Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Adobe -- Photoshop Adobe -- Photoshop Elements
| Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0, allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. | | 8.0 | CVE-2007-2365 MILW0RM BID FRSIRT SECUNIA XF
| AFFLIB -- AFFLIB
| Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 URL in lib/vnode_s3.cpp; or (3) a long (c) EFW, (d) AFD, or (c) aimage file path. NOTE: the aimage vector (3c) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB. | | 10.0 | CVE-2007-2053 BUGTRAQ OTHER-REF BID XF
| AFFLIB -- AFFLIB
| Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/aimage.cpp, (f) aimage/imager.cpp, and (g) tools/afxml.cpp. NOTE: the aimage.cpp vector (e) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB. | | 7.0 | CVE-2007-2054 BUGTRAQ OTHER-REF XF
| AFFLIB -- AFFLIB
| AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called. | | 7.0 | CVE-2007-2055 BUGTRAQ OTHER-REF XF
| AFFLIB -- AFFLIB
| Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls, possibly involving (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/imager.cpp, and (f) tools/afxml.cpp. NOTE: this identifier is intended to address the vectors that were not fixed in CVE-2007-2054, but the unfixed vectors were not explicitly listed. | | 10.0 | CVE-2007-2352 BUGTRAQ OTHER-REF
| Ahhp-Portal -- Ahhp-Portal
| Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp-Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) fp or (2) sc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-2428 BID
| Ariadne -- Ariadne CMS
| Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the ARLogin parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-2433 SECUNIA
| Aventail -- Aventail Connect
| Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed DNS query. | | 10.0 | CVE-2007-2434 FULLDISC BID XF
| b2evolution -- b2evolution
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_path parameter to (a) a_noskin.php, (b) a_stub.php, (c) admin.php, (d) contact.php, (e) default.php, (f) index.php, and (g) multiblogs.php in blogs/; the (2) view_path and (3) control_path parameters to blogs/admin.php; and the (4) skins_path parameter to (h) blogs/contact.php and (i) blogs/multiblogs.php. NOTE: this issue is disputed by CVE, since the inc_path, view_path, control_path, and skins_path variables are all initialized in conf/_advanced.php before they are used. | | 7.0 | CVE-2007-2358 BUGTRAQ VIM XF
| Burak Yilmaz -- Burak Yilmaz Blog
| SQL injection vulnerability in bry.asp in Burak Yilmaz Blog 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2007-2420 BUGTRAQ BID XF
| Burnstone -- BurnCMS
| Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/; or (3) authuser.php, (4) misc.php, or (5) connect.php in lib/. | | 7.0 | CVE-2007-2364 MILW0RM BID FRSIRT XF
| Cerulean Studios -- Trillian Pro
| Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. | | 7.0 | CVE-2007-2418 OTHER-REF
| Cerulean Studios -- Trillian Pro
| Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string. | | 7.0 | CVE-2007-2478 IDEFENSE OTHER-REF BID FRSIRT SECTRACK SECUNIA XF XF
| Cisco -- PIX Cisco -- Adaptive Security Appliance
| Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. | | 10.0 | CVE-2007-2462 CISCO CERT-VN BID
| CMS Made Simple -- CMS Made Simple
| SQL injection vulnerability in stylesheet.php in CMS Made Simple 1.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter. | | 7.0 | CVE-2007-2473 OTHER-REF OTHER-REF BID SECUNIA
| Comdev -- Modules Builder
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter to (1) config-bak.php or (2) config.php. NOTE: CVE disputes this vulnerability because the unmodified scripts set the applicable variable to the empty string; reasonable modified copies would use a fixed pathname string. | | 7.0 | CVE-2007-2422 BUGTRAQ XF
| E-Annu -- E-Annu
| SQL injection vulnerability in home.php in E-Annu allows remote attackers to execute arbitrary SQL commands via the a parameter. | | 7.0 | CVE-2007-2416 BUGTRAQ BID XF
| EMC -- RSA Security SiteKey
| EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP. | | 10.0 | CVE-2006-7201 OTHER-REF OTHER-REF
| Fabrice Bellard -- QEMU
| Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2 might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow. | | 7.0 | CVE-2007-1320 OTHER-REF DEBIAN BID FRSIRT SECUNIA SECUNIA
| FileRun -- FileRun
| SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter. | | 7.0 | CVE-2007-2469 OTHER-REF BID SECUNIA
| FireFly -- FireFly
| Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/. | | 7.0 | CVE-2007-2456 MILW0RM VIM BID FRSIRT
| FireFly -- FireFly
| PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-2460 VIM FRSIRT
| Gregory Kokanosky -- phpMyNewsLetter
| admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action. | | 10.0 | CVE-2007-2371 MILW0RM BID
| Gregory Kokanosky -- phpMyNewsLetter
| admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/. | | 10.0 | CVE-2007-2372 MILW0RM BID
| Hitachi -- Groupmax Mobile Option
| Buffer overflow in Hitachi Groupmax Mobile Option for Mobile-Phone 07-00 through 07-30, 5 for i-mode 05-11 through 05-23, and 6 for EZweb 06-00 through 06-04 allows remote attackers to execute arbitrary code via unspecified vectors. | | 7.0 | CVE-2007-2421 OTHER-REF BID FRSIRT SECUNIA XF
| HP -- Power Manager Remote Agent
| Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors. | | 7.0 | CVE-2007-2351 HP BID FRSIRT SECUNIA SECTRACK
| IBM -- WebSphere Application Server
| Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 5.1.1.14, and WAS for z/OS 601 before 6.0.2.13, has unknown impact and attack vectors, related to a "Potential security exposure," aka PK26123. | | 7.0 | CVE-2006-7198 OTHER-REF AIXAPAR AIXAPAR FRSIRT SECTRACK SECUNIA XF
| ManageEngine -- PasswordManager Pro
| ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 10.0 | CVE-2007-2429 BID
| Microsoft -- Windows 2000 Microsoft -- Windows Server 2003 Microsoft -- Windows XP
| Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source. | | 8.0 | CVE-2007-2374 OTHER-REF BID
| MicroWorld Technologies -- eScan
| The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan 8.0.671.1, and possibly other versions, allows remote or local attackers to gain privileges and execute arbitrary commands by connecting directly to TCP port 2222. | | 10.0 | CVE-2007-0655 OTHER-REF FRSIRT SECUNIA
| Novell -- Novell SecureLogin
| Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to granting "users excess permissions to their own attributes." | | 7.0 | CVE-2007-2475 NOVELL FRSIRT
| Novell -- Novell SecureLogin
| Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes. | | 7.0 | CVE-2007-2476 OTHER-REF FRSIRT
| Nukedit -- Nukedit
| Cross-site scripting (XSS) vulnerability in utilities/search.asp in nukedit 4.9.7b allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-2432 BID SECUNIA
| OPeNDAP -- Server3
| The get_url function in DODS_Dispatch.pm for the CGI_server in OPeNDAP 3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | | 10.0 | CVE-2007-2355 OTHER-REF OTHER-REF CERT-VN BID FRSIRT SECTRACK SECUNIA
| phpMyChat -- phpMyChat
| ** DISPUTED ** PHP remote file inclusion vulnerability in phpMyChat.php3 in phpMyChat 0.14.5 allows remote attackers to execute arbitrary PHP code via a URL in the {ChatPath} parameter. NOTE: this has been disputed by multiple third parties and CVE because $ChatPath is set to a constant value. | | 7.0 | CVE-2007-2477 BUGTRAQ BUGTRAQ VIM VIM
| Pixaria -- Pixaria Gallery
| PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery before 1.4.3 allows remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter. | | 7.0 | CVE-2007-2457 MILW0RM OTHER-REF OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| Pixaria -- Pixaria Gallery
| Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery before 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter to psg.smarty.lib.php and certain include and library scripts. | | 7.0 | CVE-2007-2458 OTHER-REF OTHER-REF OTHER-REF FRSIRT
| pnFlashGames -- pnFlashGames
| SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | | 7.0 | CVE-2007-2427 MILW0RM BID
| Ruben Boelinger -- myflash
| PHP remote file inclusion vulnerability in myflash-button.php in the myflash 1.00 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter. | | 7.0 | CVE-2007-2485 MILW0RM OTHER-REF BID FRSIRT XF
| Sphider -- Sphider
| ** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. NOTE: a third party disputes this vulnerability, stating that "the application is not vulnerable to this issue." | | 7.0 | CVE-2007-2411 BUGTRAQ BID BUGTRAQ XF
| Sun -- JRE Sun -- SDK Sun -- Java Enterprise System
| Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files. | | 7.0 | CVE-2007-2435 SUNALERT BID FRSIRT SECUNIA SECTRACK XF
| Symantec -- LiveState Recovery Symantec -- Ghost Symantec -- BackupExec System Recovery Symantec -- Norton Save & Recovery
| Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string. | | 7.0 | CVE-2007-2359 IDEFENSE OTHER-REF SECTRACK XF
| Symantec -- Enterprise Security Manager
| The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent upgrade protocol. | | 10.0 | CVE-2007-2375 OTHER-REF BID SECUNIA
| Tecnick.com -- TCExam
| Dynamic variable evaluation vulnerability in shared/config/tce_config.php in TCExam 4.0.011 and earlier allows remote attackers to conduct cross-site scripting (XSS) and possibly other attacks by modifying critical variables such as $_SERVER, as demonstrated by injecting web script via the _SERVER[SCRIPT_NAME] parameter. | | 7.0 | CVE-2007-2431 MILW0RM OTHER-REF VIM
| The GIMP Team -- GIMP
| Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file. | | 8.0 | CVE-2007-2356 MILW0RM BID SECUNIA XF OTHER-REF FRSIRT
| The Merchant Project -- The Merchant
| PHP remote file inclusion vulnerability in help/index.php in The Merchant (themerchant) 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the show parameter. | | 7.0 | CVE-2007-2424 MILW0RM
| Tony Cook -- Imager
| Heap-based buffer overflow in Imager before 0.57 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via compressed 8-bit BMP files. | | 10.0 | CVE-2007-2413 OTHER-REF OTHER-REF SECUNIA BID FRSIRT
| Turnkey Web Tools -- SunShop Shopping Cart
| Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different vectors than CVE-2007-2070. | | 7.0 | CVE-2007-2474 BUGTRAQ BID
| VIM Development Group -- VIM
| The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines. | | 8.0 | CVE-2007-2438 MLIST MLIST OTHER-REF OTHER-REF OTHER-REF OTHER-REF BUGTRAQ BID FRSIRT SECUNIA
| WF-Links -- WF-Links
| SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) 1.03 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | | 7.0 | CVE-2007-2373 MILW0RM
| Wildbits -- myGallery
| PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter. | | 7.0 | CVE-2007-2426 MILW0RM BID FRSIRT SECUNIA XF
| Xoops -- John Mordo Jobs Module
| SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings. | | 7.0 | CVE-2007-2370 MILW0RM VIM
|