Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Amber Script -- Amber Script
| Directory traversal vulnerability in scripts/include/show_content.php in Amber Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged for remote file inclusion in PHP 5 using a UNC share pathname, ftp, ftps, or ssh2.sftp URL. | | 5.8 | CVE-2007-6129 BUGTRAQ MILW0RM BID SECUNIA
| Apple -- Quicktime
| An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow. | | 6.8 | CVE-2007-4674 OTHER-REF OTHER-REF
| BASE -- Basic Analysis and Security Engine
| Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters. | | 4.3 | CVE-2007-6156 OTHER-REF OTHER-REF OSVDB SECUNIA
| Citrix -- NetScaler
| The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack. | | 4.0 | CVE-2007-6192 BUGTRAQ SECTRACK XF
| Citrix -- NetScaler
| The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP address in a cookie, which might allow remote attackers to obtain sensitive network configuration information if this address is not the same as the address being used by the web interface. | | 5.0 | CVE-2007-6193 BUGTRAQ
| DevMass -- DevMass Cart
| PHP remote file inclusion vulnerability in admin/kfm/initialise.php in DevMass Shopping Cart 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the kfm_base_path parameter. | | 5.8 | CVE-2007-6133 MILW0RM BID FRSIRT SECUNIA
| Digium -- Asterisk
| SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2) DNIS arguments. | | 6.5 | CVE-2007-6170 OTHER-REF
| Ethereal Group -- Ethereal Wireshark -- Wireshark
| The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | | 4.3 | CVE-2007-6120 OTHER-REF BID FRSIRT SECTRACK SECUNIA
| GNU -- GNUMP3D
| gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions. | | 5.0 | CVE-2007-6130 OTHER-REF OTHER-REF
| Hitachi -- JP1 File Transmission Server
| Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows remote attackers to bypass authentication and "view files" via unspecified vectors. | | 5.0 | CVE-2007-6145 OTHER-REF BID FRSIRT SECUNIA
| Hitachi -- JP1 File Transmission Server
| Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02 on Windows might allow remote attackers to cause a denial of service (service stop) via a "specific file" argument to an FTP command. | | 5.0 | CVE-2007-6146 OTHER-REF BID FRSIRT SECUNIA
| iaprcommence -- IAPR COMMENCE
| Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (a) php_root_path and sometimes the (b) privilege_root_path parameter to various PHP scripts under (1) admin/includes/, (2) admin/phase/, (3) includes/, (4) includes/page_includes/, (5) reviewer/includes/, (6) reviewer/phase/, and (7) user/phase/. | | 6.8 | CVE-2007-6147 MILW0RM BID SECUNIA
| IHU -- I Hear U
| I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp. | | 5.0 | CVE-2007-6103 OTHER-REF OTHER-REF SECUNIA
| IRC Services -- IRC Services
| The default_encrypt function in encrypt.c in IRC Services before 5.0.63, and 5.1.x before 5.1.7, allows remote attackers to cause a denial of service (daemon crash) via a long password. NOTE: some of these details are obtained from third party information. | | 5.0 | CVE-2007-6122 MLIST MLIST OTHER-REF BID SECUNIA
| Lhaplus -- Lhaplus
| Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048. | | 6.6 | CVE-2007-6175 OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| Liferay -- Liferay Enterprise Portal
| Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-2007-6055. NOTE: some of these details are obtained from third party information. | | 4.3 | CVE-2007-6173 BUGTRAQ BID FRSIRT SECUNIA
|
M2Scripts -- MySpace Scripts Poll Creator
| Multiplce cross-site scripting (XSS) vulnerabilities in index.php in M2Scripts MySpace Scripts Poll Creator allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) intro, and (3) question parameters, and (4) unspecified answer parameters, in a create_new action. NOTE: some of these details are obtained from third party information. | | 4.3 | CVE-2007-6136 BUGTRAQ BID SECUNIA
| Mozilla -- SeaMonkey Mozilla -- Firefox
| Mozilla Firefox before 2.0.0.10 and SeaMonkey 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent. | | 4.3 | CVE-2007-5960 OTHER-REF
| Mp3 -- Toolbox
| PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1.0 beta 5 allows remote attackers to execute arbitrary PHP code via a URL in the skin_file parameter. | | 6.8 | CVE-2007-6139 BUGTRAQ MILW0RM FRSIRT
