Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | 3Com -- IntelliJack Switch NJ220
| The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service (reboot and reporting outage) via a loopback packet with zero in the length field. | | 5.0 | CVE-2007-3533 OTHER-REF FRSIRT SECUNIA
| akocomment -- akocomment
| Multiple SQL injection vulnerabilities in akocomment allow remote attackers to execute arbitrary SQL commands via the (1) acparentid or (2) acitemid parameter to an unspecified component, different vectors than CVE-2006-1421. | | 6.8 | CVE-2007-3573 BUGTRAQ
| Apache -- Derby
| Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables. | | 4.0 | CVE-2006-7216 OTHER-REF OTHER-REF
| Apache -- Derby
| Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode. | | 4.0 | CVE-2006-7217 OTHER-REF OTHER-REF
| B1G -- b1gBB
| Cross-site scripting (XSS) vulnerability in visitenkarte.php in b1gBB 2.24.0 allows remote attackers to inject arbitrary web script or HTML via the user parameter. | | 4.3 | CVE-2007-3590 MILW0RM BID
| bbs100 -- bbs100
| Buffer overflow in bbs100 before 3.2 allows remote attackers to cause a denial of service (crash) by attempting to login as the Guest user when another Guest user is already logged in. | | 6.1 | CVE-2007-3551 OTHER-REF BID SECUNIA
| Claroline -- Claroline
| Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF) to (1) index.php, (2) demo/claroline170/index.php, and possibly other scripts. | | 4.3 | CVE-2007-3517 OTHER-REF SECUNIA
| DAR -- DAR
| The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by (1) discarding random bits by the blowfish::make_ivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and (2) direct use of a password for keying, which makes it easier for context-dependent attackers to decrypt files. | | 5.0 | CVE-2007-3528 OTHER-REF OTHER-REF OTHER-REF OTHER-REF
| Doubleflex -- Liesbeth base CMS
| Liesbeth base CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an include file containing account credentials via a direct request for config.inc. | | 5.0 | CVE-2007-3556 BUGTRAQ OTHER-REF
| Firebird -- Firebird
| Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop on zero-length data. | | 6.8 | CVE-2007-3527 OTHER-REF OTHER-REF
| Frank Karau -- GL-SH Deaf Forum
| Multiple directory traversal vulnerabilities in GL-SH Deaf Forum 6.4.4 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) FORUM_LANGUAGE parameter to functions.php or the (2) style parameter to bottom.php. | | 6.4 | CVE-2007-3535 MILW0RM SECUNIA
| Fujitsu -- PRIMERGY BX300
| The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using (1) config/ip_management.htm and (2) config/snmp_config.htm. | | 5.0 | CVE-2007-3012 BUGTRAQ OTHER-REF BID SECUNIA
| Gorki Online -- Santrac Sitesi
| Multiple cross-site scripting (XSS) vulnerabilities in kayit.asp in Gorki Online Santrac Sitesi allow remote attackers to inject arbitrary web script or HTML via the (1) kullanici, (2) posta, or (3) takim_adi parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-3516 SECUNIA
| groupeclan.free.fr -- XCMS
| Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) Ent or (2) Lang parameter. | | 6.4 | CVE-2007-3523 MILW0RM
| Hiki -- Hiki
| Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename that is marked for deletion at logout. | | 6.4 | CVE-2007-2836 OTHER-REF OTHER-REF OTHER-REF OTHER-REF DEBIAN BID FRSIRT SECUNIA SECUNIA XF
| imlib -- imlib
| The _LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service (infinite loop) via a BMP image with a Bits Per Page (BPP) value of 0. | | 5.0 | CVE-2007-3568 OTHER-REF BID SECTRACK
| Jedox -- Palo
| The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View. | | 5.0 | CVE-2007-3581 OTHER-REF
| Kurinton -- sHTTPd
| Cross-site scripting (XSS) vulnerability in Kurinton sHTTPd 20070408 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-3541 OTHER-REF OTHER-REF FRSIRT SECUNIA
| Linksys -- WAG54GS
| Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the c4_trap_ip_ parameter and other unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-3574 OTHER-REF BID
| Linux -- Kernel
| The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). | | 4.9 | CVE-2007-3513 OTHER-REF FRSIRT
| Microsoft -- Internet Explorer
| ** DISPUTED ** Microsoft Internet Explorer 6 executes web script from URIs of arbitrary scheme names ending with the "script" character sequence, using the (1) vbscript: handler for scheme names with 7 through 9 characters, and the (2) javascript: handler for scheme names with 10 or more characters, which might allow remote attackers to bypass certain XSS protection schemes. NOTE: other researchers dispute the significance of this issue, stating "this only works when typed in the address bar." | | 4.3 | CVE-2007-3576 OTHER-REF OTHER-REF OTHER-REF OTHER-REF
| Moodle -- Moodle
| Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 allows remote attackers to inject arbitrary web script or HTML via a style expression in the search parameter, a different vulnerability than CVE-2004-1424. | | 4.3 | CVE-2007-3555 BUGTRAQ OTHER-REF OTHER-REF XF
| Mozilla -- Firefox
| The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12 and 2.0.0.4 allows remote attackers to change field focus and copy keystrokes via JavaScript, as demonstrated by changing focus from a textarea to a file upload field. | | 4.3 | CVE-2007-3511 FULLDISC OTHER-REF SECUNIA
