Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Alcatel -- OmniPCX Enterprise
| Alcatel-Lucent IP-Touch Telephone running OmniPCX Enterprise 7.0 and later enables the mini switch by default, which allows attackers to gain access to the voice VLAN via daisy-chained systems. | | 7.0 | CVE-2007-2512 OTHER-REF XF
| Apple -- Xserve Lights-Out Management
| Apple Xserve Lights-Out Management before Firmware Update 1.0 on Intel hardware does not require a password for remote access to IPMI, which allows remote attackers to gain administrative access via unspecified requests with ipmitool. | | 10.0 | CVE-2007-2387 OTHER-REF OTHER-REF APPLE BID FRSIRT SECUNIA
| Calimero.CMS -- Calimero.CMS
| Session fixation vulnerability in Calimero.CMS 3.3.1232 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | | 7.0 | CVE-2007-3053 BUGTRAQ OTHER-REF
| Centennial -- Discovery Symantec -- Discovery Numara -- Asset Manager
| Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173. | | 8.0 | CVE-2007-2514 BUGTRAQ OTHER-REF BID SECTRACK
| Chameleon CMS -- Chameleon CMS
| Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | | 7.0 | CVE-2007-3050 BUGTRAQ OTHER-REF
| Clam Anti-Virus -- ClamAV
| unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors. | | 7.0 | CVE-2007-3023 MLIST OTHER-REF
| Comdev -- Comdev eCommerce
| PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. | | 7.0 | CVE-2007-3081 BUGTRAQ XF
| Comdev -- Comdev Web Blogger
| PHP remote file inclusion vulnerability in sampleblogger.php in Comdev Web Blogger 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter, a different vector than CVE-2006-5441. | | 7.0 | CVE-2007-3084 BUGTRAQ XF
| Computer Associates -- Common Services Computer Associates -- BrightStor ARCserve Backup Computer Associates -- BrightStor Enterprise Backup Computer Associates -- Anti-Virus
| Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file. | | 10.0 | CVE-2007-2863 BUGTRAQ OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| Computer Associates -- eTrust Anti-Virus SDK Computer Associates -- Common Services Computer Associates -- eTrust EZ Antivirus Computer Associates -- eTrust Antivirus Computer Associates -- eTrust Secure Content Manager Computer Associates -- Unicenter Network and Systems Management Computer Associates -- eTrust Antivirus for the Gateway Computer Associates -- Anti-Virus Computer Associates -- BrightStor ARCserve Backup Computer Associates -- Protection Suites Computer Associates -- eTrust EZ Armor Computer Associates -- Integrated Threat Management Computer Associates -- Internet Security Suite
| Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. | | 8.0 | CVE-2007-2864 BUGTRAQ OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| Dian Gemilang -- DGNews
| SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a fullnews action, a different vector than CVE-2007-0693. | | 7.0 | CVE-2007-2994 BUGTRAQ BID SECUNIA
| Digital River -- eSellerate SDK
| Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument. | | 8.0 | CVE-2007-3071 OTHER-REF BID
| E-Book Systems -- FlipViewer
| Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer before 4.1 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via long (1) UID, (2) Opf, (3) PAGENO, (4) LaunchMode, (5) SubID, (6) BookID, (7) LibraryID, (8) SubURL, and (9) LoadOpf properties. | | 8.0 | CVE-2007-2919 CERT-VN BID FRSIRT SECUNIA
| EQdkp -- EQdkp
| SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter. | | 7.0 | CVE-2007-3077 MILW0RM BID FRSIRT SECUNIA XF
| F5 -- Firepass 4100
| my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter. | | 7.0 | CVE-2007-3097 BUGTRAQ OTHER-REF BID FRSIRT SECTRACK SECUNIA XF
| Gaya Design -- ComicSense
| SQL injection vulnerability in index.php in Comicsense allows remote attackers to execute arbitrary SQL commands via the epi parameter. | | 7.0 | CVE-2007-3088 BUGTRAQ