| NoAh -- NoAh
| Multiple directory traversal vulnerabilities in PHP Content Architect (aka NoAh) 0.9 pre 1.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filepath parameter to (1) css_file.php, (2) js_file.php, or (3) xml_file.php in noah/modules/nosystem/templates/. | | 5.0 | CVE-2007-6187 MILW0RM
| OpenSSL Project -- FIPS Object Module
| The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness. | | 6.4 | CVE-2007-5502 OTHER-REF BID FRSIRT SECUNIA
| PHPSlideShow -- PHPSlideShow
| Cross-site scripting (XSS) vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific name, since the PHPSlideShow distribution does not contain that file. | | 4.3 | CVE-2007-6135 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
| pmapper -- p.mapper
| Multiple PHP remote file inclusion vulnerabilities in Armin Burger p.mapper 3.2.0 beta3 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PM_INCPHP] parameter to (1) incphp/globals.php or (2) plugins/export/mc_table.php. NOTE: it could be argued that this vulnerability is caused by a problem in PHP and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in p.mapper. | | 6.8 | CVE-2007-6191 OTHER-REF BID
| Project Alumni -- Project Alumni
| Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to (1) xml/index.php; or (2) the year parameter to view.page.inc.php, which is reachable through a view action to the top-level index.php. | | 4.3 | CVE-2007-6126 MILW0RM BID
| Red Hat -- Cygwin_dll
| Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier allows context-dependent attackers to execute arbitrary code via a filename with a certain length, as demonstrated by a remote authenticated user who uses the SCP protocol to send a file to the Cygwin machine, and thereby causes scp.exe on this machine to execute, and then overwrite heap memory with characters from the filename. NOTE: it is also reported that a related issue might exist in 1.5.7 through 1.5.19. | | 6.0 | CVE-2007-6181 BUGTRAQ MLIST MLIST MLIST
| redhat -- enterprise_linux
| Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP. | | 4.9 | CVE-2007-5494 OTHER-REF REDHAT
| Ruby_Gnome2 -- Ruby_Gnome2
| Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter. | | 6.8 | CVE-2007-6183 BUGTRAQ OTHER-REF
| Salims Softhouse -- JAF CMS
| Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) show parameter to index.php and the (2) print parameter to print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-6142 BID SECUNIA
| SimpleGallery -- SimpleGallery
| Cross-site scripting (XSS) vulnerability in index.php in SimpleGallery 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the album parameter. | | 4.3 | CVE-2007-6157 BUGTRAQ BID
| SoftBiz -- Freelancers Script
| Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter. | | 4.3 | CVE-2007-6124 MILW0RM BID
| Symantec -- BackupExec System Recovery
| The Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allows remote attackers to cause a denial of service (NULL dereference and service crash) via a crafted packet to port 5633/tcp. | | 5.0 | CVE-2007-4346 OTHER-REF OTHER-REF FRSIRT SECTRACK SECUNIA
| Symantec -- BackupExec System Recovery
| Multiple integer overflows in the Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allow remote attackers to cause a denial of service (CPU and memory consumption) via a crafted packet to port 5633/tcp, which triggers an infinite loop. | | 5.0 | CVE-2007-4347 OTHER-REF OTHER-REF BID FRSIRT SECTRACK SECUNIA
| Tilde -- Tilde CMS
| Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action. | | 4.3 | CVE-2007-6160 BUGTRAQ BID
| Tilde -- Tilde CMS
| index.php in Tilde CMS 4.x and earlier allows remote attackers to obtain sensitive information via a certain search parameter value in a search action, which reveals the path. | | 5.0 | CVE-2007-6161 BUGTRAQ
| VBTube -- VBTube
| Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 Beta allows remote attackers to inject arbitrary web script or HTML via the search parameter. | | 4.3 | CVE-2007-6141 BUGTRAQ BID
| WSDeluxe -- FMDeluxe
| Cross-site scripting (XSS) vulnerability in index.php in FMDeluxe 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a category action. | | 4.3 | CVE-2007-6162 BUGTRAQ BID SECUNIA
| Xunlei -- Web Thunder
| Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information. | | 6.0 | CVE-2007-6144 OTHER-REF OTHER-REF BID FRSIRT SECUNIA
|