|
261001
|
- |
|
ibm
|
aix
|
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line a…
|
CWE-189
Numeric Errors
|
CVE-2007-4622
|
2017-07-29 10:33 |
2007-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261002
|
- |
|
polipo
|
polipo
|
Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request.
|
NVD-CWE-Other
|
CVE-2007-4625
|
2017-07-29 10:33 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261003
|
- |
|
qgit
|
qgit
|
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temp…
|
CWE-59
Link Following
|
CVE-2007-4631
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261004
|
- |
|
cisco
|
unified_communications_manager
call_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)…
|
CWE-79
Cross-site Scripting
|
CVE-2007-4633
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261005
|
- |
|
cisco
|
unified_communications_manager
call_manager
|
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow rem…
|
CWE-89
SQL Injection
|
CVE-2007-4634
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261006
|
- |
|
microworld_technologies
|
escan_anti-virus
escan_internet_security
escan_virus_control
|
MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 use weak permissions (Everyone:Full Control) for their installation directory trees, which allows local…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4649
|
2017-07-29 10:33 |
2007-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261007
|
- |
|
adobe
|
connect_enterprise_server
|
Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows remote attackers to read certain pages that are restricted to the administrator via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4651
|
2017-07-29 10:33 |
2007-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261008
|
- |
|
php
|
php
|
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
|
CWE-59
Link Following
|
CVE-2007-4652
|
2017-07-29 10:33 |
2007-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261009
|
- |
|
cgi-rescue
|
shopping_basket_professional
|
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via d…
|
CWE-200
CWE-22
Information Exposure
Path Traversal
|
CVE-2007-4655
|
2017-07-29 10:33 |
2007-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261010
|
- |
|
cgi-rescue
|
shopping_basket_professional
|
Additional information can be found at: http://www.securityfocus.com/bid/25500/info
|
CWE-200
CWE-22
Information Exposure
Path Traversal
|
CVE-2007-4655
|
2017-07-29 10:33 |
2007-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
