LiveActive security incident?Get immediate response
CVE archive

January 2007

Browse CVE records published in January 2007, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 675 matching CVEs · Page 3 of 14.

Unknown · CVSS Not scored

CVE-2007-6429: Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbit...

Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension.

Published Jan 18, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-6067: Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in Post...

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

Published Jan 9, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5761: The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \\.\NantS...

The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \\.\NantSys device interface (nantsys.sys), which allows local users to gain privileges or cause a denial of service (system crash), as demonstrated by modifying the SYSENTER_EIP_MSR CPU Model Specific Register (MSR) value.

Published Jan 9, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5665: STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versions bef...

STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versions before 3.5.0.82, dynamically creates scripts in a world-writable directory when generating diagnostic reports, which allows local users to gain privileges, as demonstrated by creating a cmd.exe binary in the diagnostic report directory.

Published Jan 9, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5402: Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitr...

Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute arbitrary SQL commands via the sys_request_id parameter to editrequestenduser.asp; and allow remote authenticated users to execute arbitrary SQL commands via (2) the oldpassword parameter to writepwdenduser.asp, and the sys_request_id parameter to (3) changerequeststatus.asp, (4) editrequestuser.asp, (5) requestcommentsuser.asp, and (6) useractions.asp, different vectors than CVE-2004-2551.

Published Jan 9, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5403: Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated user...

Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Surname, (3) Telephone, and (4) Fax fields to writeenduserenduser.asp; the (5) Filter field to statsrequestypereport.asp; and the (6) sys_request_id parameter to requestattach.asp; and allow remote authenticated users to inject arbitrary web script or HTML via the (7) Asset, (8) Location, and (9) Problem fields to editrequestenduser.asp; the (10) Asset, (11) Asset Location, (12) Problem Desc, and (13) Solution Desc fields to editrequestuser.asp; and the (14) End User and (15) Description fields to usersearchrequests.asp. NOTE: vectors 5 and 6 do not require authentication to exploit.

Published Jan 9, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5360: Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDAL...

Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers to execute arbitrary code via vectors related to PAM authentication, a different vulnerability than CVE-2008-0003.

Published Jan 8, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-4771: Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components...

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.

Published Jan 28, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-0626: The comment_form_add_preview function in comment.module in Drupal before 4.7.6, and 5.x before 5.1, and vbD...

The comment_form_add_preview function in comment.module in Drupal before 4.7.6, and 5.x before 5.1, and vbDrupal, allows remote attackers with "post comments" privileges and access to multiple input filters to execute arbitrary code by previewing comments, which are not processed by "normal form validation routines."

Published Jan 31, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-0613: The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X...

The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.

Published Jan 31, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-0612: Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a...

Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEditDocument.1 objects in (b) triedit.dll, which cause a NULL pointer dereference.

Published Jan 31, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-0583: Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remo...

Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Published Jan 30, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-0637: Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers...

Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.

Published Jan 31, 2007 · Updated Aug 7, 2024