8669 matches found
CVE-2007-3806
The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initializati...
CVE-2007-3806
The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initializati...
CVE-2007-3668
Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia NMSDVDX allow remote attackers to cause a denial of service via "improperly initialized" 1 LoadSegmentWord, 2 PartitionType, 3 SectorCount, and 4 BootFilePath variables...
PPPoE socket PPPIOCGCHAN denial of service
Memory leak in the PPP over Ethernet PPPoE socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service memory consumption by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized...
PPPoE socket PPPIOCGCHAN denial of service
Memory leak in the PPP over Ethernet PPPoE socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service memory consumption by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized...
RHEL 5 : kernel (RHSA-2007:0347)
Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...
CVE-2007-2727
The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...
CVE-2007-2727
The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...
CVE-2007-2727
The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...
PT-2007-4043 · Php · Php
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 4.4.7 PHP versions 5.0.x and earlier PHP versions prior to 5.2.1 Description: The issue affects the encryption process, making it easier for attackers to decrypt certain data due to guessable encryption keys. This is...
CVE-2007-2604
Unspecified vulnerability in the FlexLabel ActiveX control allows remote attackers to cause a denial of service unstable behavior via an improper initialization, as demonstrated by a certain value of the Caption property...
Input validation
Unspecified vulnerability in the FlexLabel ActiveX control allows remote attackers to cause a denial of service unstable behavior via an improper initialization, as demonstrated by a certain value of the Caption property...
PT-2007-3691 · B2Evolution · B2Evolution
Name of the Vulnerable Software and Affected Versions: b2evolution affected versions not specified Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in several parameters, including the inc path parameter to various PHP files in the blogs directory, the view...
XGetPixel() integer overflow
Multiple integer overflows in 1 the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and 2 XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service crash or obtain sensitive information via crafted images with large or negative...
Input validation
The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments...
CVE-2007-1402
The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments...
Default credentials
The modperl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file...
CVE-2007-0792
The modperl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file...
CVE-2007-0792
The modperl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file...