270471
|
- |
|
vavoom
|
vavoom
|
The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows remote attackers to cause a denial of service (daemon crash) via a string with a negative NewLen value within a certain UDP pack…
|
NVD-CWE-Other
|
CVE-2007-4535
|
2008-09-6 06:28 |
2007-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270472
|
- |
|
apache
|
geronimo
|
The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authentication requirements, depl…
|
CWE-287
Improper Authentication
|
CVE-2007-4548
|
2008-09-6 06:28 |
2007-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270473
|
- |
|
novell
|
groupwise_webaccess
|
Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstra…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4557
|
2008-09-6 06:28 |
2007-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270474
|
- |
|
polipo
|
polipo
|
Unspecified vulnerability in Polipo before 1.0.2 allows remote attackers to cause a denial of service (daemon crash) via certain network traffic associated with entities larger than 2 Gb.
|
NVD-CWE-Other
|
CVE-2007-4626
|
2008-09-6 06:28 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270475
|
- |
|
yahoo
|
messenger
|
Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to cause a denial of service (application crash) via certain file-transfer packets, possibly involving a buffer overflow, as demonstra…
|
CWE-119 CWE-20
Incorrect Access of Indexable Resource ('Range Error') Improper Input Validation
|
CVE-2007-4635
|
2008-09-6 06:28 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270476
|
- |
|
firebirdsql
|
firebird
|
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148.
|
CWE-200 CWE-264
Information Exposure Permissions, Privileges, and Access Controls
|
CVE-2007-4669
|
2008-09-6 06:28 |
2007-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270477
|
- |
|
iexpress
|
property_pro
|
SQL injection vulnerability in vir_login.asp in iExpress Property Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the Username parameter is covered by…
|
NVD-CWE-Other
|
CVE-2007-3992
|
2008-09-6 06:27 |
2007-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270478
|
- |
|
mike_dubman
|
windows_rsh_daemon
|
Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability i…
|
NVD-CWE-Other
|
CVE-2007-4006
|
2008-09-6 06:27 |
2007-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270479
|
- |
|
interspire
|
articlelive_nx
|
Multiple unspecified vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 have unknown impact and attack vectors, possibly related to (1) AL_SANITIZE and (2) "Calling the constructor to make s…
|
NVD-CWE-Other
|
CVE-2007-4147
|
2008-09-6 06:27 |
2007-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270480
|
- |
|
freshmeat
|
generic_software_wrappers_toolkit
|
Multiple race conditions in certain system call wrappers in Generic Software Wrappers Toolkit (GSWTK) allow local users to defeat system call interposition and possibly gain privileges or bypass audi…
|
NVD-CWE-Other
|
CVE-2007-4302
|
2008-09-6 06:27 |
2007-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|