Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Apache Software Foundation -- Apache
| Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. | | 4.3 | CVE-2007-6203 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
| Apple -- Mac OS X
| Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary. | | 4.9 | CVE-2007-6261 OTHER-REF BID FRSIRT SECUNIA
| Avast -- Avast Antivirus Professional Avast -- Avast Antivirus Home
| Unspecified vulnerability in avast! 4 Home and Professional Editions before 4.7.1098 allows remote attackers to have an unknown impact via a crafted TAR archive. | | 6.8 | CVE-2007-6265 OTHER-REF BID SECUNIA
| bcoos -- bcoos
| Multiple cross-site scripting (XSS) vulnerabilities in modules/ecal/display.php in the Event Calendar in bcoos 1.0.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) day or (2) year parameter. | | 4.3 | CVE-2007-6274 OTHER-REF BID SECUNIA XF
| CRM_CTT -- Interleave
| The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMITTOCUSTOMERS privilege to bypass intended access restrictions and edit non-active user settings. NOTE: some of these details are obtained from third party information. | | 6.5 | CVE-2007-6222 OTHER-REF SECUNIA
| Ext2 Filesystems Utilities -- e2fsprogs
| Multiple integer overflows in libext2fs in e2fsprogs allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image. | | 5.8 | CVE-2007-5497 SUSE
| FTP -- Admin
| Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. | | 4.3 | CVE-2007-6232 MILW0RM SECUNIA XF
| FTP Admin -- FTP Admin
| Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | | 4.9 | CVE-2007-6233 MILW0RM SECUNIA XF
| Google -- KML
| Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the layer parameter. | | 5.0 | CVE-2007-6212 MILW0RM
| IBM -- Tivoli Netcool Security Manager
| Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-6219 OTHER-REF FRSIRT SECTRACK SECUNIA
| Intel -- PRO Wireless 3945ABG Intel -- Wireless WiFi Link 4965AGN
| The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization. | | 5.0 | CVE-2007-5938 OTHER-REF OTHER-REF
| LearnLoop -- LearnLoop
| Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database. | | 4.3 | CVE-2007-6214 MILW0RM
| Microsoft -- Internet Explorer
| The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct man-in-the-middle (MITM) attacks. | | 5.8 | CVE-2007-5355 OTHER-REF MSKB BID FRSIRT SECTRACK SECUNIA
| Microsoft -- Windows Media Player
| Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff. | | 5.0 | CVE-2007-6236 MILW0RM BID
| Mortbay Jetty -- Jetty
| Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies. | | 4.3 | CVE-2007-5613 OTHER-REF OTHER-REF CERT-VN
| Mortbay Jetty -- Jetty
| CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | | 5.0 | CVE-2007-5615 OTHER-REF CERT-VN
| OpenOffice -- OpenOffice
| Unspecified vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org (OOo) 2 before 2.3.1 allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents. | | 6.8 | CVE-2007-4575 OTHER-REF BID FRSIRT SECUNIA
| Oracle -- Database 11g Oracle -- Database 10g
| The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener. NOTE: at the end of the installation, if performed using the Database Configuration Assistant (DBCA), most accounts are disabled or their passwords are changed. | | 6.8 | CVE-2007-6260 BUGTRAQ OTHER-REF OTHER-REF
| Ossigeno -- CMS
| Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 pre1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) level parameter to (a) install_module.php and (b) uninstall_module.php in upload/xax/admin/modules/, (c) upload/xax/admin/patch/index.php, and (d) install_module.php and (e) uninstall_module.php in upload/xax/ossigeno/admin/; and the (2) ossigeno parameter to (f) ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php, different vectors than CVE-2007-5234. | | 5.0 | CVE-2007-6218 OTHER-REF BID
| Perl -- PCRE
| Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid character after a [[ sequence. | | 5.0 | CVE-2006-7225 OTHER-REF OTHER-REF REDHAT REDHAT
| Real -- RealPlayer
| The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll, as shipped with RealPlayer 11, allows remote attackers to cause a denial of service (browser crash) via a certain argument to the GetSourceTransport method. | | 5.0 | CVE-2007-6224 BUGTRAQ OTHER-REF BID XF
| RealNetworks -- RealPlayer
| A certain ActiveX control in RealNetworks RealPlayer 11 allows remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. NOTE: this might be related to CVE-2007-4904. | | 5.0 | CVE-2007-6235 BUGTRAQ MILW0RM OTHER-REF
| SonicWall -- Global VPN Client
| Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries. | | 6.8 | CVE-2007-6273 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
| Squid -- Squid Web Proxy Cache
| The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers. | | 5.0 | CVE-2007-6239 OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| Sun -- Solaris
| Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs. | | 4.7 | CVE-2007-6216 SUNALERT BID FRSIRT SECUNIA
| Sun -- Solaris
| Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors. | | 4.9 | CVE-2007-6225 SUNALERT BID FRSIRT SECUNIA XF
| typespeed -- Typespeed
| typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via unspecified network behavior that triggers a divide-by-zero error. | | 5.0 | CVE-2007-6220 OTHER-REF OTHER-REF BID SECUNIA
| VideoLAN -- VLC Media Player
| A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability." | | 6.8 | CVE-2007-6262 BUGTRAQ OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| Web-MeetMe -- Web-MeetMe
| Multiple directory traversal vulnerabilities in play.php in Web-MeetMe 3.0.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) roomNo and possibly the (2) bookid parameter. | | 5.0 | CVE-2007-6215 MILW0RM
| WebED -- WebED
| Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters. | | 5.0 | CVE-2007-6213 MILW0RM
| XenSource Inc -- Xen
| Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains. | | 5.0 | CVE-2007-6207 OTHER-REF MLIST
| XIGLA -- Absolute News Manager.NET
| Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | | 5.0 | CVE-2007-6268 BUGTRAQ OTHER-REF OTHER-REF OTHER-REF BID SECUNIA
| XIGLA -- Absolute News Manager.NET
| Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) template parameter to pages/default.aspx. | | 4.3 | CVE-2007-6270 BUGTRAQ OTHER-REF OTHER-REF BID SECUNIA
| XIGLA -- Absolute News Manager.NET
| Absolute News Manager.NET 5.1 allows remote attackers to obtain sensitive information via a direct request to getpath.aspx, which reveals the installation path in an error message. | | 4.3 | CVE-2007-6271 BUGTRAQ OTHER-REF BID
| Yahoo -- Yahoo Toolbar
| Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote attackers to cause a denial of service (browser crash) via a long argument to the c method. | | 6.8 | CVE-2007-6228 FULLDISC BID XF
| ZSH -- ZSH
| difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | | 4.6 | CVE-2007-6209 MLIST MLIST MLIST OTHER-REF
|