CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
13901 CVE-2007-4437 Exec Code Sql 2007-08-20 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execute arbitrary SQL commands via the match parameter. NOTE: some details are obtained from third party information.
13902 CVE-2007-4431 Bypass 2007-08-20 2008-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Cross-domain vulnerability in Apple Safari for Windows 3.0.3 and earlier allows remote attackers to bypass the Same Origin Policy, with access from local zones to external domains, via a certain body.innerHTML property value, aka "classic JavaScript frame hijacking."
13903 CVE-2007-4428 Exec Code 2007-08-20 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Lhaz 1.33 allows remote attackers to execute arbitrary code via unknown vectors, as actively exploited in August 2007 by the Exploit-LHAZ.a gzip file, a different issue than CVE-2006-4116.
13904 CVE-2007-4425 DoS Exec Code Overflow 2007-08-20 2018-10-15
6.0
None Remote Medium Single system Partial Partial Partial
Multiple buffer overflows in Live for Speed (LFS) demo, S1, and S2 allow remote authenticated users to (1) cause a denial of service (server crash) and probably execute arbitrary code via an ID 3 packet with a long nickname field, and (2) cause a denial of service (server crash) via an ID 10 packet containing a long string corresponding to an unavailable track.
13905 CVE-2007-4417 2007-08-18 2017-07-28
6.0
None Remote Medium Single system Partial Partial Partial
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.
13906 CVE-2007-4415 +Priv 2007-08-18 2018-10-15
6.8
Admin Local Low Single system Complete Complete Complete
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
13907 CVE-2007-4414 +Priv 2007-08-18 2017-07-28
6.8
Admin Local Low Single system Complete Complete Complete
Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box.
13908 CVE-2007-4410 2007-08-18 2018-10-15
6.0
User Remote Medium Single system Partial Partial Partial
ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops.
13909 CVE-2007-4407 2007-08-18 2018-10-15
6.4
None Remote Low Not required None Partial Partial
ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel (zannel), which allows remote attackers to (1) set or remove certain channel modes via a "netriding" attack or (2) take over a channel by joining an unlinked server with the A/Upass and then setting a new Apass.
13910 CVE-2007-4403 264 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
13911 CVE-2007-4402 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
13912 CVE-2007-4401 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple CRLF injection vulnerabilities in the Advanced mIRC Integration Plugin and possibly other unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
13913 CVE-2007-4400 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
CRLF injection vulnerability in the included media script in Konversation allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
13914 CVE-2007-4399 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
CRLF injection vulnerability in the xmms.bx 1.0 script for BitchX allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
13915 CVE-2007-4398 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for WeeChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
13916 CVE-2007-4397 Exec Code 2007-08-18 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
13917 CVE-2007-4386 Exec Code Sql 2007-08-17 2017-09-28
6.0
None Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in search.php in GetMyOwnArcade allows remote attackers to execute arbitrary SQL commands via the query parameter.
13918 CVE-2007-4385 Bypass 2007-08-17 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
OWASP Stinger before 2.5 allows remote attackers to bypass input validation routines by using multipart encoded requests instead of form-urlencoded requests. NOTE: this might be used to expose vulnerabilities in applications that would otherwise be protected by the validation routines.
13919 CVE-2007-4384 Exec Code File Inclusion 2007-08-17 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the (1) NomVote and (2) FilePalHex parameters.
13920 CVE-2007-4383 Exec Code File Inclusion 2007-08-17 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in tracking.php in Trackeur 1 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: CVE and a third party dispute this vulnerability because header is defined before use. The researcher is known to be unreliable.
13921 CVE-2007-4378 Exec Code 2007-08-16 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login.
13922 CVE-2007-4377 Exec Code Overflow 2007-08-16 2017-10-18
6.0
User Remote Medium Single system Partial Partial Partial
Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372.
13923 CVE-2007-4376 2007-08-16 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/.
13924 CVE-2007-4373 Bypass 2007-08-16 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes.
13925 CVE-2007-4371 2007-08-15 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/.
13926 CVE-2007-4362 Exec Code Sql 2007-08-15 2017-10-18
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
13927 CVE-2007-4359 Exec Code Sql 2007-08-15 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.
13928 CVE-2007-4353 Overflow +Priv 2007-08-14 2017-07-28
6.9
Admin Local Medium Not required Complete Complete Complete
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.
13929 CVE-2007-4330 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
13930 CVE-2007-4329 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
13931 CVE-2007-4328 94 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) galerie.php, or (3) anzagien.php. NOTE: A later report states that 1.1 is also affected, but that the filename for vector 3 is anzeigen.php.
13932 CVE-2007-4327 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php.
13933 CVE-2007-4326 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts.
13934 CVE-2007-4325 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter.
13935 CVE-2007-4323 DoS 2007-08-13 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
13936 CVE-2007-4322 DoS 2007-08-13 2012-10-30
6.8
None Remote Medium Not required Partial Partial Partial
BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
13937 CVE-2007-4321 DoS 2007-08-13 2012-10-30
6.8
None Remote Medium Not required Partial Partial Partial
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
13938 CVE-2007-4315 264 +Priv Bypass 2007-08-13 2012-10-18
6.9
Admin Local Medium Not required Complete Complete Complete
The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
13939 CVE-2007-4314 DoS 2007-08-13 2017-09-28
6.8
None Remote Medium Not required Partial Partial Partial
pixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the root parameter. NOTE: this can be leveraged for traffic amplification or other denial of service.
13940 CVE-2007-4313 Exec Code File Inclusion 2007-08-13 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in public_includes/pub_blocks/activecontent.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, a different vector than CVE-2006-2392, CVE-2006-3076, and CVE-2006-6958.
13941 CVE-2007-4311 310 2007-08-13 2011-05-25
6.8
None Remote Medium Not required Partial Partial Partial
The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof operator.
13942 CVE-2007-4305 Bypass 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.
13943 CVE-2007-4304 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".
13944 CVE-2007-4303 +Priv Bypass 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb.
13945 CVE-2007-4302 +Priv Bypass 2007-08-13 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing.
13946 CVE-2007-4295 Exec Code 2007-08-09 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
13947 CVE-2007-4294 Exec Code 2007-08-09 2017-09-28
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
13948 CVE-2007-4289 2007-08-09 2018-10-15
6.8
User Remote Medium Not required Partial Partial Partial
Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715.
13949 CVE-2007-4277 119 Overflow 2007-10-30 2008-09-05
6.6
None Local Low Not required None Complete Complete
The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403.
13950 CVE-2007-4276 119 Exec Code Overflow 2007-08-18 2017-07-28
6.9
None Local Medium Not required Complete Complete Complete
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.