Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | 3Com -- OfficeConnect Secure Router
| Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter. | | 1.9 | CVE-2006-3974 OTHER-REF BID FRSIRT SECUNIA XF
| Almnzm -- Almnzm
| Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters. | | 2.3 | CVE-2007-3173 BUGTRAQ XF
| Apache Software Foundation -- Tomcat
| Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence. | | 2.3 | CVE-2007-2449 BUGTRAQ OTHER-REF
| Apple -- Safari
| Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 1.9 | CVE-2007-2391 APPLE
| Apple -- Safari
| Apple Safari for Windows public beta allows remote attackers to cause a denial of service (crash) via unspecified DHTML manipulations that trigger memory corruption, as demonstrated using Hamachi. | | 3.3 | CVE-2007-3185 OTHER-REF
| Arris -- Cadant C3 CMTS
| Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option. | | 3.3 | CVE-2007-2796 OTHER-REF
| Beehive Forum -- Beehive Forum
| Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewmode, (2) fid, and (3) sort_dir parameters, different vectors than CVE-2005-4460. | | 2.3 | CVE-2007-3212 OTHER-REF BID SECUNIA
| Bruce Corkhill -- Web Wiz Rich Text Editor
| Cross-site scripting (XSS) vulnerability in the rich text editor in Webwiz allows remote attackers to inject arbitrary web script or HTML via URL-encoded HTML composed of a frameset in which a frame has a SRC attribute pointing to a JavaScript document. | | 1.9 | CVE-2007-3202 BUGTRAQ BID
| Daniel Stenberg -- c-ares
| The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote attackers to spoof DNS responses by guessing certain values. | | 2.3 | CVE-2007-3153 OTHER-REF
| Domain Technologie Control -- Domain Technologie Control
| Cross-site scripting (XSS) vulnerability in 404.php in Domain Technologie Control (DTC) before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI). NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 1.9 | CVE-2007-3211 BID SECUNIA XF
| EDraw -- Office Viewer Component
| Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long first argument to the HttpDownloadFile method. | | 1.9 | CVE-2007-3169 MILW0RM OTHER-REF BID FRSIRT SECUNIA XF
| ERFAN WIKI -- ERFAN WIKI
| Cross-site scripting (XSS) vulnerability in index.php in ERFAN WIKI 1.00 allows remote attackers to inject arbitrary web script or HTML via the title parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 2.3 | CVE-2007-3195 BID SECUNIA
| Frederico Caldeira Knabben -- FCKeditor
| Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658. | | 2.3 | CVE-2007-3163 OTHER-REF OTHER-REF
| Galeon -- Galeon Browser
| Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication. | | 3.7 | CVE-2007-3145 OTHER-REF BID
| Hardened-PHP Project -- Subhosin PHP -- PHP Hardened-PHP Project -- Hardened-PHP
| The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Subhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Subhosin. | | 2.3 | CVE-2007-3205 BUGTRAQ BUGTRAQ
| Ingate -- Ingate Firewall Ingate -- Ingate SIParator
| Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report. | | 1.4 | CVE-2007-3176 OTHER-REF FRSIRT SECUNIA
| Invision Power Services -- Invision Power Board
| Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 through 2.2.2 allows remote attackers to modify another user's profile data, such as an AIM screen name or Yahoo! identity. | | 3.3 | CVE-2007-3219 OTHER-REF BID SECUNIA
| JFFNMS -- JFFNMS
| Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter. | | 2.3 | CVE-2007-3189 FULLDISC SECUNIA
| Linux -- Kernel
| Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file. | | 2.3 | CVE-2007-2875 IDEFENSE OTHER-REF OTHER-REF BID
| Linux -- Kernel
| The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference. | | 2.3 | CVE-2007-2876 MLIST MLIST OTHER-REF
| Maran -- PHP Blog
| Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter. | | 2.3 | CVE-2007-3198 BUGTRAQ OTHER-REF BID SECUNIA XF
| Microsoft -- Outlook Express Microsoft -- Windows Mail
| A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability." | | 1.9 | CVE-2007-2225 MS
| Microsoft -- Outlook Express Microsoft -- Windows Mail
| The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability." | | 1.9 | CVE-2007-2227 MS
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 7, when prompting for HTTP Basic Authentication for an IDN web site, uses ACE labels for the domain name in the status bar, but uses internationalized labels for this name in the authentication dialog, which might allow remote attackers to perform phishing attacks if the user misinterprets confusable characters in the internationalized labels, as demonstrated by displaying xn--theshmogroup-bgk.com only in the status bar. | | 3.7 | CVE-2007-3164 OTHER-REF OTHER-REF
| MiniWeb HTTP Server -- MiniWeb HTTP Server
| http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header. | | 2.3 | CVE-2007-3159 MILW0RM BID SECUNIA XF
| NonGNU -- Mail Notification
| Mail Notification 4.0, when WITH_SSL is set to 0 at compile time, uses unencrypted connections for accounts configured with SSL/TLS, which allows remote attackers to obtain sensitive information by sniffing the network. | | 3.3 | CVE-2007-3209 OTHER-REF OTHER-REF SECUNIA XF
| Novell -- Novell Modular Authentication Service
| NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file. | | 2.3 | CVE-2007-3200 OTHER-REF BID FRSIRT SECTRACK SECUNIA XF
| Packeteer -- PacketShaper
| rpttop.htm in the web management interface in Packeteer PacketShaper 7.3.0g2 and 7.5.0g1 allows remote attackers to cause a denial of service (device reboot) via a request with empty values of the OP.MEAS.DATAQUERY and MEAS.TYPE parameters. | | 2.3 | CVE-2007-3151 BUGTRAQ BID
| PHP Live! -- PHP Live!
