Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | 3proxy -- 3proxy
| Double-free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy. | | 5.0 | CVE-2007-5622 BUGTRAQ FULLDISC OTHER-REF BID SECUNIA
| a-enterprise -- GoSamba
| Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_group.php; (6) inc_manager.php; (7) inc_newgroup.php; (8) inc_smb_conf.php; (9) inc_user.php; or (10) main.php. | | 6.8 | CVE-2007-5786 MILW0RM
| Asterisk -- Zaptel
| Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. | | 4.6 | CVE-2007-5690 BUGTRAQ OTHER-REF BID XF
| Blue-Collar Productions -- i-Gallery
| Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence. | | 5.0 | CVE-2007-5776 BUGTRAQ
| Blue-Collar Productions -- i-Gallery
| Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb. | | 5.0 | CVE-2007-5777 BUGTRAQ
| Caupo.net -- CaupoShop Pro
| PHP remote file inclusion vulnerability in index.php in CaupoShop Pro 2.x allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | | 6.8 | CVE-2007-5784 MILW0RM
| creapark -- GOLD KOY PORTALI
| Cross-site scripting (XSS) vulnerability in default.asp in CREApark GOLD KOY PORTALI allows remote attackers to inject arbitrary web script or HTML via the aranan parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-5698 SECUNIA
| cups -- CUPS
| Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | | 6.8 | CVE-2007-4351 OTHER-REF SECUNIA
| DenyHosts -- DenyHosts
| DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log messages with an incorrect regular expression that does not match an IP address, which might allow remote attackers to avoid detection and blocking when making invalid login attempts with a username not present in AllowUsers, as demonstrated by the root username, a different vulnerability than CVE-2007-4323. | | 4.3 | CVE-2007-5715 OTHER-REF OTHER-REF
| efileman -- efileman
| Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.cgi, accessed from upload.html. | | 6.4 | CVE-2007-5734 BUGTRAQ BID
| efileman -- efileman
| eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm. | | 5.0 | CVE-2007-5735 BUGTRAQ BID
| eIQnetworks -- Enterprise Security Analyzer
| Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059. | | 6.8 | CVE-2007-5699 MILW0RM BID
| elouai -- Force Download
| Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the file parameter. NOTE: this issue only occurs in environments where the system administrator has not followed the vendor recommendations that this product should only be used internally. | | 5.0 | CVE-2007-5732 BUGTRAQ OTHER-REF
| Fabrice Bellard -- QEMU
| Integer signedness error in the NE2000 emulator in QEMU 0.8.2 allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730. | | 6.6 | CVE-2007-1321 OTHER-REF DEBIAN REDHAT
| Fabrice Bellard -- QEMU
| The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability. | | 6.6 | CVE-2007-5729 OTHER-REF DEBIAN
| Fabrice Bellard -- QEMU
| Heap-based buffer overflow in QEMU 0.8.2 allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability. | | 6.6 | CVE-2007-5730 OTHER-REF DEBIAN
| FireConfig -- FireConfig
| Directory traversal vulnerability in dl.php in FireConfig 0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | | 5.0 | CVE-2007-5782 MILW0RM
| Flatnuke3 -- Flatnuke3
| Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthenticated remote attackers can exploit this by leveraging a cookie manipulation issue. | | 6.0 | CVE-2007-5772 BUGTRAQ MILW0RM
| Flatnuke3 -- Flatnuke3
| Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter. | | 4.3 | CVE-2007-5773 MILW0RM XF
| Flatnuke3 -- Flatnuke3
| index.php in the File Manager module in Flatnuke 3 allows remote attackers to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message. | | 5.0 | CVE-2007-5774 MILW0RM XF
| Gentoo -- MLDonkey ebuild
| The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote attackers to obtain login access and execute arbitrary code. | | 6.8 | CVE-2007-5714 GENTOO SECUNIA
| ghlab -- Korean GHBoard