| GNU -- screen
| ** DISPUTED ** GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue. | | 7.0 | CVE-2007-3048 FULLDISC FULLDISC FULLDISC FULLDISC XF
| Hunkaray Okul -- Portaly
| SQL injection vulnerability in haberoku.asp in Hunkaray Okul Portaly 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2007-3080 BID
| IBM -- Lotus Domino
| IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database. | | 8.0 | CVE-2007-0068 OTHER-REF BID FRSIRT SECUNIA
| IBM -- AIX
| Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl." | | 8.0 | CVE-2007-2996 OTHER-REF AIXAPAR BID SECUNIA
| Inout Scripts -- Inout Meta Search Engine
| A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/create_engine.php followed by a request to admin/generate_tabs.php. | | 7.0 | CVE-2007-2988 BUGTRAQ MILW0RM BID BID
| K-Letter -- K-Letter
| Multiple PHP remote file inclusion vulnerabilities in Kravchuk letter (K-letter) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the scdir parameter to (1) action.php, (2) subs.php, or (3) unsubs.php. | | 7.0 | CVE-2007-3118 MILW0RM BID FRSIRT XF
| Kartli Alisveris Sistemi -- Kartli Alisveris Sistemi
| SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | | 7.0 | CVE-2007-3119 MILW0RM
| Macrovision -- Update Service Macrovision -- FLEXnet Connect
| Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328. | | 10.0 | CVE-2007-2419 OTHER-REF OTHER-REF SECUNIA
| Mbedthis Software -- Mbedthis AppWeb HTTP server
| Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing (XST) attacks, a related issue to CVE-2004-2320 and CVE-2005-3398. | | 7.0 | CVE-2007-3008 OTHER-REF OTHER-REF
| MeAlex -- My Datebook
| SQL injection vulnerability in diary.php in My Datebook allows remote attackers to execute arbitrary SQL commands via the delete parameter. | | 7.0 | CVE-2007-3063 BUGTRAQ
| Microsoft -- Internet Explorer
| Race condition in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability." | | 8.0 | CVE-2007-3091 BUGTRAQ FULLDISC OTHER-REF CERT-VN BID SECTRACK XF
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be leveraged for phishing and other attacks. | | 8.0 | CVE-2007-3092 BUGTRAQ FULLDISC OTHER-REF BID SECTRACK XF
| Microsoft -- Internet Explorer Provideo -- Camimage ActiveX Control
| Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a long URL property value. | | 10.0 | CVE-2007-3111 MILW0RM FRSIRT SECUNIA
| Mozilla -- Firefox
| Mozilla Firefox does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568. | | 10.0 | CVE-2007-3089 BUGTRAQ FULLDISC OTHER-REF OTHER-REF OTHER-REF BID
| Mozilla -- Firefox
| Mozilla Firefox does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, aka the "dialog refocus bug." | | 8.0 | CVE-2007-3090 BUGTRAQ FULLDISC OTHER-REF OTHER-REF BID
| Mplayer -- Mplayer
| Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category. | | 8.0 | CVE-2007-2948 MLIST OTHER-REF OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| myWebland -- MyBloggie
| Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225. | | 7.0 | CVE-2007-3003 BUGTRAQ BID XF
| Nexen -- AdminBot MX
| PHP remote file inclusion vulnerability in lib/live_status.lib.php in AdminBot MX 9.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the ROOT parameter. | | 7.0 | CVE-2007-2986 MILW0RM VIM
| Omegasoft -- INterneSErvicesLosungen
| Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) allow remote attackers to execute arbitrary SQL commands via (1) user-created text fields; the (2) F05003, (3) F05005, and (4) F05015 fields; and other unspecified standard fields. | | 7.0 | CVE-2007-2992 BUGTRAQ BID
| Particle Soft -- Particle Gallery
| SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862. | | 7.0 | CVE-2007-3065 MILW0RM BID FRSIRT SECUNIA
| PBSite -- PBSite
