| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
15401 |
CVE-2007-1528 |
|
|
|
2007-03-20 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent bridge relationships, into the network topology map by using a MAC address that differs from the MAC address provided in the Real Source field of the LLTD BASE header of a HELLO packet, aka the "Spoof on Bridge" attack. |
|
15402 |
CVE-2007-1527 |
|
|
|
2007-03-20 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the "Spoof and Management URL IP Redirect" attack. |
|
15403 |
CVE-2007-1524 |
|
|
Dir. Trav. |
2007-03-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the settings[skin] parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via themes/default/. |
|
15404 |
CVE-2007-1497 |
|
|
Bypass |
2007-03-16 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments. |
|
15405 |
CVE-2007-1491 |
|
|
|
2007-03-16 |
2008-09-05 |
5.2 |
User |
Local Network |
Low |
Single system |
Partial |
Partial |
Partial |
|
Apache Tomcat in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allows connections from external interfaces via port 8009, which exposes it to attacks from outside parties. |
|
15406 |
CVE-2007-1487 |
|
|
Dir. Trav. |
2007-03-16 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in index.php in Sascha Schroeder (aka CyberTeddy or Cyber-inside) WebLog allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a showarticles action. |
|
15407 |
CVE-2007-1478 |
20 |
|
|
2007-03-16 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
download.php in McGallery 0.5b allows remote attackers to read arbitrary files and obtain script source code via the filename parameter. |
|
15408 |
CVE-2007-1475 |
|
|
Exec Code Overflow |
2007-03-16 |
2018-10-19 |
5.4 |
User |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument. |
|
15409 |
CVE-2007-1460 |
264 |
|
|
2007-03-14 |
2011-05-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories. |
|
15410 |
CVE-2007-1452 |
|
|
Bypass |
2007-03-14 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST. |
|
15411 |
CVE-2007-1427 |
|
|
Dir. Trav. |
2007-03-12 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in download_pdf.php in AssetMan 2.4a and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the pdf_file parameter. |
|
15412 |
CVE-2007-1409 |
|
|
+Info |
2007-03-10 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message. |
|
15413 |
CVE-2007-1392 |
|
|
Dir. Trav. |
2007-03-10 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in down.php in netForo! 0.1g allows remote attackers to read arbitrary files via a .. (dot dot) in the file_to_download parameter. |
|
15414 |
CVE-2007-1380 |
|
|
+Info |
2007-03-09 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read. |
|
15415 |
CVE-2007-1379 |
|
|
Exec Code |
2007-03-09 |
2018-10-30 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code. |
|
15416 |
CVE-2007-1378 |
|
|
|
2007-03-09 |
2018-10-30 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments. |
|
15417 |
CVE-2007-1377 |
|
1
|
DoS |
2007-03-09 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. |
|
15418 |
CVE-2007-1375 |
|
|
Overflow |
2007-03-09 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991. |
|
15419 |
CVE-2007-1341 |
|
|
+Info |
2007-03-08 |
2008-11-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
include/auth/auth.php in Simple Invoices before 2007 03 05 does not use the login system to protect print preview pages for invoices, which might allow attackers to obtain sensitive information. |
|
15420 |
CVE-2007-1324 |
|
|
DoS |
2007-03-07 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SnapGear 560, 585, 580, 640, 710, and 720 appliances before the 3.1.4u5 firmware allow remote attackers to cause a denial of service (complete packet loss) via a packet flood, a different vulnerability than CVE-2006-4613. |
|
15421 |
CVE-2007-1293 |
|
|
Exec Code Sql |
2007-03-06 |
2018-10-16 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI (index.php), possibly related to ver_descarga.php. |
|
15422 |
CVE-2007-1291 |
|
|
XSS |
2007-03-06 |
2018-10-16 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Tyger Bug Tracking System (TygerBT) 1.1.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) Login.php and (2) Register.php. |
|
15423 |
CVE-2007-1285 |
119 |
|
DoS Overflow |
2007-03-06 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines. |
|
15424 |
CVE-2007-1270 |
189 |
|
DoS Exec Code +Info |
2007-04-05 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors. |
|
15425 |
CVE-2007-1269 |
|
|
|
2007-03-06 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
GNUMail 1.1.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents GNUMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|
