec Code Overflow 2007-06-26 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument.
13016 CVE-2007-3410 119 Exec Code Overflow 2007-06-26 2017-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value.
13017 CVE-2007-3400 20 2007-06-26 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method.
13018 CVE-2007-3376 DoS Exec Code Overflow 2007-06-25 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark.
13019 CVE-2007-3363 2007-06-22 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 allow remote attackers to have an unknown impact via malformed SIP packets.
13020 CVE-2007-3360 Exec Code 2007-06-22 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands.
13021 CVE-2007-3357 +Info 2007-06-22 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
NetClassifieds Premium Edition does not use encryption for (1) stored passwords or (2) sensitive data, which might allow attackers to obtain information via certain vectors.
13022 CVE-2007-3341 2007-06-21 2008-11-15
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217.
13023 CVE-2007-3338 119 Exec Code Overflow 2007-06-22 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions.
13024 CVE-2007-3336 Exec Code 2007-06-22 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input.
13025 CVE-2007-3334 Exec Code Overflow 2007-06-21 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
13026 CVE-2007-3316 DoS Exec Code 2007-06-21 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.
13027 CVE-2007-3312 Dir. Trav. 2007-06-21 2017-10-10
9.0
Admin Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers.
13028 CVE-2007-3305 Exec Code Overflow 2007-06-20 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478.
13029 CVE-2007-3302 Exec Code 2007-07-25 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."
13030 CVE-2007-3300 Bypass 2007-06-20 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
13031 CVE-2007-3296 2007-06-20 2008-11-15
9.3
None Remote Medium Not required Complete Complete Complete
The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.
13032 CVE-2007-3290 +Info 2007-06-20 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
categoria.php in LiveCMS 3.4 and earlier allows remote attackers to obtain sensitive information via a ' (quote) character in the cid parameter, which reveals the path in a forced SQL error message.
13033 CVE-2007-3280 2007-06-19 2018-10-16
9.0
Admin Remote Low Single system Complete Complete Complete
The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.
13034 CVE-2007-3279 2007-06-19 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection.
13035 CVE-2007-3277 2007-06-19 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the localization before 1.2 module for WIKINDX allows attackers to access certain administrative capabilities via unknown vectors.
13036 CVE-2007-3270 Exec Code File Inclusion 2007-06-19 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
PHP remote file inclusion vulnerability in Includes/global.inc.php in phpMyInventory 2.8 allows remote attackers to execute arbitrary PHP code via a URL in the strIncludePrefix parameter.
13037 CVE-2007-3266 Dir. Trav. 2007-06-19 2018-10-16
9.0
None Remote Low Not required Complete Partial Partial
Directory traversal vulnerability in webif.cgi in ifnet WEBIF allows remote attackers to include and execute arbitrary local files a .. (dot dot) in the outconfig parameter.
13038 CVE-2007-3264 2007-06-19 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors.
13039 CVE-2007-3263 2007-06-19 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors, related to "incorrect authorization on a remote interface to the SDO repository."
13040 CVE-2007-3260 +Priv 2007-06-19 2017-07-28
9.0
Admin Remote Low Single system Complete Complete Complete
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
13041 CVE-2007-3232 2007-06-14 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000.
13042 CVE-2007-3216 119 Exec Code Overflow XSS 2007-06-14 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.
13043 CVE-2007-3210 Exec Code Overflow 2007-06-14 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens Object 2.0.0.6 extension for Vitalize! allows remote attackers to execute arbitrary code via a long string argument to the RemoveChr method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
13044 CVE-2007-3208 Exec Code 2007-06-14 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.
13045 CVE-2007-3193 Bypass 2007-06-12 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.
13046 CVE-2007-3192 2007-06-12 2018-10-16
9.4
None Remote Low Not required Complete Complete None
admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to read and modify configuration settings via a direct request.
13047 CVE-2007-3191 +Info 2007-06-12 2018-10-16
9.4
None Remote Low Not required Complete Complete None
Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function.
13048 CVE-2007-3186 264 Exec Code 2007-06-12 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
13049 CVE-2007-3181 Exec Code Overflow 2007-06-12 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll."
13050 CVE-2007-3180 119 Overflow 2007-06-12 2018-10-16
9.4
None Remote Low Not required Complete Complete None
Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.