Lucene search
K

6765 matches found

UbuntuCve
UbuntuCve
added 2007/10/05 9:17 p.m.32 views

CVE-2007-4568

Integer overflow in the buildrange function in X.Org X Font Server xfs before 1.0.5 allows context-dependent attackers to execute arbitrary code via 1 QueryXBitmaps and 2 QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow...

6.8CVSS6.4AI score0.03975EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2007/10/05 9:17 p.m.35 views

CVE-2007-4990

The swapchar2b function in X.Org X Font Server xfs before 1.0.5 allows context-dependent attackers to execute arbitrary code via 1 QueryXBitmaps and 2 QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap...

7.5CVSS6.3AI score0.10737EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2007/09/26 8:27 a.m.4 views

tomcat handling of cookie values

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the " character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks...

4.3CVSS5.8AI score0.16944EPSS
Exploits4References4
Prion
Prion
added 2007/09/24 10:17 p.m.11 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the cpass functionality in an admin action in index.php in XCMS allows remote attackers to change arbitrary passwords via certain password and rpassword parameters, possibly related to timestamp values...

4.3CVSS7.7AI score0.00883EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/09/24 10:0 p.m.21 views

CVE-2007-5060

Cross-site request forgery CSRF vulnerability in the cpass functionality in an admin action in index.php in XCMS allows remote attackers to change arbitrary passwords via certain password and rpassword parameters, possibly related to timestamp values...

7.1AI score0.00883EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2007/09/24 12:0 a.m.34 views

Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:186)

An integer overflow in the TIFF parser in OpenOffice.org prior to version 2.3 allows remote attackers to execute arbitrary code via a TIFF file with crafted values which triggers the allocation of an incorrect amount of memory which results in a heap-based buffer overflow. Updated packages have...

9.3CVSS6.2AI score0.1132EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2007/09/18 9:17 p.m.29 views

CVE-2007-2834

Integer overflow in the TIFF parser in OpenOffice.org OOo before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite StarSuite; allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of...

9.3CVSS6.6AI score0.1132EPSS
Exploits0References2
NVD
NVD
added 2007/09/12 7:17 p.m.5 views

CVE-2007-3871

Stampit Web uses guessable id values for online stamp purchases, which allows remote attackers to cause a denial of service stamp invalidation via a SOAP request with an id value for a stamp that has not yet been printed...

5CVSS6.7AI score0.01653EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/09/12 7:0 p.m.14 views

CVE-2007-3871

Stampit Web uses guessable id values for online stamp purchases, which allows remote attackers to cause a denial of service stamp invalidation via a SOAP request with an id value for a stamp that has not yet been printed...

6.7AI score0.01653EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/09/06 7:0 p.m.22 views

CVE-2007-4740

The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.RegistryManager.dll 1 in Telecom Italy Alice Messenger allows remote attackers to create registry keys and values via the arguments to the WriteRegistry method...

6.7AI score0.03715EPSS
Exploits1References7
Cvelist
Cvelist
added 2007/08/31 12:0 a.m.19 views

CVE-2007-4609

eyeOS uses predictable checksum values in the checknum parameter for access control, which allows remote attackers to register many accounts via doCreateUser actions, add many eyeBoard messages via addMsg actions, and cause a denial of service or conduct certain unauthorized activities, by guessi...

6.7AI score0.01382EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2007/08/07 7:20 p.m.7 views

Gdm denial of service

The GDM daemon in GNOME Display Manager GDM before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the gstrsplit function, which allows local users to cause a denial of service persistent daemon crash via a crafted...

1.5CVSS5.8AI score0.00327EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2007/08/07 10:17 a.m.17 views

CVE-2007-3381

The GDM daemon in GNOME Display Manager GDM before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the gstrsplit function, which allows local users to cause a denial of service persistent daemon crash via a crafted...

1.5CVSS5.9AI score0.00327EPSS
Exploits1References1
NVD
NVD
added 2007/08/07 10:17 a.m.8 views

CVE-2007-3381

The GDM daemon in GNOME Display Manager GDM before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the gstrsplit function, which allows local users to cause a denial of service persistent daemon crash via a crafted...

1.5CVSS6AI score0.00327EPSS
Exploits1References18
CVE
CVE
added 2007/08/07 10:0 a.m.65 views

CVE-2007-3381

CVE-2007-3381 affects the GDM daemon in GNOME Display Manager. The flaw stems from improper handling of NULL return values from g_strsplit, allowing a local attacker to crash the daemon (denial of service) via a crafted command to the daemon socket. Affected: GDM before 2.14.13; 2.16.x before 2.1...

1.5CVSS5.8AI score0.00327EPSS
Exploits1References18Affected Software1
securityvulns
securityvulns
added 2007/07/28 12:0 a.m.36 views

PHP glob code execution

With negative argument values it's possible to executed code from address space controlled by attacker...

3.8AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2007/07/26 9:0 p.m.21 views

CVE-2007-3106

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...

7.1AI score0.0314EPSS
Exploits0References27
Cvelist
Cvelist
added 2007/07/10 6:0 p.m.23 views

CVE-2006-4519

Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in 1 DICOM, 2 PNM, 3 PSD, 4 PSP, 5 Sun RAS, 6 XBM, and 7 XWD files...

7.3AI score0.05597EPSS
Exploits0References27
Cvelist
Cvelist
added 2007/07/03 8:0 p.m.19 views

CVE-2007-3536

Multiple buffer overflows in the AMX NetLinx VNC AmxVnc ActiveX control in AmxVnc.dll 1.0.13.0 allow remote attackers to execute arbitrary code via long 1 Host, 2 Password, or 3 LogFile property values...

7.8AI score0.1367EPSS
Exploits0References6
OSV
OSV
added 2007/07/03 6:30 p.m.5 views

CVE-2007-3528

The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by 1 discarding random bits by the blowfish::makeivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and 2 direct use of a password for keying, which makes it easier for context-dependent...

6.8AI score
Exploits0References8
Rows per page
Query Builder