15426 |
CVE-2007-1268 |
|
|
|
2007-03-06 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|
15427 |
CVE-2007-1267 |
|
|
|
2007-03-06 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Sylpheed 2.2.7 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Sylpheed from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|
15428 |
CVE-2007-1266 |
|
|
|
2007-03-06 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|
15429 |
CVE-2007-1264 |
|
|
|
2007-03-06 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. |
|
15430 |
CVE-2007-1263 |
|
|
|
2007-03-06 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection. |
|
15431 |
CVE-2007-1241 |
|
|
XSS |
2007-03-03 |
2017-07-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in setup.php in Audins Audiens 3.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
15432 |
CVE-2007-1237 |
200 |
|
+Info |
2007-03-03 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value for certain parameters, as demonstrated by parameters used in forum and search, which forces a SQL error. |
|
15433 |
CVE-2007-1232 |
|
|
Dir. Trav. |
2007-03-03 |
2018-10-16 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a SQLiteManager_currentTheme cookie. |
|
15434 |
CVE-2007-1230 |
|
|
XSS |
2007-03-02 |
2008-11-15 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/functions.php in WordPress before 2.1.2-alpha allow remote attackers to inject arbitrary web script or HTML via (1) the Referer HTTP header or (2) the URI, a different vulnerability than CVE-2007-1049. |
|
15435 |
CVE-2007-1224 |
|
|
Bypass |
2007-03-02 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Grok Developments NetProxy 4.03 allows remote attackers to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80). |
|
15436 |
CVE-2007-1223 |
|
|
DoS |
2007-03-02 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port". |
|
15437 |
CVE-2007-1192 |
|
|
|
2007-03-02 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an admin password hash via a direct request for data/gbconfiguration.dat. |
|
15438 |
CVE-2007-1187 |
|
|
+Info |
2007-03-02 |
2008-11-15 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches. |
|
15439 |
CVE-2007-1186 |
|
|
|
2007-03-02 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, which has unknown impact. |
|
15440 |
CVE-2007-1185 |
|
|
|
2007-03-02 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors. |
|
15441 |
CVE-2007-1184 |
16 |
|
|
2007-03-02 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false data. |
|
15442 |
CVE-2007-1181 |
|
|
|
2007-03-02 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the username through Edit Profile forms, which has unknown impact and attack vectors. |
|
15443 |
CVE-2007-1179 |
|
|
|
2007-03-02 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
WebAPP before 0.9.9.5 does not properly manage e-mail addresses in certain contexts related to (1) the Recommend feature, Email Article (2) senders and (3) recipients, (4) New User Approval, (5) Edit Profiles, (6) the Newsletter Subscription form, (7) the Recommend form, and (8) sending of articles, which has unknown impact, and remote attack vectors related to spam attacks and possibly other attacks. |
|
15444 |
CVE-2007-1177 |
|
|
XSS |
2007-03-02 |
2008-11-15 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string, (2) Profiles, (3) the Forum Post icon field, (4) the Edit Profile, and (5) the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting (XSS). |
|
15445 |
CVE-2007-1170 |
|
|
DoS |
2007-03-02 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SimBin GTR - FIA GT Racing Game 1.5.0.0 and earlier, GT Legends 1.1.0.0 and earlier, GTR 2 1.1 and earlier, and RACE - The WTCC Game 1.0 and earlier allow remote attackers to cause a denial of service (client disconnection) via an empty UDP packet to the server port. |
|
15446 |
CVE-2007-1169 |
|
|
|
2007-03-02 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network. |
|
15447 |
CVE-2007-1167 |
200 |
|
+Info |
2007-03-02 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter. |
|
15448 |
CVE-2007-1158 |
|
|
Dir. Trav. |
2007-03-02 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 through 6.3.0 beta 5 module for PostNuke allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. |
|
15449 |
CVE-2007-1152 |
22 |
|
Dir. Trav. |
2007-03-02 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) act or (2) pid parameter to the top-level URI (index.php), or the (3) action parameter to admin/index.php. NOTE: some of these details are obtained from third party information. |
|
15450 |
CVE-2007-1149 |
22 |
|
Dir. Trav. |
2007-03-02 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI. |
