Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Adobe -- Connect Enterprise Server
| Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows remote attackers to read certain pages that are restricted to the administrator via unknown vectors. | | 5.0 | CVE-2007-4651 OTHER-REF
| Apache Software Foundation -- Apache HTTP Server
| Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection. | | 4.3 | CVE-2007-4465 BUGTRAQ SREASONRES OTHER-REF BID SREASON
| Apple -- Safari
| Buffer overflow in Apple Safari 3.0.3 522.15.5 allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method. | | 5.0 | CVE-2007-4812 BUGTRAQ
| Atomix Productions -- AtomixMP3
| Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 and CVE-2007-2487. | | 6.8 | CVE-2007-4803 MILW0RM BID
| auraCMS -- AuraCMS
| Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftp, (3) ftps, or (4) ssh2.sftp URL, in the pilih parameter, for which PHP remote file inclusion is blocked only for http URLs. | | 6.8 | CVE-2007-4886 MILW0RM OTHER-REF
| Autodesk -- Autodesk
| The cmdjob utility in Autodesk Backburner 3.0.2 allows remote attackers to execute arbitrary commands on render servers by queueing jobs that contain these commands. NOTE: this is only a vulnerability in environments in which the administrator has not followed documentation that outlines the security risks of operating Backburner on untrusted networks. | | 6.8 | CVE-2007-4749 BUGTRAQ OTHER-REF BID XF
| Avnex -- AV MP3 Player
| Avnex AV MP3 Player allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | | 4.3 | CVE-2007-4885 FULLDISC
| buffalotech -- AirStation WHR-G54S
| Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html. | | 4.3 | CVE-2007-4822 BUGTRAQ BUGTRAQ OTHER-REF BID XF
| Callisto -- PhotoParade Player
| Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Callisto PhotoParade Player allows remote attackers to execute arbitrary code via the FileVersionof property. | | 6.8 | CVE-2007-1688 CERT-VN BID
| Cisco -- Adaptive Security Appliance
| Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information. | | 4.3 | CVE-2007-4786 OTHER-REF OTHER-REF CERT-VN BID SECUNIA
| COR Entertainment -- Alien Arena 2007
| Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (client disconnect) by sending a client_connect command in a forged packet from the server to a client. NOTE: client IP addresses are available via product-specific queries. | | 5.0 | CVE-2007-4755 BUGTRAQ OTHER-REF BID XF
| Deutsche Post -- Stampit Web
| Stampit Web uses guessable id values for online stamp purchases, which allows remote attackers to cause a denial of service (stamp invalidation) via a SOAP request with an id value for a stamp that has not yet been printed. | | 5.0 | CVE-2007-3871 FULLDISC OTHER-REF OTHER-REF XF
| DirectAdmin -- DirectAdmin
| Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter. | | 4.3 | CVE-2007-4830 OTHER-REF
| Domino Blogsphere -- Domino Blogsphere
| Cross-site scripting (XSS) vulnerability in Domino Blogsphere 3.01 Beta 7 allows remote attackers to inject arbitrary web script or HTML via the name field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-4813 BID
| Ghisler -- Total Commander
| Directory traversal vulnerability in the FTP client in Total Commander before 7.02 allows remote FTP servers to create or overwrite arbitrary files via "..\" (dot dot backslash) sequences in a filename. NOTE: the "..\" are not displayed when the user lists files. NOTE: this can be leveraged for code execution by writing to a Startup folder. | | 6.8 | CVE-2007-4756 BUGTRAQ OTHER-REF OTHER-REF BID SECUNIA
| Google -- Picasa
| Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory. | | 5.0 | CVE-2007-4823 OTHER-REF
| Google -- Picasa
| Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory. | | 4.3 | CVE-2007-4824 OTHER-REF
| Google -- Picasa
| Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this information is based upon a vague pre-advisory. | | 5.0 | CVE-2007-4847 OTHER-REF
