CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3801 CVE-2008-1330 264 2008-03-18 2017-08-07
3.5
None Remote Medium Single system Partial None None
Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5 before SP6 Update 3 allows remote authenticated users to access the non-shared stored e-mail messages of another user who has shared at least one folder with the attacker.
3802 CVE-2008-1142 264 2008-04-07 2009-02-26
3.7
User Local High Not required Partial Partial Partial
rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
3803 CVE-2008-1131 79 XSS 2008-03-03 2008-09-05
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote authenticated users to inject arbitrary web script or HTML via titles in content edit forms.
3804 CVE-2008-0971 79 XSS 2008-12-19 2018-10-15
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or HTML via (1) the Policy Name field in Search Based Retention Policy in Message Archiver; unspecified parameters in the (2) IP Configuration, (3) Administration, (4) Journal Accounts, (5) Retention Policy, and (6) GroupWise Sync components in Message Archiver; (7) input to search operations in Web Filter; and (8) input used in error messages and (9) hidden INPUT elements in (a) Spam Firewall, (b) IM Firewall, and (c) Web Filter.
3805 CVE-2008-0945 134 DoS 2008-02-25 2018-10-15
3.5
None Remote Medium Single system None None Partial
Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.
3806 CVE-2008-0883 59 2008-03-05 2017-08-07
3.7
None Local High Not required Partial Partial Partial
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.
3807 CVE-2008-0822 22 Dir. Trav. 2008-02-19 2018-10-15
3.6
None Local Low Not required Partial Partial None
Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a .. (dot dot) in the page parameter.
3808 CVE-2008-0819 22 Dir. Trav. 2008-02-19 2018-10-15
3.6
None Local Low Not required Partial Partial None
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
3809 CVE-2008-0806 59 2008-02-18 2008-09-05
3.6
None Local Low Not required Partial Partial None
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
3810 CVE-2008-0666 59 2008-02-11 2008-09-05
3.6
None Local Low Not required None Partial Partial
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and (2) temporary files used by wml_backend/p3_eperl/eperl_sys.c.
3811 CVE-2008-0665 59 2008-02-11 2008-09-05
3.6
None Local Low Not required None Partial Partial
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file.
3812 CVE-2008-0001 Bypass 2008-01-15 2018-10-15
3.6
None Local Low Not required None Partial Partial
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
3813 CVE-2007-6705 264 2008-03-08 2008-11-15
3.3
None Local Medium Not required None Partial Partial
The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly hijack an arbitrary process.
3814 CVE-2007-6505 16 2007-12-20 2017-09-28
3.5
None Remote Medium Single system Partial None None
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.
3815 CVE-2007-6441 264 DoS 2007-12-19 2018-10-15
3.3
None Local Network Low Not required None None Partial
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."
3816 CVE-2007-6421 79 XSS 2008-01-08 2018-10-30
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL.
3817 CVE-2007-6303 +Priv 2007-12-10 2018-10-15
3.5
None Remote Medium Single system None Partial None
MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
3818 CVE-2007-6208 59 2007-12-03 2008-11-15
3.6
None Local Low Not required Partial Partial None
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file.
3819 CVE-2007-6190 200 +Info 2007-11-29 2008-11-15
3.5
None Remote Medium Single system Partial None None
The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an ExecuteItem element that specifies a Real-Time Transport Protocol (RTP) audio stream.
3820 CVE-2007-5981 DoS 2007-11-14 2017-07-28
3.3
None Local Network Low Not required None None Partial
Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cause a denial of service (unresponsive device) via unspecified keyscan requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
3821 CVE-2007-5977 79 XSS 2007-11-14 2017-07-28
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than CVE-2006-6942.
3822 CVE-2007-5949 79 XSS 2007-11-13 2017-07-28
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6.2 allows remote authenticated users to inject arbitrary web script or HTML via the Description parameter in a Maximo change action.
3823 CVE-2007-5936 264 +Info 2007-11-13 2018-10-15
3.6
None Local Low Not required Partial Partial None
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
3824 CVE-2007-5851 264 2007-12-19 2017-07-28
3.6
None Local Low Not required Partial Partial None
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.
3825 CVE-2007-5833 79 XSS 2007-11-05 2018-10-15
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post.
3826 CVE-2007-5731 22 Dir. Trav. 2007-10-30 2017-09-28
3.5
None Remote Medium Single system Partial None None
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
3827 CVE-2007-5621 79 XSS 2007-10-22 2017-07-28
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the Token module before 4.7.x-1.5, and 5.x before 5.x-1.9, for Drupal; as used by the ASIN Field, e-Commerce, Fullname field for CCK, Invite, Node Relativity, Pathauto, PayPal Node, and Ubercart modules; allow remote authenticated users with a post comments privilege to inject arbitrary web script or HTML via unspecified vectors related to (1) comments, (2) vocabulary names, (3) term names, and (4) usernames.
3828 CVE-2007-5461 22 Dir. Trav. 2007-10-15 2018-10-15
3.5
None Remote Medium Single system Partial None None
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
3829 CVE-2007-5442 264 2007-10-14 2018-10-15
3.5
None Remote Medium Single system None Partial None
CMS Made Simple 1.1.3.1 does not check the permissions assigned to users who attempt uploads, which allows remote authenticated users to upload unspecified files via unknown vectors.
