LiveActive security incident?Get immediate response
CVE archive

October 2007

Browse CVE records published in October 2007, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 560 matching CVEs · Page 1 of 12.

Unknown · CVSS Not scored

CVE-2007-5551: Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors tha...

Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5556: Unspecified vulnerability in the Avaya VoIP Handset allows remote attackers to cause a denial of service (r...

Unspecified vulnerability in the Avaya VoIP Handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5561: Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise...

Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175. NOTE: this might be the same issue as CVE-2007-0282 or CVE-2007-0280, but there are insufficient details to be sure.

Published Oct 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5552: Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors.

Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5550: Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified ve...

Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5560: Heap-based buffer overflow in the Juniper HTTP Service allows remote attackers to execute arbitrary code vi...

Heap-based buffer overflow in the Juniper HTTP Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5160: Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys...

Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT parameter to (a) global.php, or the (2) DIR_PAGE parameter to (b) template/fr/page.php or (c) page/fr/boxConnection.php.

Published Oct 1, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5557: Unspecified vulnerability in the NEC mobile handset allows remote attackers to cause a denial of service (r...

Unspecified vulnerability in the NEC mobile handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2007-5554: Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference n...

Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2007-5559: Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary...

Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2007-5147: Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execu...

Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to (1) core/modules/my/my.module.php or (2) core/modules/xml/xml.module.php; the COREROOT parameter to (3) config.loader.php, (4) platform.loader.php, (5) core.loader.php, (6) person.loader.php, or (7) module.loader.php in core/ or (8) install/steps/step_3.php; or the THISDIR parameter to (9) people.lib.php, (10) general.lib.php, (11) content.lib.php, or (12) templates.lib.php in core/modules/admin/libs/ or (13) core/modules/webstat/MEC/index.php.

Published Oct 1, 2007 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2007-6741: The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privile...

The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP bounce attacks via crafted FTP data, as demonstrated by an FTP bounce attack against a NAT server, a related issue to CVE-1999-0017.

Published Oct 19, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2007-6718: MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application cra...

MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7) a malformed Ogg Theora file, as demonstrated by lol-mplayer.ogm; (8) a malformed WMV file, as demonstrated by lol-mplayer.wmv; or (9) a malformed AAC file, as demonstrated by lol-mplayer.aac. NOTE: vector 5 might overlap CVE-2007-4938, and vector 6 might overlap CVE-2008-0486.

Published Oct 20, 2008 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2007-5558: Integer overflow in the LG Mobile handset allows remote attackers to cause a denial of service (reboot) via...

Integer overflow in the LG Mobile handset allows remote attackers to cause a denial of service (reboot) via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published Oct 18, 2007 · Updated Sep 16, 2024

Medium · CVSS 6.5

CVE-2007-10003: The Hackers Diet Plugin HTTP POST Request ajax_blurb.php sql injection

A vulnerability, which was classified as critical, has been found in The Hackers Diet Plugin up to 0.9.6b on WordPress. This issue affects some unknown processing of the file ajax_blurb.php of the component HTTP POST Request Handler. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely. Upgrading to version 0.9.7b is able to address this issue. The patch is named 7dd8acf7cd8442609840037121074425d363b694. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-243803.

Published Oct 29, 2023 · Updated Sep 6, 2024

Unknown · CVSS Not scored

CVE-2007-6755: The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_...

The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.

Published Oct 11, 2013 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5715: DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log messages with an incorrect regular expr...

DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log messages with an incorrect regular expression that does not match an IP address, which might allow remote attackers to avoid detection and blocking when making invalid login attempts with a username not present in AllowUsers, as demonstrated by the root username, a different vulnerability than CVE-2007-4323.

Published Oct 30, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5652: IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication inform...

IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

Published Oct 23, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5732: Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as...

Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the file parameter. NOTE: this issue only occurs in environments where the system administrator has not followed the vendor recommendations that this product should only be used internally.

Published Oct 30, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5713: Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attacke...

Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow.

Published Oct 30, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5638: The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Bus...

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.

Published Oct 23, 2007 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2007-5629: Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows rem...

Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different vector than CVE-2007-2804. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Oct 23, 2007 · Updated Aug 7, 2024