LiveActive security incident?Get immediate response
CVE archive

September 2007

Browse CVE records published in September 2007, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 442 matching CVEs · Page 1 of 9.

Critical · CVSS 9.8

CVE-2007-5097: PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (...

PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects offl_nflteam.php against direct requests

Published Sep 26, 2007 · Updated Jan 17, 2025

Medium · CVSS 6.1

CVE-2007-4465: Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when th...

Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.

Published Sep 14, 2007 · Updated Jan 17, 2025

Medium · CVSS 5.3

CVE-2007-4786: Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2...

Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information.

Published Sep 10, 2007 · Updated Jan 17, 2025

Unknown · CVSS Not scored

CVE-2007-0997: Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow loc...

Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers.

Published Sep 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-4913: ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote at...

ips_kernel/class_upload.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios under which this would be a vulnerability, but it is being tracked by CVE since the vendor has stated it is security-relevant.

Published Sep 17, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-0004: The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is moun...

The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the server, which allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server, as demonstrated in a root_squash environment. NOTE: it is uncertain whether any scenarios involving this issue cross privilege boundaries.

Published Sep 18, 2007 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2007-4741: Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows remote au...

Cross-site scripting (XSS) vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows remote authenticated administrators to inject arbitrary web script or HTML via the sort parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 6, 2007 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2007-6730: Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-3...

Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote router management via goform/formRmtMgt or (2) modify the administrator password via goform/formPasswordSetup.

Published Sep 10, 2009 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5474: The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chip...

The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long.

Published Sep 5, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5348: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and...

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability."

Published Sep 10, 2008 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5107: Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC S...

Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain.

Published Sep 26, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5120: Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote attack...

Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote attackers to inject arbitrary web script or HTML via the (1) group and (2) members parameters in (a) NewGroup.jsp; the (3) edittime parameter in (b) Edit.jsp; the (4) edittime, (5) author, and (6) link parameters in (c) Comment.jsp; the (7) loginname, (8) wikiname, (9) fullname, and (10) email parameters in (d) UserPreferences.jsp and (e) Login.jsp; the (11) r1 and (12) r2 parameters in (f) Diff.jsp; and the (13) changenote parameter in (g) PageInfo.jsp.

Published Sep 27, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5095: Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents...

Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expect to run, as demonstrated by the HTMLView parameter in an .asx file.

Published Sep 26, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5135: Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9....

Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.

Published Sep 27, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5108: Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack vectors.

Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. NOTE: this might be the same issue as CVE-2007-5107.

Published Sep 26, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5124: The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.5.3.12 and earlier allows re...

The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.5.3.12 and earlier allows remote attackers to execute arbitrary code via unspecified web script or HTML in an instant message, related to AIM's filtering of "specific tags and attributes" and the lack of Local Machine Zone lockdown. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-4901.

Published Sep 27, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5052: Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vigile CMS 1.8 allow remote attackers t...

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vigile CMS 1.8 allow remote attackers to inject arbitrary web script or HTML via a request to the wiki module with (1) the title parameter or (2) a "title=" sequence in the PATH_INFO, or a request to the download module with (3) the cat parameter or (4) a "cat=" sequence in the PATH_INFO.

Published Sep 24, 2007 · Updated Aug 7, 2024