| Multiple PHP remote file inclusion vulnerabilities in PBSite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dbpath parameter to (a) useronline.php, (b) ucp.php, (c) setcookie.php, (d) sendpm.php, (e) search.php, (f) register.php, (g) profile.php, (h) post.php, (i) pmpshow.php, (j) pm.php, (k) ntopic.php, (l) nreply.php, (m) news.php, (n) memberslist.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (u) editpost.php, (v) delpost.php, (w) delpm.php, (x) confirm.php, (y) board.php, (z) admin2.php, (aa) admin.php, or (bb) templates/pb/css/formstyles.php; or the (2) temppath parameter to (a) useronline.php, (c) setcookie.php, (e) search.php, (f) register.php, (h) post.php, (l) nreply.php, (m) news.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (w) delpm.php, (x) confirm.php, or (y) board.php. | | 7.0 | CVE-2007-3085 BUGTRAQ BUGTRAQ XF
| Pheap -- Pheap
| Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to the administrator's username. NOTE: this can be leveraged to upload and execute arbitrary PHP code via an update_doc action in edit.php. | | 10.0 | CVE-2007-2985 MILW0RM
| PHP -- PHP
| Integer overflow in the chunk_split function in PHP 5 before 5.2.3 has unknown impact and attack vectors. | | 7.0 | CVE-2007-2872 OTHER-REF
| PHP JackKnife -- PHP JackKnife
| Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers to execute arbitrary SQL commands via (1) the iCategoryUnq parameter to G_Display.php or (2) the iSearchID parameter to Search/DisplayResults.php. | | 7.0 | CVE-2007-3000 BUGTRAQ BID
| php(Reactor) -- php(Reactor)
| Multiple PHP remote file inclusion vulnerabilities in php(Reactor) 1.2.7 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter to (1) view.inc.php, (2) users.inc.php, (3) updatecms.inc.php, and (4) polls.inc.php in inc/; and other unspecified files, different vectors than CVE-2006-3983. | | 7.0 | CVE-2007-3066 BUGTRAQ XF
| PostNuke Software Foundation -- PNphpBB
| SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earlier module for PostNuke allows remote attackers to execute arbitrary SQL commands via the c parameter. | | 7.0 | CVE-2007-3052 MILW0RM FRSIRT SECUNIA
| RevokeSoft -- RevokeBB
| SQL injection vulnerability in inc/class_users.php in RevokeSoft RevokeBB 1.0 RC4 and earlier allows remote attackers to execute arbitrary SQL commands via the revokebb_user cookie. | | 7.0 | CVE-2007-3051 BUGTRAQ MILW0RM BID FRSIRT XF
| SalesCart -- Shopping Cart
| Multiple SQL injection vulnerabilities in cgi-bin/reorder2.asp in SalesCart Shopping Cart allow remote attackers to execute arbitrary SQL commands via the password field and other unspecified vectors. | | 7.0 | CVE-2007-2997 BUGTRAQ BID XF
| Sun -- JDK Sun -- SDK Sun -- JRE
| Buffer overflow in the image parsing implementation in the Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets or applications that grant privileges to themselves. | | 8.0 | CVE-2007-3004 SUNALERT
| Sun -- Solaris
| Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server. | | 10.0 | CVE-2007-3093 SUNALERT BID
| Symantec -- Veritas Storage Foundation
| The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create registry values specifying future command execution. | | 10.0 | CVE-2007-2279 OTHER-REF BID
| Symantec -- Symantec Reporting Server
| Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via unknown manipulations of a file that is created during data export. | | 7.0 | CVE-2007-3021 OTHER-REF
| Vonage -- VoIP Telephone Adapter
| The Vonage VoIP Telephone Adapter has a default administrator username "user" and password "user," which allows remote attackers to obtain administrative access. | | 7.0 | CVE-2007-3047 BUGTRAQ
| Zenturi -- Zenturi ProgramChecker
| Multiple buffer overflows in certain ActiveX controls in sasatl.dll in Zenturi ProgramChecker allow remote attackers to execute arbitrary code via unspecified vectors. | | 7.0 | CVE-2007-2987 CERT-VN BID
|