| Hitachi -- uCosminexus Application Server Standard Hitachi -- uCosminexus Application Server Enterprise Hitachi -- uCosminexus Service Platform
| Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors. | | 5.0 | CVE-2007-4759 OTHER-REF FRSIRT SECUNIA
| Hitachi -- uCosminexus Application Server Standard Hitachi -- uCosminexus Application Server Enterprise Hitachi -- uCosminexus Developer Standard Hitachi -- uCosminexus Service Platform
| The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503. | | 4.3 | CVE-2007-4760 OTHER-REF BID FRSIRT SECUNIA XF
| IBM -- AIX
| Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix". | | 6.6 | CVE-2007-4798 OTHER-REF OTHER-REF AIXAPAR BID FRSIRT SECUNIA
| IBM -- AIX
| The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations. | | 4.9 | CVE-2007-4799 OTHER-REF AIXAPAR BID FRSIRT SECUNIA
| IBM -- WebSphere Application Server
| Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789. | | 5.0 | CVE-2007-4833 OTHER-REF FRSIRT SECUNIA
| ISC -- BIND
| The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926. | | 4.3 | CVE-2007-2930 OTHER-REF OTHER-REF CERT-VN CIAC
| Joomla -- Joomla
| Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section. | | 4.3 | CVE-2007-4779 BUGTRAQ OTHER-REF BID XF
| Joomla -- Joomla
| Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to obtain sensitive information (the full path) via unspecified vectors, probably involving direct requests to certain PHP scripts in tmpl/ directories. | | 6.8 | CVE-2007-4780 BUGTRAQ OTHER-REF BID XF
| Joomla -- Joomla
| administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the "Upload Package File" functionality, which is accessible when com_installer is the value of the option parameter. | | 6.6 | CVE-2007-4781 MILW0RM BID XF
| Media Player Classic -- Media Player Classic
| Media Player Classic (MPC) allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | | 4.3 | CVE-2007-4884 FULLDISC
| MediaWiki -- MediaWiki
| Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-4828 MLIST SECUNIA
| MediaWiki -- MediaWiki
| Cross-site scripting (XSS) vulnerability in the BotQuery extension in MediaWiki 1.7.x and earlier before SVN 20070910 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a similar issue to CVE-2007-4828. | | 4.3 | CVE-2007-4883 MLIST
| Microsoft -- Windows Services for UNIX Microsoft -- windows-nt
| Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files." | | 4.4 | CVE-2007-3036 MS FRSIRT SECUNIA
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file. | | 4.3 | CVE-2007-4848 OTHER-REF
| Microsoft -- Visual Studio
| Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method. | | 5.8 | CVE-2007-4890 MILW0RM BID
| Microsoft -- Visual Studio
| A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell. | | 6.8 | CVE-2007-4891 MILW0RM BID
| Mozilla -- Firefox
| Mozilla Firefox 2.0.x can automatically install TLS client certificates withminimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains. | | 5.0 | CVE-2007-4879 OTHER-REF OTHER-REF
| Netjuke -- Netjuke
| Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via (1) the val parameter to alphabet.php in an alpha.albums action, or the PATH_INFO to (2) random.php or (3) admin/hidden.php. | | 4.3 | CVE-2007-4811 BUGTRAQ BID
| One Laptop Per Child -- OLPC Linux
| JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during (1) inode creation or (2) ACL setting, which might allow local users to access restricted files or directories after a remount of a filesystem, related to "legacy modes" and an inconsistency between dentry permissions and inode permissions. | | 4.4 | CVE-2007-4849 MLIST OTHER-REF OTHER-REF
| ourgame.com -- GlobalLink
| Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll. | | 6.8 | CVE-2007-4802 MILW0RM MILW0RM BID BID XF XF
| pawfaliki -- pawfaliki
| Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 allows remote attackers to list arbitrary files via a .. (dot dot) in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 5.0 | CVE-2007-4764 BID SECUNIA XF
| PHP -- PHP
| PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a "*[1]e" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. | | 5.0 | CVE-2007-4782 BUGTRAQ BUGTRAQ BUGTRAQ
| PHP -- PHP
| The iconv_substr function in PHP 5.2.4 and earlier allows context-dependent attackers to cause (1) a denial of service (application crash) via a long string in the charset parameter, probably also requiring a long string in the str parameter; or (2) a denial of service (temporary application hang) via a long string in the str parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. | | 5.0 | CVE-2007-4783 BUGTRAQ
| PHP -- PHP
| The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution. | | 5.0 | CVE-2007-4784 BUGTRAQ
| PHP -- PHP
| PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. | | 5.0 | CVE-2007-4840 BUGTRAQ
| PHP -- PHP
| The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability. | | 4.3 | CVE-2007-4887 BUGTRAQ BUGTRAQ
| PHP -- PHP PHP -- MySQL extension
| The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997. | | 6.8 | CVE-2007-4889 BUGTRAQ
| phpMyQuote -- phpMyQuote
| Cross-site scripting (XSS) vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action. | | 4.3 | CVE-2007-4836 BUGTRAQ
| Quagga -- Quagga Routing Software Suite
| bgpd in Quagga before 0.99.9 allows remote BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) COMMUNITY attribute. | | 4.3 | CVE-2007-4826 OTHER-REF BID SECUNIA
| Red Hat -- Enterprise Linux Desktop Red Hat -- Enterprise Linux
| The CIFS filesystem, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges. | | 6.9 | CVE-2007-3740 OTHER-REF REDHAT SECUNIA
| Samba -- Samba
| The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for UNIX (SFU) primary group attribute is not defined. | | 6.9 | CVE-2007-4138 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
| Sony -- Micro Vault Fingerprint Access Software
| Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory. | | 6.8 | CVE-2007-4785 BUGTRAQ BUGTRAQ BUGTRAQ BUGTRAQ OTHER-REF OTHER-REF OTHER-REF OTHER-REF OTHER-REF
| Sophos -- Anti-Virus
| Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file with a crafted filename and whose content matches a virus signature, which is not properly handled by the print function in SavMain.exe. | | 4.3 | CVE-2007-4512 BUGTRAQ OTHER-REF BID
| Sophos -- Scanning Engine Sophos -- Sophos Anti-Virus
| The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection. | | 5.0 | CVE-2007-4787 OTHER-REF BID
| TechExcel Inc. -- CustomerWise
| Multiple cross-site scripting (XSS) vulnerabilities in TechExcel CustomerWise (formerly TechExcel CRM) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-4882 OTHER-REF OTHER-REF BID
| Thomson -- ST 2030 SIP phone
| The Thomson ST 2030 SIP phone with software 1.52.1 allows remote attackers to cause a denial of service (device hang) via (1) an empty SIP message or (2) a SIP INVITE message with a malformed To header, different vectors than CVE-2007-4553. | | 5.0 | CVE-2007-4753 FULLDISC FULLDISC SECTRACK SECTRACK SECUNIA XF
| Txx CMS -- Txx CMS
| Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-4819 BUGTRAQ MILW0RM
| X-Diesel -- Unreal Commander
| Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | | 5.8 | CVE-2007-4843 BUGTRAQ OTHER-REF BID
| X-Diesel -- Unreal Commander
| X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly react to an FTP server's behavior after sending a "CWD /" command, which allows remote FTP servers to cause a denial of service (infinite loop) by (1) repeatedly sending a 550 error response, or (2) sending a 550 error response and then disconnecting. | | 4.3 | CVE-2007-4844 BUGTRAQ OTHER-REF BID
| X.Org -- xorg-server
| Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. | | 4.6 | CVE-2007-4730 MLIST OTHER-REF DEBIAN SECUNIA SECUNIA
| XWiki -- XWiki
| PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rights to execute arbitrary code by selecting a document whose author has programming rights, modifying this document to contain a script, and previewing without saving the document. | | 6.5 | CVE-2006-7223 OTHER-REF
|