3830 CVE-2007-5403 79 XSS 2008-01-09 2017-07-28
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Surname, (3) Telephone, and (4) Fax fields to writeenduserenduser.asp; the (5) Filter field to statsrequestypereport.asp; and the (6) sys_request_id parameter to requestattach.asp; and allow remote authenticated users to inject arbitrary web script or HTML via the (7) Asset, (8) Location, and (9) Problem fields to editrequestenduser.asp; the (10) Asset, (11) Asset Location, (12) Problem Desc, and (13) Solution Desc fields to editrequestuser.asp; and the (14) End User and (15) Description fields to usersearchrequests.asp. NOTE: vectors 5 and 6 do not require authentication to exploit.
3831 CVE-2007-5319 DoS 2007-10-09 2017-09-28
3.5
None Remote Medium Single system None None Partial
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.
3832 CVE-2007-5228 79 XSS 2007-10-05 2017-07-28
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in the subscription functionality in the Project issue tracking module before 4.7.x-1.5, 4.7.x-2.x before 4.7.x-2.5, and 5.x-1.x before 5.x-1.1 for Drupal allows remote authenticated users with project create or edit permissions to inject arbitrary web script or HTML via unspecified vectors involving a (1) individual or (2) overview form.
3833 CVE-2007-5207 59 2007-10-04 2017-07-28
3.3
None Local Medium Not required None Partial Partial
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.
3834 CVE-2007-5200 59 2007-10-14 2018-10-30
3.3
None Local Medium Not required None Partial Partial
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file.
3835 CVE-2007-4977 79 XSS 2007-09-19 2018-10-15
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter.
3836 CVE-2007-4927 20 DoS 2007-09-18 2018-10-15
3.5
None Remote Medium Single system None None Partial
axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote authenticated users to cause a denial of service (reboot) via many requests with unique buffer names in the buffername parameter in a start action.
3837 CVE-2007-4888 2007-09-13 2008-11-15
3.5
None Remote Medium Single system Partial None None
The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 associates the doc variable with the entire document content and metadata regardless of a user's view rights, which allows remote authenticated users to read arbitrary documents via a custom skin that prints the content attribute of the doc variable.
3838 CVE-2007-4826 DoS 2007-09-12 2017-07-28
3.5
None Remote Medium Single system None None Partial
bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled.
3839 CVE-2007-4741 79 XSS 2007-09-06 2008-09-05
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows remote authenticated administrators to inject arbitrary web script or HTML via the sort parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
3840 CVE-2007-4717 79 XSS 2007-09-05 2008-11-15
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.6 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) dir parameter in admin/adminusers.php, the (2) action parameter in admin/advancedUserSearch.php, and the (3) view parameter in admin/campusProblem.php.
3841 CVE-2007-4590 2007-08-28 2018-10-30
3.3
None Local Medium Not required None Partial Partial
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
3842 CVE-2007-4523 Sql XSS 2007-08-24 2018-10-15
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via one or more of the following vectors: the (1) id parameter to (a) pages/delete_page.php, (b) navigation/delete_menu.php, and (c) navigation/delete_item.php in admin/; the (2) menu_id, (3) name, (3) page_id, and (4) url parameters in (d) admin/navigation/do_new_item.php; the (5) new_menuname parameter in (e) admin/navigation/do_new_nav.php; and (6) area1, name, and url parameters to (f) admin/pages/do_new_page.php, probably involving the Title or textarea field as reachable through admin/pages/new_page.php. NOTE: the original disclosure does not precisely state which vectors are associated with SQL injection versus XSS.
3843 CVE-2007-4462 2007-08-21 2008-09-05
3.3
None Local Medium Not required None Partial Partial
lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file.
3844 CVE-2007-4427 2007-08-20 2008-11-15
3.5
None Remote Medium Single system None Partial None
Unspecified vulnerability in the login page redirection logic in the Cache' Server Page (CSP) implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection logic, aka MAK2116.
3845 CVE-2007-4413 2007-08-18 2018-10-15
3.5
None Remote Medium Single system None Partial None
Direct static code injection vulnerability in admincp/user_help.php in Headstart Solutions DeskPRO 3.0.2 allows remote authenticated users to inject arbitrary PHP code into an unspecified file via a new_entry value in the do parameter.
3846 CVE-2007-4412 XSS 2007-08-18 2018-10-15
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Headstart Solutions DeskPRO 3.0.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters to (1) techs.php, (2) ticket_category.php, (3) ticket_priority.php, (4) ticket_workflow.php, (5) ticket_escalate.php, (6) fields_ticket.php, (7) ticket_rules_web.php, (8) ticket_displayfields.php, (9) ticket_rules_mail.php, (10) fields_user.php, (11) fields_faq.php, and (12) user_help.php, in (a) admincp/ and (b) possibly a directory on the "User side."
3847 CVE-2007-4309 2007-08-13 2008-09-05
3.5
None Remote Medium Single system Partial None None
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.
3848 CVE-2007-4280 DoS 2007-08-09 2017-07-28
3.5
None Remote Medium Single system None None Partial
The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array population.
3849 CVE-2007-4204 +Info 2007-08-07 2017-07-28
3.5
None Remote Medium Single system Partial None None
Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information.
3850 CVE-2007-4129 59 2007-11-08 2017-09-28
3.3
None Local Medium Not required None Partial Partial
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.
Total number of vulnerabilities : 4066   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 (This Page)78 79 80 81 82
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.