Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3351 | 3 Dell, Microsoft, Sj Labs | 3 Axim X3, Windows Mobile, Sjphone | 2017-07-28 | 7.8 HIGH | N/A |
| The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim X3 running Windows Mobile 2003, allows remote attackers to cause a denial of service (device hang and traffic amplification) via a direct crafted INVITE transaction, which causes the phone to transmit many RTP packets. | |||||
| CVE-2007-3352 | 1 Stephen Ostermiller | 1 Contact Form | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the preview form in Stephen Ostermiller Contact Form before 2.00.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that contain an apostrophe. | |||||
| CVE-2007-3361 | 1 Nortel | 1 Pc Client Soft Phone Sip | 2017-07-28 | 7.8 HIGH | N/A |
| The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to cause a denial of service (device crash) via a SIP message with a malformed header. | |||||
| CVE-2007-3362 | 3 Ageet, Htc, Microsoft | 3 Agephone, Hytn, Windows Mobile | 2017-07-28 | 7.8 HIGH | N/A |
| ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows remote attackers to (1) cause a denial of service (call disruption and device hang) via a SIP message with a malformed header and (2) cause a denial of service (call disruption, false ring indication, and device outage) via a SIP message with a malformed SDP delimiter. | |||||
| CVE-2007-3363 | 1 Ageet | 1 Agephone | 2017-07-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 allow remote attackers to have an unknown impact via malformed SIP packets. | |||||
| CVE-2007-3366 | 1 Cpanel | 1 Cpanel | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-3367 | 1 Cpanel | 1 Cpanel | 2017-07-28 | 7.8 HIGH | N/A |
| Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-3373 | 1 Redhat | 1 Cluster Suite | 2017-07-28 | 5.0 MEDIUM | N/A |
| daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests. | |||||
| CVE-2007-3375 | 1 Lhaca | 1 File Archiver | 2017-07-28 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper. | |||||
| CVE-2007-3376 | 2 Apple, Microsoft | 2 Safari, Windows Xp | 2017-07-28 | 9.3 HIGH | N/A |
| Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark. | |||||
| CVE-2007-3405 | 1 Lebisoft | 1 Lebisoft Zdefter | 2017-07-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in defter_yaz.asp in Lebisoft zdefter 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ad and (2) konu parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-3411 | 1 Clicktech | 1 Clickgallery | 2017-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | |||||
| CVE-2007-3412 | 1 Clicktech | 1 Clickgallery | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter. | |||||
| CVE-2007-3413 | 1 Bitego | 1 Bosdatagrid | 2017-07-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in bosDataGrid 2.50 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) GridSearch, (2) gsearch, or (3) ParentID parameter to an unspecified component. | |||||
| CVE-2007-3414 | 1 Access2asp | 1 Access2asp | 2017-07-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in access2asp 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) od and (2) search parameters to (a) suppliersList.asp and (b) contactsList.asp. | |||||
| CVE-2007-3415 | 1 Phpraider | 1 Phpraider | 2017-07-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in phpRaider 1.0.0 rc8 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) type parameter. | |||||
| CVE-2007-3416 | 2 Web-app.org, Web App.net | 2 Webapp, Webapp | 2017-07-28 | 5.0 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the administration of (1) polls, (2) profiles, (3) IP bans, and (4) forums in (a) web-app.org WebAPP 0.8 through 0.9.9.6; and (b) web-app.net WebAPP 0.9.9.3.3, 0.9.9.3.4, and 2007; allow remote attackers to perform deletions as administrators. | |||||
| CVE-2007-3436 | 1 Microsoft | 2 Msn Messenger, Windows Xp | 2017-07-28 | 5.0 MEDIUM | N/A |
| Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation. | |||||
| CVE-2007-3437 | 2 Aol, Microsoft | 2 Instant Messenger, Windows Xp | 2017-07-28 | 7.8 HIGH | N/A |
| AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350. | |||||
| CVE-2007-3441 | 1 Aastra Telecom | 1 9112i Sip Phone | 2017-07-28 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attackers to cause a denial of service (blocked call reception and slow calling) via format string specifiers in an SDP header value, a different vulnerability than CVE-2007-3349. | |||||