| Cross-site scripting (XSS) vulnerability in request.php in PHP Live! 3.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the pagex parameter. | | 2.3 | CVE-2007-3218 OTHER-REF BID
| Red Hat -- Red Hat Enterprise Linux Desktop Red Hat -- Red Hat Enterprise Linux
| usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss). | | 3.3 | CVE-2007-3099 OTHER-REF OTHER-REF REDHAT SECUNIA
| Red Hat -- Red Hat open-iscsi
| usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore. | | 2.3 | CVE-2007-3100 OTHER-REF OTHER-REF REDHAT SECUNIA
| SafeNet -- SafeNet HighAssurance Remote SafeNet -- SoftRemote VPN Client
| IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec. | | 2.3 | CVE-2007-3157 FULLDISC OTHER-REF BID XF
| SpamAssassin -- SpamAssassin
| SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd. | | 1.3 | CVE-2007-2873 OTHER-REF
| Sporum Forum -- Sporum Forum
| Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) view and (2) mode parameters. | | 1.9 | CVE-2007-3213 OTHER-REF SECUNIA
| Subversion -- Subversion
| Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit. | | 2.0 | CVE-2007-2448 OTHER-REF BID SECTRACK
| TenYearsGone -- ASP Folder Gallery
| download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter. | | 2.3 | CVE-2007-3158 BUGTRAQ BID
| Tor -- Tor
| Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers. | | 2.3 | CVE-2007-3165 MLIST BID FRSIRT SECUNIA
| UebiMiau -- UebiMiau
| Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau Webmail allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to redirect.php or (2) the selected_theme parameter to demo/pop3/error.php. | | 1.9 | CVE-2007-3170 FULLDISC BID XF
| UebiMiau -- UebiMiau
| Uebimiau Webmail allows remote attackers to obtain sensitive information via a request to demo/pop3/error.php with an invalid value of the (1) smarty or (2) selected_theme parameter, which reveals the path in various error messages. | | 2.3 | CVE-2007-3171 FULLDISC BID XF
| UebiMiau -- UebiMiau
| Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in the selected_theme parameter. | | 2.3 | CVE-2007-3172 FULLDISC BID XF
| W2B -- Online Banking
| Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980. | | 1.9 | CVE-2007-3174 OTHER-REF XF
| Webmin -- Webmin
| Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) message, or (3) question parameter. NOTE: some of these details are obtained from third party information. | | 1.9 | CVE-2007-3156 OTHER-REF BID FRSIRT SECUNIA
| WestByte -- Internet Download Accelerator
| Buffer overflow in the NotSafe function in the idaiehlp ActiveX control in idaiehlp.dll 1.9.1.74 in Internet Download Accelerator (ida) 5.2 allows remote attackers to cause a denial of service (Internet Explorer crash) via a long argument. | | 2.3 | CVE-2007-3162 MILW0RM BID
| WinPT -- WinPT
| Visual truncation vulnerability in Windows Privacy Tray (WinPT) 1.2.0 allows user-assisted remote attackers to install a key listed under the wrong user ID, and possibly cause the user to encrypt a victim's correspondence with this attacker-supplied key, via a key ID composed of the attacker's user ID, space characters, an invalid WinPT message, additional space characters, and the victim's user ID. | | 2.7 | CVE-2007-3201 BUGTRAQ OTHER-REF BID XF
| Zen Help Desk Software -- Zen Help Desk
| Zen Help Desk 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for ZenHelpDesk.mdb. | | 2.3 | CVE-2007-3146 BUGTRAQ
|