| The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions, which allows remote attackers to bypass restrictions and upload arbitrary files via a modified copy of component/flashupload/upload.html. | | 6.8 | CVE-2007-5738 BUGTRAQ BID
| ghlab -- Korean GHBoard
| Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component in Korean GHBoard allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | | 5.0 | CVE-2007-5739 BUGTRAQ BID
| Globe7 -- Globe7
| The Globe7 soft phone client 7.3 sends username and password information in cleartext, which allows remote attackers to obtain sensitive information by sniffing the HTTP traffic. | | 5.0 | CVE-2007-5768 OTHER-REF
| GNOME -- Screensaver Compiz -- Compiz
| GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069. | | 6.2 | CVE-2007-3920 UBUNTU BID SECUNIA
| IBM -- Tivoli Storage Manager Client
| Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file that is accessible through a certain web interface. | | 4.3 | CVE-2007-4348 OTHER-REF FRSIRT SECUNIA
| IBM -- Lotus Notes IBM -- Lotus Domino
| IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. | | 6.2 | CVE-2007-5544 OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| IBM -- Lotus Domino
| The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information. | | 6.3 | CVE-2007-5700 OTHER-REF BID FRSIRT SECUNIA XF
| jeeblestechnology -- Jeebles Directory
| Unspecified vulnerability in the Settings component in the administration system in Jeebles Directory 2.9.60 allows remote authenticated administrators to execute arbitrary PHP code via unspecified vectors related to settings.inc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 6.0 | CVE-2007-5705 SECUNIA XF
| Massive Entertainment -- World in Conflict
| Massive Entertainment World in Conflict 1.001 and earlier allows remote attackers to cause a denial of service (failed assertion and daemon crash) via a large packet to TCP or UDP port 48000. | | 5.0 | CVE-2007-5711 OTHER-REF OTHER-REF FRSIRT SECUNIA
| Mobile-Spy -- Mobile-Spy
| Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network. | | 6.4 | CVE-2007-5778 BUGTRAQ OTHER-REF OTHER-REF
| Mozilla -- Firefox
| ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service (application crash) via a crafted reply to an unspecified listing command, related to "reading from invalid pointer." | | 4.3 | CVE-2007-5691 BUGTRAQ OTHER-REF BID XF
| myspacepros -- MySpace Resource Script
| PHP remote file inclusion vulnerability in _theme/breadcrumb.php in MySpacePros MySpace Resource Script (MSRS) 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the rootBase parameter. | | 6.8 | CVE-2007-5721 MILW0RM BID
| Novell -- OpenSUSE SWAMP
| Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information. | | 4.3 | CVE-2007-5702 BUGTRAQ BID SECUNIA XF
| NuFW -- NuFW
| Heap-based buffer overflow in the samp_send function in nuauth/sasl.c in NuFW before 2.2.7 allows remote attackers to cause a denial of service via unspecified input on which base64 encoding is performed. NOTE: some of these details are obtained from third party information. | | 5.0 | CVE-2007-5723 OTHER-REF SECUNIA
| Omnistar Interactive -- Omnistar Live
| Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via the category_id parameter to kb.php in (1) smartshop/users/ and (2) users/, and possibly (3) the Email Box field in profile.php. | | 4.3 | CVE-2007-5724 BUGTRAQ BID
| OneOrZero -- OneOrZero Helpdesk
| Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site scripting (XSS) attacks and inject arbitrary web script or HTML via XSS sequences without SCRIPT tags in the description parameter to (1) tcreate.php or (2) tupdate.php, as demonstrated using an onmouseover event in a b tag. | | 4.3 | CVE-2007-5727 BUGTRAQ BID SECUNIA
| phpBasic -- phpBasic
| PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module. | | 6.8 | CVE-2007-5696 BUGTRAQ
| phpFaber -- URLInn
| PHP remote file inclusion vulnerability in urlinn_includes/config.php in phpFaber URLInn 2.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the dir_ws parameter. | | 6.8 | CVE-2007-5754 MILW0RM
