|
256981
|
- |
|
ftp_admin
|
ftp_admin
|
Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in so…
|
CWE-22
Path Traversal
|
CVE-2007-6233
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256982
|
- |
|
ftp_admin
|
ftp_admin
|
index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain administrative access via a loggedin parameter with a value of true, as demonstrated by adding a user account.
|
CWE-287
Improper Authentication
|
CVE-2007-6234
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256983
|
- |
|
microsoft
|
windows_media_player
|
Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff.
|
CWE-189
Numeric Errors
|
CVE-2007-6236
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256984
|
- |
|
squid
|
squid_web_proxy_cache
|
The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP heade…
|
CWE-20
Improper Input Validation
|
CVE-2007-6239
|
2017-09-29 10:29 |
2007-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256985
|
- |
|
adobe
|
flash_player
|
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6243
|
2017-09-29 10:29 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256986
|
- |
|
adobe
|
flash_player
|
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6246
|
2017-09-29 10:29 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256987
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon…
|
CWE-189
Numeric Errors
|
CVE-2007-6276
|
2017-09-29 10:29 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256988
|
- |
|
redhat
|
enterprise_linux
enterprise_linux_desktop
|
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire E…
|
CWE-16
Configuration
|
CVE-2007-6282
|
2017-09-29 10:29 |
2008-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256989
|
- |
|
redhat
|
enterprise_linux
|
The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows…
|
CWE-16
Configuration
|
CVE-2007-6285
|
2017-09-29 10:29 |
2007-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256990
|
- |
|
iptel
|
serweb
|
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang…
|
CWE-94
Code Injection
|
CVE-2007-6289
|
2017-09-29 10:29 |
2007-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