| Nessus -- Nessus
| Cross-site scripting (XSS) vulnerability in the Windows GUI in Nessus Vulnerability Scanner before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 4.3 | CVE-2007-3546 OTHER-REF SECUNIA
| Novell -- Groupwise
| The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. | | 5.0 | CVE-2007-3571 OTHER-REF FRSIRT
| Oracle -- Applications Oracle -- Rapid Install Web Server
| Cross-site scripting (XSS) vulnerability in Rapid Install Web Server in Oracle Application Server 11i allows remote attackers to inject arbitrary web script or HTML via a URL to the "Secondary Login Page", as demonstrated using (1) pls/ and (2) pls/MSBEP004/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-3553 BID SECTRACK
| PHPIDS -- PHPIDS
| PHPIDS before 20070703 does not properly handle use of the substr method in (1) document.location.search and (2) document.referrer; (3) certain use of document.location.hash; (4) certain "window[eval" and similar expressions; (5) certain Function expressions; (6) certain '=' expressions, as demonstrated by a 'whatever="something"' sequence; and (7) certain "with" expressions, which allows remote attackers to inject arbitrary web script. | | 5.0 | CVE-2007-3577 OTHER-REF OTHER-REF
| PHPIDS -- PHPIDS
| PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script. | | 5.0 | CVE-2007-3578 OTHER-REF OTHER-REF
| PHPIDS -- PHPIDS
| PHPIDS before 20070703 does not properly handle setting the .text property of a SCRIPT element before its attachment to the DOM, which allows remote attackers to inject arbitrary web script. | | 5.0 | CVE-2007-3579 OTHER-REF OTHER-REF
| PHPIDS -- PHPIDS
| PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script. | | 4.3 | CVE-2007-3580 OTHER-REF OTHER-REF
| Pluxml -- Pluxml
| Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | | 4.3 | CVE-2007-3542 MILW0RM XF
| QT-Cute -- QuickTalk Forum
| Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php. | | 6.4 | CVE-2007-3505 MILW0RM BID FRSIRT SECUNIA XF
| RainWorx -- rwAuction Pro
| Multiple cross-site scripting (XSS) vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) show, (3) searchtype, (4) catid, and (5) searchtxt parameters, a different version and vectors than CVE-2005-4060. | | 4.3 | CVE-2007-3540 OTHER-REF
| Ripe Website Manager -- Ripe Website Manager
| Multiple PHP remote file inclusion vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) admin/includes/author_panel_header.php or (2) admin/includes/admin_header.php. | | 6.8 | CVE-2007-3524 MILW0RM SECUNIA
| SAP -- SAP Basis component 640 SAP -- SAP Basis component 700
| Multiple cross-site scripting (XSS) vulnerabilities in the SAP Internet Communication Framework (BC-MID-ICF) in the SAP Basis component 700 before SP12, and 640 before SP20, allow remote attackers to inject arbitrary web script or HTML via certain parameters associated with the default login error page. | | 4.3 | CVE-2007-3495 BUGTRAQ OTHER-REF
| Softlink Europe -- Oliver Library Management System
| Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6) SuggestedSearch, and (7) searchform parameters to the (b) "Basic Search page"; and (8) username parameter when (c) logging on. | | 6.8 | CVE-2007-3569 BUGTRAQ BID FRSIRT SECUNIA
| sPHPell -- sPHPell
| Multiple PHP remote file inclusion vulnerabilities in sPHPell 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the SpellIncPath parameter to (1) spellcheckpageinc.php, (2) spellchecktext.php, (3) spellcheckwindow.php, or (4) spellcheckwindowframeset.php. | | 6.8 | CVE-2007-3522 MILW0RM
| The GIMP Team -- GIMP
| Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. | | 6.8 | CVE-2007-2949 OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| webixir -- Efendy Blog
| Cross-site scripting (XSS) vulnerability in ara.asp in Efendy Blog 1.0 allows remote attackers to inject arbitrary web script or HTML via the ara parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 4.3 | CVE-2007-3561 SECUNIA
| Wheatblog -- Wheatblog
| SQL injection vulnerability in admin/login.php in Wheatblog (wB) 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. | | 6.8 | CVE-2007-3557 BUGTRAQ BID SECUNIA
| WordPress -- WordPress MU WordPress -- WordPress
| Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadata field; and then sending this file's content, along with its post_ID value, to (1) wp-app.php or (2) app.php. | | 6.0 | CVE-2007-3543 OTHER-REF OTHER-REF BID SECUNIA
| WordPress -- WordPress MU WordPress -- WordPress
| Unrestricted file upload vulnerability in (1) wp-app.php and (2) app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wp_postmeta table and the use of custom fields in normal (non-attachment) posts. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-3543. | | 6.5 | CVE-2007-3544 OTHER-REF
| Yoggie -- Pico Yoggie -- Pico Pro
| Incomplete blacklist vulnerability in cgi-bin/runDiagnostics.cgi in the web interface on the Yoggie Pico and Pico Pro allows remote attackers to execute arbitrary commands via shell metacharacters in the param parameter, as demonstrated by URL encoded "`" (backtick) characters (%60 sequences). | | 6.8 | CVE-2007-3572 FULLDISC BID FRSIRT SECUNIA XF
|