| phpimage -- PHP Image
| Multiple PHP remote file inclusion vulnerabilities in PHP Image 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the xarg parameter to (1) xarg_corner.php, (2) xarg_corner_bottom.php, and (3) xarg_corner_top.php. | | 6.8 | CVE-2007-5697 MILW0RM BID
| phpPgAdmin -- phpPgAdmin
| Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865. | | 4.3 | CVE-2007-5728 FULLDISC BID SECUNIA XF
| PHPToys -- Micro Login System
| Micro Login System 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a password via a direct request for userpwd.txt. | | 5.0 | CVE-2007-5787 BUGTRAQ
| Pidgin -- Pidgin
| libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996. | | 4.3 | CVE-2007-4999 OTHER-REF FRSIRT SECUNIA
| profilecms -- ProfileCMS
| Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a profile. | | 6.8 | CVE-2007-5720 MILW0RM BID
| quirm -- SAXON
| SAXON 5.4, with display_errors enabled, allows remote attackers to obtain sensitive information via (1) a direct request for news.php, (2) an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in (3) admin/, (4) rss/, and (5) the root directory of the installation, which reveal the path in various error messages. | | 5.0 | CVE-2007-4861 BUGTRAQ OTHER-REF OTHER-REF
| quirm -- SAXON
| Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the config[news_url] parameter. | | 4.3 | CVE-2007-4862 BUGTRAQ OTHER-REF OTHER-REF BID XF
| quirm -- SAXON
| SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter. | | 6.8 | CVE-2007-4863 BUGTRAQ OTHER-REF OTHER-REF BID
| RSA -- KEON Registration Authority Web Interface
| Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request.xuda in RSA KEON Registration Authority Web Interface 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-5703 BUGTRAQ OTHER-REF CERT-VN BID SECTRACK
| SeeBlick -- SeeBlick
| Unrestricted file upload vulnerability in upload.php in SeeBlick 1.0 Beta allows remote attackers to upload arbitrary files via unspecified vectors. NOTE: these files are stored with .html extensions, so the scope of the attack might be limited to resource consumption and possibly XSS. | | 6.4 | CVE-2007-5736 BUGTRAQ
| Sige -- Sige
| PHP remote file inclusion vulnerability in inc/sige_init.php in Sige 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the SYS_PATH parameter. | | 6.8 | CVE-2007-5781 MILW0RM
| SiteBar -- SiteBar
| Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320. | | 4.3 | CVE-2007-5692 BUGTRAQ OTHER-REF BID
| SiteBar -- SiteBar
| Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492. | | 6.0 | CVE-2007-5693 BUGTRAQ OTHER-REF BID
| SiteBar -- SiteBar
| Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491. | | 6.8 | CVE-2007-5694 BUGTRAQ OTHER-REF BID
| SiteBar -- SiteBar
| command.php in SiteBar 3.3.8 allows remote attackers to redirect users to arbitrary web sites via the forward parameter in a Log In action. | | 6.4 | CVE-2007-5695 BUGTRAQ OTHER-REF BID
| smart-shop -- Smart-Shop
| Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via (1) the email parameter to index.php; or the command parameter to index.php in (2) the default action for the home page, (3) a currencies action, or (4) a basket action. | | 4.3 | CVE-2007-5725 BUGTRAQ BID
| Sun -- Solaris
| Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun Solaris 10, when at least one SCTP socket is in the LISTEN state, allows remote attackers to cause a denial of service (panic) via unspecified vectors related to "INIT processing." | | 6.8 | CVE-2007-5726 SUNALERT
| Telematic Lab -- teatro
| PHP remote file inclusion vulnerability in pub/pub08_comments.php in teatro 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. | | 6.8 | CVE-2007-5780 MILW0RM
| Trend Micro -- PC-Cillin Internet Security 2007 Trend Micro -- Scan Engine
| The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403. | | 6.2 | CVE-2007-4277 IDEFENSE OTHER-REF SECTRACK
| vobcopy -- vobcopy
| vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | | 4.9 | CVE-2007-5718 OTHER-REF BID SECUNIA
|