Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | AC Zoom -- BlockHosts
| BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765. | | 6.8 | CVE-2007-4322 OTHER-REF OTHER-REF
| Adobe -- Flash
| ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0 allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then using timing discrepancies from the SecurityErrorEvent error to determine whether a host is open or not. | | 5.0 | CVE-2007-4324 BUGTRAQ
| Apache -- Tomcat
| Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests. | | 4.3 | CVE-2007-3386 BUGTRAQ OTHER-REF
| Article Dashboard -- Article Dashboard
| Multiple cross-site scripting (XSS) vulnerabilities in signup.php in Article Dashboard allow remote attackers to inject arbitrary web script or HTML via the (1) f_emailaddress, (2) f_reemailaddress, and other unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-4333 SECUNIA
| Aspindir -- Dersimiz Haber Ekleme Modulu
| Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information. | | 4.3 | CVE-2007-4297 OTHER-REF SECUNIA
| ATI Technologies -- Display Driver
| The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill". | | 6.9 | CVE-2007-4315 OTHER-REF OTHER-REF BID
| Cerb -- CerbNG
| Multiple race conditions in (1) certain rules and (2) argument copying during VM protection, in CerbNG for FreeBSD 4.8 allow local users to defeat system call interposition and possibly gain privileges or bypass auditing, as demonstrated by modifying command lines in log-exec.cb. | | 6.2 | CVE-2007-4303 OTHER-REF BID
| Cerb -- CerbNG
| CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages". | | 6.2 | CVE-2007-4304 OTHER-REF
| CTW Design -- FindNix
| PHP remote file inclusion vulnerability in index.php in FindNix allows remote attackers to include the contents of arbitrary URLs and conduct cross-site scripting (XSS) attacks via a URL in the page parameter. | | 4.3 | CVE-2007-4331 BUGTRAQ
| Dell -- Remote Access Card
| Unspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with firmware 1.50 Build 02.16 allows remote attackers to cause a denial of service (SSH daemon crash) via certain network traffic, as demonstrated by an "nmap -O" scan with nmap 4.03, possibly related to a Mocana (Mocanada) SSH vulnerability. | | 4.3 | CVE-2007-4360 BUGTRAQ BUGTRAQ BID
| DenyHosts -- DenyHosts
| DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301. | | 6.8 | CVE-2007-4323 OTHER-REF
| Diskeeper -- Diskeeper
| The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address. | | 5.8 | CVE-2007-4375 FULLDISC BID SECUNIA XF XF
| Drupal -- Content Construction Kit
| Multiple cross-site scripting (XSS) vulnerabilities in the nodereference module in Drupal Content Construction Kit (CCK) before 4.7.x-1.6, and 5.x before 5.x-1.6 ,allow remote attackers to inject arbitrary web script or HTML via nodereference fields, when using (1) the plain formatter or (2) the autocomplete text field widget without Views.module. | | 4.3 | CVE-2007-4363 OTHER-REF OTHER-REF OTHER-REF SECUNIA
| exV2 -- Content Management System
| Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a set_lang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965. | | 4.3 | CVE-2007-4365 BUGTRAQ OTHER-REF
| Fail2Ban -- Fail2Ban
| fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302. | | 6.8 | CVE-2007-4321 OTHER-REF GENTOO
| freshmeat -- sysstat
| The init script (sysstat.in) in sysstat creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code. | | 4.4 | CVE-2007-3852 OTHER-REF
| freshmeat -- Generic Software Wrappers Toolkit
| Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass auditing. | | 6.2 | CVE-2007-4302 OTHER-REF BID
| Hotscripts -- Neuron Blog
| Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/. | | 6.8 | CVE-2007-4371 BUGTRAQ XF
| IBM -- AIX
| Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods. | | 6.9 | CVE-2007-4353 OTHER-REF AIXAPAR AIXAPAR BID SECTRACK SECUNIA
| IBM -- Rational ClearQuest
| SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command. | | 6.8 | CVE-2007-4368 BUGTRAQ MILW0RM BID
| Lenovo -- Access Support Lenovo -- Automated Solutions
| The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), does not properly validate digital signatures of downloaded software, which makes it easier for remote attackers to spoof a download. | | 5.8 | CVE-2007-2240 OTHER-REF MS CERT-VN BID
| Lenovo -- Access Support Lenovo -- Automated Solutions
| Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via format string specifiers in unknown data. | | 5.8 | CVE-2007-2928 OTHER-REF MS CERT-VN BID
| Lenovo -- Access Support Lenovo -- Automated Solutions
| The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), exposes unsafe methods to arbitrary web domains, which allows remote attackers to download arbitrary code onto a client system and execute this code. | | 5.8 | CVE-2007-2929 OTHER-REF MS CERT-VN BID
| Linux -- Kernel
| The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 does not properly perform reseed operations, which has unknown impact and attack vectors. NOTE: some of these details are obtained from third party information. | | 6.8 | CVE-2007-4311 OTHER-REF FRSIRT
| Mapos Scripts -- Gaestebuch
| PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter. | | 6.8 | CVE-2007-4325 BUGTRAQ BID
| Mapos Scripts -- Bilder Uploader
| Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts. | | 6.8 | CVE-2007-4326 BUGTRAQ
| Mapos Scripts -- File Uploader
| Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php. | | 6.8 | CVE-2007-4327 BUGTRAQ BID
| Mapos Scripts -- Bilder Galerie
| Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) galerie.php, or (3) anzagien.php. | | 6.8 | CVE-2007-4328 BUGTRAQ BID
| Mapos Scripts -- Web News
| Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php. | | 6.8 | CVE-2007-4329 BUGTRAQ BID
| Mapos Scripts -- Shoutbox
| PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | | 6.8 | CVE-2007-4330 BUGTRAQ BID
| Microsoft -- Internet Explorer
| Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing. | | 6.8 | CVE-2007-0943 MS
| Microsoft -- windows
| Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported. | | 6.8 | CVE-2007-3032 BID SECTRACK SECUNIA
| Microsoft -- windows
| Unspecified vulnerability in Windows Vista Feed Headlines Gadgets in Windows Vista allows remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes. | | 6.8 | CVE-2007-3033 MS BID SECTRACK SECUNIA
| Microsoft -- windows
| Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes. | | 6.8 | CVE-2007-3891 MS BID SECTRACK SECUNIA
| Microsoft -- DirectX Media
| Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value. | | 4.3 | CVE-2007-4336 MILW0RM CERT-VN FRSIRT SECUNIA
| Motive Incorporated -- Self Service Manager Motive Incorporated -- Service Activation Manager
| Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors. | | 6.8 | CVE-2007-0319 OTHER-REF MS CERT-VN BID
| Mozilla -- Firefox
| Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified. | | 5.0 | CVE-2007-4357 BUGTRAQ BUGTRAQ BUGTRAQ BUGTRAQ BUGTRAQ OTHER-REF OTHER-REF
| NetWin -- SurgeMail
| Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372. | | 6.0 | CVE-2007-4377 FULLDISC MILW0RM BID FRSIRT SECUNIA XF
| Php Blue Dragon -- Php Blue Dragon CMS
| PHP remote file inclusion vulnerability in public_includes/pub_blocks/activecontent.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, a different vector than CVE-2006-2392, CVE-2006-3076, and CVE-2006-6958. | | 6.8 | CVE-2007-4313 MILW0RM BID
| PHP-Stats -- PHP-Stats
| Cross-site scripting (XSS) vulnerability in whois.php in Php-stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the IP parameter. | | 4.3 | CVE-2007-4334 BUGTRAQ BID SECUNIA
| phpMyAdmin -- phpMyAdmin
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7. | | 4.3 | CVE-2007-4306 OTHER-REF
| Pixlie -- Pixlie
| pixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the root parameter. NOTE: this can be leveraged for traffic amplification or other denial of service. | | 6.8 | CVE-2007-4314 MILW0RM
| ProZIlla -- Webring
| SQL injection vulnerability in category.php in Prozilla Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter. | | 6.8 | CVE-2007-4362 MILW0RM BID SECUNIA
| Qbik -- WinGate
| Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging. | | 5.0 | CVE-2007-4335 BUGTRAQ OTHER-REF OTHER-REF BID SECUNIA XF
| RndLabs -- Babo Violent
| The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes. | | 6.8 | CVE-2007-4373 BUGTRAQ OTHER-REF
| RndLabs -- Babo Violent
| Babo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, which allows remote authenticated users to spoof messages. | | 4.0 | CVE-2007-4374 BUGTRAQ OTHER-REF
| RndLabs -- Babo Violent
| Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login. | | 6.8 | CVE-2007-4378 BUGTRAQ OTHER-REF BID SECUNIA
| RndLabs -- Babo Violent
| Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size. | | 4.3 | CVE-2007-4379 BUGTRAQ OTHER-REF BID SECUNIA
| Rsync -- Rsync
| Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function. | | 6.8 | CVE-2007-4091 OTHER-REF OTHER-REF BID
| SkilMatch Staffing Systems -- JobLister3
| Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action. | | 6.8 | CVE-2007-4359 BUGTRAQ BID
| SOTE -- SOTEeSKLEP
| Directory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | | 5.0 | CVE-2007-4369 BUGTRAQ BUGTRAQ MILW0RM BID XF
| Storesprite -- Storesprite
| Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/. | | 4.3 | CVE-2007-4307 OTHER-REF
| Streamripper -- Streamripper
| Buffer overflow in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allows remote attackers to execute arbitrary code via long HTTP headers, a different vulnerability than CVE-2006-3124. | | 4.3 | CVE-2007-4337 OTHER-REF OTHER-REF BID SECUNIA
| Sun -- Solaris
| The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503. | | 4.3 | CVE-2007-4310 BUGTRAQ BUGTRAQ
| Symantec -- Altiris Deployment Solution 6
| Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer. | | 6.6 | CVE-2007-4380 OTHER-REF BID FRSIRT SECTRACK SECUNIA
| Szymon Kosok -- Best Top List
| Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/. | | 6.8 | CVE-2007-4376 BUGTRAQ BID XF
| Todd Miller -- Sudo Sysjail -- Sysjail Systrace -- Systrace
| Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing. | | 6.2 | CVE-2007-4305 OTHER-REF BID
| WebCart -- WebCart
| Multiple cross-site scripting (XSS) vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-4301 OTHER-REF OTHER-REF BID SECUNIA
| Wengo -- WengoPhone
| WengoPhone 2.1 allows remote attackers to cause a denial of service (device crash) via a SIP INVITE message without a Content-Type header. | | 5.0 | CVE-2007-4366 BUGTRAQ MILW0RM BID XF
| Zoidcom -- Zoidcom
| Zoidcom 0.6.7 and earlier allows remote attackers to cause a denial of service (application crash) via a JOIN packet (aka connection packet) containing 0x69 in the ninth byte, which triggers a "double-delete" of trace data, a different vulnerability than CVE-2005-1643. | | 4.3 | CVE-2007-4358 BUGTRAQ OTHER-REF BID
| ZyXEL -- Zywall 2 ZyXEL -- ZyNOS
| The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions. | | 4.3 | CVE-2007-4316 BUGTRAQ OTHER-REF XF
| ZyXEL -- Zywall 2 ZyXEL -- ZyNOS
| Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters. | | 4.3 | CVE-2007-4317 BUGTRAQ OTHER-REF BID XF
| ZyXEL -- Zywall 2 ZyXEL -- ZyNOS
| Cross-site scripting (XSS) vulnerability in Forms/General_1 in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to inject arbitrary web script or HTML via the sysSystemName parameter. | | 4.3 | CVE-2007-4318 BUGTRAQ OTHER-REF BID XF
| ZyXEL -- Zywall 2 ZyXEL -- ZyNOS
| The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service (infinite reboot loop) via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF; if so, then it should not be included in CVE. | | 4.0 | CVE-2007-4319 BUGTRAQ OTHER-REF BID
|