|
264111
|
- |
|
the_seasar_foundation
|
mayaa
|
Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving (1) lack of charset specification wit…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4595
|
2017-07-29 10:33 |
2007-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264112
|
- |
|
ubuntu
|
ubuntu_linux
|
A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection inf…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4601
|
2017-07-29 10:33 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264113
|
- |
|
bea
|
weblogic_server
|
The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 sometimes selects the null cipher when others are available, which might al…
|
NVD-CWE-Other
|
CVE-2007-4615
|
2017-07-29 10:33 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264114
|
- |
|
ibm
|
aix
|
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-4621
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264115
|
- |
|
ibm
|
aix
|
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line a…
|
CWE-189
Numeric Errors
|
CVE-2007-4622
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264116
|
- |
|
polipo
|
polipo
|
Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request.
|
NVD-CWE-Other
|
CVE-2007-4625
|
2017-07-29 10:33 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264117
|
- |
|
qgit
|
qgit
|
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temp…
|
CWE-59
Link Following
|
CVE-2007-4631
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264118
|
- |
|
cisco
|
unified_communications_manager
call_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4633
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264119
|
- |
|
cisco
|
unified_communications_manager
call_manager
|
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow rem…
|
CWE-89
SQL Injection
|
CVE-2007-4634
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264120
|
- |
|
microworld_technologies
|
escan_anti-virus
escan_internet_security
escan_virus_control
|
MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4649
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
