CVE-2007-4750

Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allows user-assisted remote attackers to execute arbitrary code via a crafted RDZ archive in which the first file has an executable extension...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/settings.inc.php in Ajax File Browser 3 Beta allows remote attackers to execute arbitrary PHP code via a URL in the approot parameter...

CVE-2007-4916

Heap-based buffer overflow in the FileFind::FindFile method in 1 MFC42.dll, 2 MFC42u.dll, 3 MFC71.dll, and 4 MFC71u.dll in Microsoft Foundation Class MFC Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard HP All-in-One and Photo & Imaging Gallery 1.1 and...

Buffer overflow

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...

CVE-2007-4727

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...

CVE-2007-4818

Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the docroot parameter to 1 addons/plugin.php, 2 addons/sidebar.php, 3 mail/index.php, or 4 mail/mailbox.php in modules/...

Remote file inclusion

PHP remote file inclusion vulnerability in environment.php in AnyInventory 1.9.1 and 2.0, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIRPREFIX parameter...

Buffer overflow

Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attackers to execute arbitrary code via a long Logo parameter...

CVE-2007-3996

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...

Null pointer dereference

EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to pldbgcreatelistener, which allows remote authenticated users to cause a denial of service daemon crash and possibly execute arbitrary code via a SELECT statement that invokes a...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to 1 intern/admin/other/backup.php, 2 intern/admin/, 3 intern/clan/memberadd.php, 4 intern/config/key2.php, or 5 intern/config/forum.php...

CVE-2007-4629

Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name...

Remote file inclusion

PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual War VWar 1.5.0 R15 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1503, CVE-2006-1636, and CVE-2006-1747...

CVE-2007-4467

Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX control beans.ocx 1.1.8.16 and earlier, as used by Oracle Forms applications from Oracle and third parties, allow remote attackers to execute arbitrary code via unspecified "initialization parameters." NOTE: it was later...

CVE-2007-4584

Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable...

Buffer overflow

Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service crash and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large...

CVE-2007-4580

Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service crash and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large...

Format string

Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB APW file...

Remote file inclusion

PHP remote file inclusion vulnerability in adisplay.php in PhPress 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter...

CVE-2007-4507

Multiple buffer overflows in the phpntuser component for PHP 5.2.3 allow context-dependent attackers to cause a denial of service or execute arbitrary code via long arguments to the 1 ntusergetuserlist, 2 ntusergetuserinfo, 3 ntusergetusergroups, or 4 ntusergetdomaincontroller functions...