Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Apple -- Mac OS X Server Apple -- Mac OS X
| Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. | | 8.0 | CVE-2007-0731 APPLE
| Apple -- ImageIO
| Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption. | | 8.0 | CVE-2007-0733 APPLE
| betaparticle -- betaparticle blog
| SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 through 7.0.2 allows remote attackers to execute arbitrary SQL commands via the layout parameter. | | 7.0 | CVE-2007-1445 MILW0RM OTHER-REF FRSIRT SECUNIA
| Bitesser -- MySQL Commander
| PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter. | | 8.0 | CVE-2007-1439 BUGTRAQ MILW0RM OTHER-REF BID
| CARE2X -- CARE2X
| Multiple PHP remote file inclusion vulnerabilities in CARE2X 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) inc_checkdate_lang.php, (2) inc_charset_fx.php, (3) inc_config_color.php, (4) inc_currency_set.php, (5) inc_db_makelink.php, (6) inc_diagnostics_report_fx.php, (7) inc_environment_global.php, (8) inc_front_chain_lang.php, (9) inc_init_crypt.php, (10) inc_load_copyrite.php, or (11) inc_news_save.php in include/; (12) diagnostics-report-index.php, (13) config_options_mascot.php, (14) barcode-labels.php, (15) chg-color.php, or (16) config_options_gui_template.php in main/; or unspecified other files. | | 10.0 | CVE-2007-1458 OTHER-REF BID
| Christian Scheurer -- URARFileLib Christian Scheurer -- unrarlib
| Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via unspecified vectors in applications linked with this library. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 10.0 | CVE-2007-1457 BID
| Clip-Share -- ClipShare
| PHP remote file inclusion vulnerability in include/adodb-connection.inc.php in ClipShare 1.5.3 allows remote attackers to execute arbitrary PHP code via a URL in the cmd parameter. | | 7.0 | CVE-2007-1430 BUGTRAQ
| Coppermine -- Coppermine Photo Gallery
| Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote attackers to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions.php, (d) include/plugin_api.inc.php, (e) index.php, or (f) pluginmgr.php. | | 10.0 | CVE-2007-1414 BUGTRAQ BID XF
| D-Link -- TFTP Server
| Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 10.0 | CVE-2007-1435 BID SECUNIA
| Duyuru Scripti -- Duyuru Scripti
| SQL injection vulnerability in goster.asp in fystyq Duyuru Scripti allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-0688. | | 7.0 | CVE-2007-1422 BUGTRAQ BID
| Dynaliens -- Dynaliens
| dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privileged actions via a direct request for (1) validlien.php3 (2) supprlien.php3 (3) supprub.php3 (4) validlien.php3 (5) confsuppr.php3 (6) modiflien.php3, or (7) confmodif.php3 in admin/. | | 7.0 | CVE-2007-1389 BUGTRAQ OTHER-REF BID
| Edgewall Software -- Trac
| Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors. | | 7.0 | CVE-2007-1406 OTHER-REF
| Fish -- Fish
| Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings. | | 10.0 | CVE-2007-1397 OTHER-REF BID
| Flat Chat -- Flat Chat
| Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote attackers to execute arbitrary PHP code via the Chat Name field, which is inserted into online.txt and included by users.php. NOTE: some of these details are obtained from third party information. | | 10.0 | CVE-2007-1394 MILW0RM BID FRSIRT SECUNIA
| GaziYapBoz -- Game Portal
| SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal allows remote attackers to execute arbitrary SQL commands via the kategori parameter. | | 7.0 | CVE-2007-1410 MILW0RM BID FRSIRT
| Geo Soft -- Magic CMS
| PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | | 10.0 | CVE-2007-1393 MILW0RM BID FRSIRT
| GNOME -- Ekiga
| Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. | | 8.0 | CVE-2007-0999 MANDRIVA UBUNTU
| Grayscale -- Grayscale Blog
| Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php, and unspecified parameters to (2) addblog.php, (3) editblog.php, (4) editlinks.php, (5) edit_users.php, and (6) add_links.php. | | 7.0 | CVE-2007-1432 BUGTRAQ BID FRSIRT
| Grayscale -- Grayscale Blog
| SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php. | | 7.0 | CVE-2007-1434 BUGTRAQ BID FRSIRT
| HC Design -- NewsSystem
| SQL injection vulnerability in index.php in HC NEWSSYSTEM 1.0-4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a komm aktion. | | 7.0 | CVE-2007-1417 BUGTRAQ BID
| JCcorp -- URLshrink
| PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote attackers to execute arbitrary PHP code via a URL in the formurl parameter. | | 10.0 | CVE-2007-1416 BUGTRAQ BID
| JGBBS -- JGBBS
| SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the author parameter. | | 7.0 | CVE-2007-1440 BUGTRAQ MILW0RM BID
| Joris Guisson -- KTorrent
| chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value. | | 7.0 | CVE-2007-1385 MLIST OTHER-REF OTHER-REF
| LedgerSMB -- LedgerSMB SQL-Ledger -- SQL-Ledger
| Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows remote attackers to bypass authentication via unknown vectors that prevents a password check from occurring. | | 7.0 | CVE-2007-1436 BUGTRAQ BID SECUNIA SECUNIA
| Linux -- Kernel
| The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference. | | 7.0 | CVE-2007-1000 OTHER-REF OTHER-REF BID
| Macromedia -- Shockwave
| Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885. | | 7.0 | CVE-2007-1403 MILW0RM
| Mercury -- Mail Transport System
| Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961. | | 10.0 | CVE-2007-1373 FULLDISC SECUNIA XF
| Moodle -- moodle
| Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 allow remote attackers to execute arbitrary PHP code via a URL in the cmd parameter to (1) admin/utfdbmigrate.php or (2) filter.php. | | 7.0 | CVE-2007-1429 BUGTRAQ
| Open Education System -- Open Education System
| Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1beta allow remote attackers to execute arbitrary PHP code via a URL in the CONF_INCLUDE_PATH parameter to (1) lib-account.inc.php, (2) lib-file.inc.php, (3) lib-group.inc.php, (4) lib-log.inc.php, (5) lib-mydb.inc.php, (6) lib-template-mod.inc.php, and (7) lib-themes.inc.php in includes/. | | 10.0 | CVE-2007-1446 BUGTRAQ OTHER-REF BID FRSIRT
| Open Solution -- Quick.Cart
| Unspecified vulnerability in OpenSolution Quick.Cart before 2.1 has unknown impact and attack vectors, related to a "low critical exploit." | | 7.0 | CVE-2007-1407 OTHER-REF OTHER-REF
| OpenBSD -- OpenBSD
| Unspecified vulnerability in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 has unspecified impact and remote attack vectors related to "Incorrect mbuf handling for ICMP6 packets." | | 7.0 | CVE-2007-1365 MLIST OPENBSD OPENBSD SECTRACK
| Oracle -- Oracle10g Database Server
| Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges. | | 7.0 | CVE-2007-1442 OTHER-REF BID SECUNIA
| PECL Zip -- 1.8.3 PHP -- PHP
| Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback. | | 10.0 | CVE-2007-1399 OTHER-REF BID
| PHP -- PHP
| The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource. | | 7.0 | CVE-2007-1376 MILW0RM MILW0RM OTHER-REF BID
| PHP -- PHP
| The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments. | | 10.0 | CVE-2007-1378 OTHER-REF BID
| PHP -- PHP
| The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code. | | 10.0 | CVE-2007-1379 OTHER-REF BID
| PHP -- CVS
| The wddx_deserialize function in wddx.c in PHP CVS as of 20070304 calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow. | | 8.0 | CVE-2007-1381 OTHER-REF
| PHP -- PHP
| Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286. | | 8.0 | CVE-2007-1383 OTHER-REF
| PHP -- PHP
| The import_request_variables function in PHP 4.0.7 through 5.2.1, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, should be included in CVE. | | 10.0 | CVE-2007-1396 BUGTRAQ
| PHP -- PHP
| Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions. | | 10.0 | CVE-2007-1411 BUGTRAQ OTHER-REF BID
| PHP -- PHP
| Buffer overflow in the snmpget function in the snmp extension in PHP 4.4.6 allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id). | | 10.0 | CVE-2007-1413 MILW0RM BID
| PHP -- PHP
| Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer. | | 7.0 | CVE-2007-1453 OTHER-REF OTHER-REF BID
| PHP Labs -- JobSitePro
| SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 allows remote attackers to execute arbitrary SQL commands via the salary parameter. | | 7.0 | CVE-2007-1428 MILW0RM BID SECUNIA
