Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1665 | 2 Debian, Ekg | 2 Debian Linux, Ekg | 2017-07-28 | 5.0 MEDIUM | N/A |
| Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service. | |||||
| CVE-2007-1666 | 1 Datarescue | 1 Ida Pro | 2017-07-28 | 10.0 HIGH | N/A |
| The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions. | |||||
| CVE-2007-1675 | 1 Ibm | 1 Lotus Domino | 2017-07-28 | 10.0 HIGH | N/A |
| Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username. | |||||
| CVE-2007-1677 | 2 Navision Software, Netbsd | 2 Navision Financials Server, Netbsd | 2017-07-28 | 6.6 MEDIUM | N/A |
| Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function. | |||||
| CVE-2007-1683 | 1 Incredimail | 1 Immenushellext Activex Control | 2017-07-28 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the DoWebMenuAction function in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll) allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-1684 | 1 Solidworks | 1 Sldimdownload Activex Control | 2017-07-28 | 9.3 HIGH | N/A |
| The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments. | |||||
| CVE-2007-1687 | 1 Internet Pictures Corporation | 1 Ipix Image Well | 2017-07-28 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the Internet Pictures Corporation iPIX Image Well ActiveX control (iPIX-ImageWell-ipix.dll) allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-1688 | 1 Callisto | 1 Photoparade Player | 2017-07-28 | 9.3 HIGH | N/A |
| Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Callisto PhotoParade Player allows remote attackers to execute arbitrary code via the FileVersionof property. | |||||
| CVE-2007-1690 | 1 Second Sight Software | 1 Activegs | 2017-07-28 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.ocx) allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-1691 | 1 Second Sight Software | 1 Activemod | 2017-07-28 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX control (ActiveMod.ocx) allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-1692 | 1 Microsoft | 2 Windows 2000, Windows 2003 Server | 2017-07-28 | 7.5 HIGH | N/A |
| The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet Explorer. NOTE: it could be argued that if an attacker already has control over WINS/DNS, then web traffic could already be intercepted by modifying WINS or DNS records, so this would not cross privilege boundaries and would not be a vulnerability. It has also been reported that DHCP is an alternate attack vector. | |||||
| CVE-2007-1713 | 1 B21soft | 1 Basp21 | 2017-07-28 | 6.4 MEDIUM | N/A |
| CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and earlier, allows remote attackers to inject arbitrary headers into e-mail messages via CRLF sequences in Subject lines. | |||||
| CVE-2007-1722 | 1 Signkorea | 1 Skcommax Activex Control | 2017-07-28 | 10.0 HIGH | N/A |
| Buffer overflow in the DownloadCertificateExt function in SignKorea SKCommAX ActiveX control module 7.2.0.2 and 3280 6.6.0.1 allows remote attackers to execute arbitrary code via a long pszUserID argument. | |||||
| CVE-2007-1727 | 4 Hp, Linux, Microsoft and 1 more | 7 Hp-ux, Openview Network Node Manager, Linux Kernel and 4 more | 2017-07-28 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. | |||||
| CVE-2007-1731 | 1 Hpaftpd | 1 Hpaftpd | 2017-07-28 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in High Performance Anonymous FTP Server (hpaftpd) 1.01 allow remote attackers to execute arbitrary code via long arguments to the (1) USER, (2) PASS, (3) CWD, (4) MKD, (5) RMD, (6) DELE, (7) RNFR, or (8) RNTO FTP command. | |||||
| CVE-2007-1739 | 1 Ibm | 1 Lotus Domino | 2017-07-28 | 7.8 HIGH | N/A |
| Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation. | |||||
| CVE-2007-1741 | 1 Apache | 1 Http Server | 2017-07-28 | 6.2 MEDIUM | N/A |
| Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." | |||||
| CVE-2007-1745 | 2 Clam Anti-virus, Ifenslave | 2 Clamav, Ifenslave | 2017-07-28 | 7.1 HIGH | N/A |
| The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-1763 | 1 Microsoft | 1 Windows Vista | 2017-07-28 | 7.1 HIGH | N/A |
| The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow. | |||||
| CVE-2007-1767 | 1 Aol | 1 Aol Client Software | 2017-07-28 | 7.8 HIGH | N/A |
| Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors. | |||||