CVE-2007-2727

The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...

CVE-2007-2727

The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...

CVE-2007-2727

The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...

PT-2007-4043 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 4.4.7 PHP versions 5.0.x and earlier PHP versions prior to 5.2.1 Description: The issue affects the encryption process, making it easier for attackers to decrypt certain data due to guessable encryption keys. This is...

CVE-2007-2604

Unspecified vulnerability in the FlexLabel ActiveX control allows remote attackers to cause a denial of service unstable behavior via an improper initialization, as demonstrated by a certain value of the Caption property...

Input validation

Unspecified vulnerability in the FlexLabel ActiveX control allows remote attackers to cause a denial of service unstable behavior via an improper initialization, as demonstrated by a certain value of the Caption property...

PT-2007-3691 · B2Evolution · B2Evolution

Name of the Vulnerable Software and Affected Versions: b2evolution affected versions not specified Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in several parameters, including the inc path parameter to various PHP files in the blogs directory, the view...

XGetPixel() integer overflow

Multiple integer overflows in 1 the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and 2 XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service crash or obtain sensitive information via crafted images with large or negative...

Input validation

The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments...

CVE-2007-1402

The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments...

Default credentials

The modperl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file...

CVE-2007-0792

The modperl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file...

CVE-2007-0792

The modperl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file...

CVE-2006-5754

The aiosetupring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service crash via an unspecified error path that causes an incorrect free operation...

Kerberos administration daemon fails to properly initialize function pointers

Overview The Kerberos administration daemon fails to properly initialize pointers. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the Kerberos administration daemon handles...

Cisco Clean Access多个远程安全漏洞

Cisco Clean Access CCA是一种用于自动检测、隔离、清除受恶意代码感染的设备访问网络的软件解决方案。 CCA的实现上存在两个安全漏洞，远程攻击得可能利用这些漏洞获取非授权访问或得到敏感信息。 CCA与Cisco Clean Access Manager CAM交互时，交互双方需要相同的密钥，CAM端的密钥在CAM和CAS初始化时设定，CCA实现上的漏洞使此密钥不可被更改，网络上所有相关的设备共享了相同的密钥，可能导致非授权访问。此漏洞的Cisco Bug ID为CSCsd48626，影响如下的CCA版本： CCA releases 3.6.x - 3.6.4.2 CCA...

QuickCam VC Linux下的设备驱动QCAMVC_Video_Init缓冲区溢出漏洞

QuickCam linux device driver是一款Linux平台下的摄象头设备驱动。 QuickCam包含的初始化函数存在内存破坏，本地攻击者可以利用漏洞执行任意指令，提升特权。 问题存在于如下的函数中： static void qcamvcvideoinitstruct qcamvc qcamvc 由于缺少正确的边界条件检查，可导致内存破坏而执行任意指令。 De Marchi Daniele QuickCam 1.0.9 目前没有解决方案提供： http://digilander.iol.it/demarchidaniele/qcamvc/quickcam-vc.html...

phpProfiles <= 3.1.2b Multiple Remote File Include Vulnerabilities

No description provided by source. +------------------------------------------------------------------------------------------- + phpProfiles = 3.1.2b Multiple Remote File Include Vulnerabilities +------------------------------------------------------------------------------------------- + Affect...

phpProfiles 3.1.2b - Multiple Remote File Inclusions

phpProfiles 3.1.2b - Multiple Remote File Inclusions +------------------------------------------------------------------------------------------- + phpProfiles +------------------------------------------------------------------------------------------- + Details: + phpProfiles has several scripts...