| PHP-Nuke -- PHP-Nuke
| SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands in the Top or News module via the lang parameter. | | 7.0 | CVE-2007-1450 BUGTRAQ BID
| phpAlbum.net -- phpalbum
| ** DISPUTED ** PHP remote file inclusion vulnerability in common.php in PHP Photo Album allows remote attackers to execute arbitrary PHP code via a URL in the db_file parameter. NOTE: CVE disputes this vulnerability, because versions 0.3.2.6 and 0.4.1beta do not contain this file. | | 10.0 | CVE-2007-1456 BUGTRAQ VIM
| PMB Services -- PMB Services
| Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0.13 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) class_path parameter to (a) includes/resa_func.inc.php (b) admin/notices/perso.inc.php, or (c) admin/quotas/main.inc.php; the (2) base_path parameter to (d) opac_css/rec_panier.php or (e) opac_css/includes/author_see.inc.php; or the (3) include_path parameter to (f) bull_info.inc.php or (g) misc.inc.php in includes/; (h) options_date_box.php, (i) options_file_box.php, (j) options_list.php, (k) options_query_list.php, or (l) options_text.php in includes/options/; (m) options.php, (n) options_comment.php, (o) options_date_box.php, (p) options_list.php, (q) options_query_list.php, or (r) options_text.php in includes/options_empr/; or (s) admin/import/iimport_expl.php, (t) admin/netbase/clean.php, (u) admin/param/param_func.inc.php, (v) admin/sauvegarde/lieux.inc.php, (w) autorites.php, (x) account.php, (y) cart.php!
, or (z) edit.php. | | 10.0 | CVE-2007-1415 MILW0RM OTHER-REF BID XF
| PostGuestbook -- PostGuestbook
| PHP remote file inclusion vulnerability in styles/internal/header.php in the PostGuestbook 0.6.1 module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the tpl_pgb_moddir parameter. | | 10.0 | CVE-2007-1372 MILW0RM BID XF
| Premod SubDog -- Premod SubDog
| Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions_kb.php, (2) themen_portal_mitte.php, or (3) logger_engine.php in includes/. | | 10.0 | CVE-2007-1421 BUGTRAQ BID
| Rediff -- Toolbar
| The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments. | | 7.0 | CVE-2007-1402 OTHER-REF BID
| Softnews Media Group -- DataLife Engine
| Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote attackers to execute arbitrary PHP code via a URL in the root_dir parameter to (1) init.php and (2) Ajax/editnews.php. NOTE: some of these details are obtained from third party information. | | 7.0 | CVE-2007-1424 BUGTRAQ BID
| Triexa -- SonicMailer Pro
| SQL injection vulnerability in index.php in Triexa SonicMailer Pro 3.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the list parameter in an archive action. | | 7.0 | CVE-2007-1425 MILW0RM BID SECUNIA
| Vallheru -- Vallheru
| Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outposts.php, (4) tribes.php, (5) house.php, (6) tribearmor.php, (7) tribeastral.php, (8) tribeware.php, and (9) includes/head.php in Bartek Jasicki Vallheru before 1.3 beta have unknown impact and remote attack vectors, probably related to large integer values containing more than 15 digits. NOTE: the original vendor report is for integer overflows, but this is probably an incorrect usage of the term. | | 7.0 | CVE-2007-1408 OTHER-REF OTHER-REF OTHER-REF
| WebCreator -- WebCreator
| Multiple PHP remote file inclusion vulnerabilities in WebCreator 0.2.6-rc3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the moddir parameter to (1) content/load.inc.php, (2) config/load.inc.php, (3) http/load.inc.php, and unspecified other files. | | 10.0 | CVE-2007-1459 OTHER-REF BID
| Webo -- Webo
| PHP remote file inclusion vulnerability in modules/abook/foldertree.php in Leo West WEBO (aka weborganizer) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter. | | 10.0 | CVE-2007-1391 MILW0RM OTHER-REF BID FRSIRT XF
| WORK system e-commerce -- WORK system e-commerce
| Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts. | | 8.0 | CVE-2007-1423 MILW0RM BID SECUNIA
| X-Ice -- X-Ice News System
| SQL injection vulnerability in devami.asp in X-Ice News System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2007-1438 MILW0RM BID
|