CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2007

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2007-5795 Bypass 2007-11-02 2017-07-29
6.3
None Local Medium Not required None Complete Complete
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.
302 CVE-2007-5794 362 2007-11-13 2018-10-15
4.3
None Remote Medium Not required Partial None None
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
303 CVE-2007-5793 2007-11-01 2011-03-08
7.1
None Remote Medium Not required None None Complete
Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection.
304 CVE-2007-5792 310 2007-11-01 2017-07-29
7.1
None Remote Medium Not required Complete None None
The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP packets, which might allow remote attackers to eavesdrop by sniffing the network and reconstructing the RTP session.
305 CVE-2007-5791 287 DoS 2007-11-01 2017-07-29
10.0
None Remote Low Not required Complete Complete Complete
The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content.
306 CVE-2007-5790 310 +Info 2007-11-01 2017-07-29
2.1
None Local Low Not required Partial None None
The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for the password, which might allow local users to obtain sensitive information.
307 CVE-2007-5789 DoS 2007-11-01 2017-07-29
7.8
None Remote Low Not required None None Complete
The Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a flood of fragmented packets to port 5060.
308 CVE-2007-5788 119 DoS Overflow 2007-11-01 2017-07-29
7.1
None Remote Medium Not required None None Complete
Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP INVITE message.
309 CVE-2007-5787 264 2007-11-01 2018-10-15
5.0
None Remote Low Not required Partial None None
Micro Login System 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a password via a direct request for userpwd.txt.
310 CVE-2007-5786 94 Exec Code File Inclusion 2007-11-01 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_group.php; (6) inc_manager.php; (7) inc_newgroup.php; (8) inc_smb_conf.php; (9) inc_user.php; or (10) main.php.
311 CVE-2007-5785 94 Exec Code Sql 2007-11-01 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in file.php in JobSite Professional 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
312 CVE-2007-5784 94 Exec Code File Inclusion 2007-11-01 2017-09-29
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in index.php in CaupoShop Pro 2.x allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.
313 CVE-2007-5783 94 Exec Code Sql 2007-11-01 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter.
314 CVE-2007-5782 22 Dir. Trav. 2007-11-01 2017-09-29
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in dl.php in FireConfig 0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
315 CVE-2007-5781 94 Exec Code File Inclusion 2007-11-01 2017-09-29
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in inc/sige_init.php in Sige 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the SYS_PATH parameter.
316 CVE-2007-5780 94 Exec Code File Inclusion 2007-11-01 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in pub/pub08_comments.php in teatro 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter.
317 CVE-2007-5779 119 Exec Code Overflow 2007-11-01 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method.
318 CVE-2007-5778 310 +Info 2007-11-01 2018-10-15
6.4
None Remote Low Not required Partial None Partial
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.
319 CVE-2007-5777 264 2007-11-01 2018-10-15
5.0
None Remote Low Not required Partial None None
Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb.
320 CVE-2007-5776 22 Dir. Trav. 2007-11-01 2018-10-15
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence.
321 CVE-2007-5775 Exec Code 2007-11-01 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
322 CVE-2007-5774 200 +Info 2007-11-01 2017-09-29
5.0
None Remote Low Not required Partial None None
index.php in the File Manager module in Flatnuke 3 allows remote attackers to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message.
323 CVE-2007-5773 352 CSRF 2007-11-01 2017-09-29
4.3
None Remote Medium Not required None Partial None
Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter.
324 CVE-2007-5772 94 2007-11-01 2018-10-15
6.0
None Remote Medium ??? Partial Partial Partial
Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthenticated remote attackers can exploit this by leveraging a cookie manipulation issue.
325 CVE-2007-5771 264 2007-11-01 2018-10-15
7.5
None Remote Low Not required Partial Partial Partial
Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrative access via a myforum%00 cookie.
326 CVE-2007-5770 287 2007-11-14 2017-09-29
5.0
None Remote Low Not required None Partial None
The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.
327 CVE-2007-5767 119 Exec Code Overflow 2007-11-02 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character.
328 CVE-2007-5766 89 Exec Code Sql 2007-11-08 2018-10-15
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure.
329 CVE-2007-5756 119 Overflow +Priv 2007-11-14 2017-07-29
6.9
None Local Medium Not required Complete Complete Complete
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
330 CVE-2007-5755 119 Exec Code Overflow 2007-11-14 2017-07-29
9.3
None Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in the AOL AmpX ActiveX control in AmpX.dll 2.6.1.11 in AOL Radio allow remote attackers to execute arbitrary code via long arguments to unspecified methods.
331 CVE-2007-5741 94 Exec Code 2007-11-07 2018-10-15
7.5
None Remote Low Not required Partial Partial Partial
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.
332 CVE-2007-5667 20 +Priv Bypass 2007-11-14 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.
333 CVE-2007-5660 Exec Code Overflow 2007-11-02 2017-07-29
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
334 CVE-2007-5612 399 DoS 2007-11-21 2017-07-29
7.8
None Remote Low Not required None None Complete
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.
335 CVE-2007-5603 119 Exec Code Overflow 2007-11-05 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.
336 CVE-2007-5581 79 XSS 2007-11-08 2017-07-29
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified MeetingPlace 5.4 and earlier and 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName and (2) LastName parameters.
337 CVE-2007-5503 189 Exec Code Overflow 2007-11-30 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function.
338 CVE-2007-5501 399 DoS 2007-11-15 2017-07-29
7.8
None Remote Low Not required None None Complete
The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.
339 CVE-2007-5500 DoS 2007-11-20 2017-09-29
4.9
None Local Low Not required None None Complete
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information.
340 CVE-2007-5494 399 DoS 2007-11-30 2017-09-29
4.9
None Local Low Not required None None Complete
Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP.
341 CVE-2007-5398 119 Exec Code Overflow 2007-11-16 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.
342 CVE-2007-5396 134 Exec Code 2007-11-10 2017-07-29
6.8
None Remote Medium Not required Partial Partial Partial
Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle (who).
343 CVE-2007-5395 119 Exec Code Overflow 2007-11-08 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function.
344 CVE-2007-5393 119 Exec Code Overflow 2007-11-08 2017-09-29
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
345 CVE-2007-5392 119 Exec Code Overflow 2007-11-08 2017-09-29
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
346 CVE-2007-5361 DoS 2007-11-20 2018-10-15
8.5
None Remote Low Not required Partial None Complete
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename.
347 CVE-2007-5197 119 Exec Code Overflow 2007-11-02 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.
348 CVE-2007-5116 119 Exec Code Overflow 2007-11-07 2018-10-15
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
349 CVE-2007-4997 189 DoS 2007-11-06 2017-09-29
7.1
None Remote Medium Not required None None Complete
Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error."
350 CVE-2007-4994 255 Bypass 2007-11-06 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL.
Total number of vulnerabilities : 422   Page : 1 2 3 4 5 6 7 (This Page)8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.