901 matches found
CVE-2007-3106
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...
[CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos
Advisory : JWIG Context-Dependent Template Calling Dos CVE- 2007-3816 Dated : 12 July 2007 Vulnerable Software : BRICS, JWIG Severity : Intermediate Explanation: JWIG might allow context-dependent attackers to cause a denial of service service degradation via loops of references to external...
CVE-2007-3790
The vulnerability CVE-2007-3790 affects PHP 5.2.3 with the bz2 extension, where the com_print_typeinfo function can be exploited by a crafted long argument to cause a denial of service. Connected sources confirm the affected component and impact, but no specific patch version or remediation is pr...
Cross site scripting
Adobe Integrated Runtime AIR, aka Apollo allows context-dependent attackers to modify arbitrary files within an executing .air file compiled AIR application and perform cross-site scripting XSS attacks, as demonstrated by an application that modifies an HTML file inside itself via JavaScript that...
CVE-2007-3528
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
Design/Logic Flaw
The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...
CVE-2007-2999
Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account...
CVE-2007-3007
PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...
CVE-2007-3007
PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...
CVE-2007-2999
CVE-2007-2999 affects Microsoft Windows Server 2003 where time-restricted user accounts produce different error messages for failed logins with valid usernames versus invalid usernames. This behavior enables context-dependent attackers to enumerate valid Active Directory account names. The vulner...
CVE-2007-3007
PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...
Design/Logic Flaw
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...
CVE-2006-7205
The arrayfill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 allows context-dependent attackers to cause a denial of service memory consumption via a large num value...
Information disclosure
The substrcount function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375...
CVE-2007-2727
The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...
CVE-2007-2727
The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...
CVE-2007-1926
Cross-site scripting XSS vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via 1 http or 2 ftp requests logged in /var/log/directadmin/security.log; 3 allows context-dependent...
CVE-2007-1926
Cross-site scripting XSS vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via 1 http or 2 ftp requests logged in /var/log/directadmin/security.log; 3 allows context-dependent...
CVE-2007-1886
Integer overflow in the strreplace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."...
CVE-2007-1717
The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ '\0' byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases...