All the vulnerabilites related to microsoft - all_windows
cve-2003-1392
Vulnerability from cvelistv5
Published
2007-10-19 10:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11317 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/6812 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/311176 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cryptobuddy-password-information-disclosure(11317)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11317"
},
{
"name": "6812",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6812"
},
{
"name": "20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/311176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cryptobuddy-password-information-disclosure(11317)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11317"
},
{
"name": "6812",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6812"
},
{
"name": "20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/311176"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cryptobuddy-password-information-disclosure(11317)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11317"
},
{
"name": "6812",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6812"
},
{
"name": "20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/311176"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1392",
"datePublished": "2007-10-19T10:00:00",
"dateReserved": "2007-10-18T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1472
Vulnerability from cvelistv5
Published
2007-10-24 23:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/3297 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11883 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/7451 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/319818 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3297",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3297"
},
{
"name": "3dftp-ftp-banner-bo(11883)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11883"
},
{
"name": "7451",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7451"
},
{
"name": "20030428 Buffer overflow in 3D-ftp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/319818"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3297",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3297"
},
{
"name": "3dftp-ftp-banner-bo(11883)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11883"
},
{
"name": "7451",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7451"
},
{
"name": "20030428 Buffer overflow in 3D-ftp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/319818"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1472",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3297",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3297"
},
{
"name": "3dftp-ftp-banner-bo(11883)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11883"
},
{
"name": "7451",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7451"
},
{
"name": "20030428 Buffer overflow in 3D-ftp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/319818"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1472",
"datePublished": "2007-10-24T23:00:00",
"dateReserved": "2007-10-24T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3341
Vulnerability from cvelistv5
Published
2007-06-21 23:00
Modified
2024-08-07 14:14
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217.
References
| ▼ | URL | Tags |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473 | third-party-advisory, x_refsource_IDEFENSE | |
| http://osvdb.org/36398 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070213 Microsoft \u0027wininet.dll\u0027 FTP Reply Null Termination Heap Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473"
},
{
"name": "36398",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36398"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to \"see a valid memory address\" via unspecified vectors, a different issue than CVE-2007-0217."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070213 Microsoft \u0027wininet.dll\u0027 FTP Reply Null Termination Heap Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473"
},
{
"name": "36398",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36398"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to \"see a valid memory address\" via unspecified vectors, a different issue than CVE-2007-0217."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070213 Microsoft \u0027wininet.dll\u0027 FTP Reply Null Termination Heap Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473"
},
{
"name": "36398",
"refsource": "OSVDB",
"url": "http://osvdb.org/36398"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3341",
"datePublished": "2007-06-21T23:00:00",
"dateReserved": "2007-06-21T00:00:00",
"dateUpdated": "2024-08-07T14:14:12.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1281
Vulnerability from cvelistv5
Published
2007-03-06 01:00
Modified
2024-08-07 12:50
Severity ?
EPSS score ?
Summary
Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/24391 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/32797 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1017718 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/22795 | vdb-entry, x_refsource_BID | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.vupen.com/english/advisories/2007/0810 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24391",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24391"
},
{
"name": "kaspersky-upx-dos(32797)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32797"
},
{
"name": "1017718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017718"
},
{
"name": "22795",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22795"
},
{
"name": "20070302 Kaspersky AntiVirus UPX File Decompression DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485"
},
{
"name": "ADV-2007-0810",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0810"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24391",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24391"
},
{
"name": "kaspersky-upx-dos(32797)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32797"
},
{
"name": "1017718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017718"
},
{
"name": "22795",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22795"
},
{
"name": "20070302 Kaspersky AntiVirus UPX File Decompression DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485"
},
{
"name": "ADV-2007-0810",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0810"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24391",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24391"
},
{
"name": "kaspersky-upx-dos(32797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32797"
},
{
"name": "1017718",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017718"
},
{
"name": "22795",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22795"
},
{
"name": "20070302 Kaspersky AntiVirus UPX File Decompression DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485"
},
{
"name": "ADV-2007-0810",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0810"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1281",
"datePublished": "2007-03-06T01:00:00",
"dateReserved": "2007-03-05T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1467
Vulnerability from cvelistv5
Published
2007-10-24 23:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/7572 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/7576 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/7573 | vdb-entry, x_refsource_BID | |
| http://securityreason.com/securityalert/3288 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/12502 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/7577 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/7584 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/12487 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/321310 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7572",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7572"
},
{
"name": "7576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7576"
},
{
"name": "7573",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7573"
},
{
"name": "3288",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3288"
},
{
"name": "phorum-register-html-injection(12502)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12502"
},
{
"name": "7577",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7577"
},
{
"name": "7584",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7584"
},
{
"name": "phorum-multiple-xss(12487)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12487"
},
{
"name": "20030513 Phorum Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/321310"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7572",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7572"
},
{
"name": "7576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7576"
},
{
"name": "7573",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7573"
},
{
"name": "3288",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3288"
},
{
"name": "phorum-register-html-injection(12502)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12502"
},
{
"name": "7577",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7577"
},
{
"name": "7584",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7584"
},
{
"name": "phorum-multiple-xss(12487)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12487"
},
{
"name": "20030513 Phorum Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/321310"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7572"
},
{
"name": "7576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7576"
},
{
"name": "7573",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7573"
},
{
"name": "3288",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3288"
},
{
"name": "phorum-register-html-injection(12502)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12502"
},
{
"name": "7577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7577"
},
{
"name": "7584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7584"
},
{
"name": "phorum-multiple-xss(12487)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12487"
},
{
"name": "20030513 Phorum Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/321310"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1467",
"datePublished": "2007-10-24T23:00:00",
"dateReserved": "2007-10-24T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1981
Vulnerability from cvelistv5
Published
2007-04-12 01:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers to cause a denial of service (daemon crash) via a long meta list command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/1247 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/24738 | third-party-advisory, x_refsource_SECUNIA | |
| http://sourceforge.net/forum/forum.php?forum_id=681753 | x_refsource_CONFIRM | |
| http://sourceforge.net/project/shownotes.php?release_id=498782 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:42.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1247",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1247"
},
{
"name": "24738",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24738"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=681753"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=498782"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers to cause a denial of service (daemon crash) via a long meta list command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1247",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1247"
},
{
"name": "24738",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24738"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=681753"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=498782"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers to cause a denial of service (daemon crash) via a long meta list command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1247",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1247"
},
{
"name": "24738",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24738"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=681753",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=681753"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=498782",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498782"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1981",
"datePublished": "2007-04-12T01:00:00",
"dateReserved": "2007-04-11T00:00:00",
"dateUpdated": "2024-08-07T13:13:42.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1454
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11871 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/7440 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/319747 | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/3276 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "invision-admin-plaintext-password(11871)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11871"
},
{
"name": "7440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7440"
},
{
"name": "20030425 Invision Power Board Plaintext Password Disclosure Vuln",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/319747"
},
{
"name": "3276",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "invision-admin-plaintext-password(11871)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11871"
},
{
"name": "7440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7440"
},
{
"name": "20030425 Invision Power Board Plaintext Password Disclosure Vuln",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/319747"
},
{
"name": "3276",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "invision-admin-plaintext-password(11871)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11871"
},
{
"name": "7440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7440"
},
{
"name": "20030425 Invision Power Board Plaintext Password Disclosure Vuln",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/319747"
},
{
"name": "3276",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1454",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1372
Vulnerability from cvelistv5
Published
2007-10-17 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11376 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/8125 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/6892 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/3931 | vdb-entry, x_refsource_OSVDB | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0231.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:02.844Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "phpbb-index-sql-injection(11376)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11376"
},
{
"name": "8125",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8125"
},
{
"name": "6892",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6892"
},
{
"name": "3931",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3931"
},
{
"name": "20030219 myphpnuke xss",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0231.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "phpbb-index-sql-injection(11376)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11376"
},
{
"name": "8125",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8125"
},
{
"name": "6892",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6892"
},
{
"name": "3931",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3931"
},
{
"name": "20030219 myphpnuke xss",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0231.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "phpbb-index-sql-injection(11376)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11376"
},
{
"name": "8125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8125"
},
{
"name": "6892",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6892"
},
{
"name": "3931",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3931"
},
{
"name": "20030219 myphpnuke xss",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0231.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1372",
"datePublished": "2007-10-17T01:00:00",
"dateReserved": "2007-10-16T00:00:00",
"dateUpdated": "2024-08-08T02:28:02.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2389
Vulnerability from cvelistv5
Published
2007-05-29 21:00
Modified
2024-08-07 13:33
Severity ?
EPSS score ?
Summary
Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2007/May/msg00005.html | vendor-advisory, x_refsource_APPLE | |
| http://www.kb.cert.org/vuls/id/434748 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.vupen.com/english/advisories/2007/1974 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1018136 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34571 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/25130 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/35575 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/24222 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2007-05-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"name": "VU#434748",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/434748"
},
{
"name": "ADV-2007-1974",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"name": "1018136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018136"
},
{
"name": "quicktime-applet-information-disclosure(34571)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34571"
},
{
"name": "25130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25130"
},
{
"name": "35575",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/35575"
},
{
"name": "24222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24222"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2007-05-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"name": "VU#434748",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/434748"
},
{
"name": "ADV-2007-1974",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"name": "1018136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018136"
},
{
"name": "quicktime-applet-information-disclosure(34571)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34571"
},
{
"name": "25130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25130"
},
{
"name": "35575",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/35575"
},
{
"name": "24222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24222"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2007-05-29",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"name": "VU#434748",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/434748"
},
{
"name": "ADV-2007-1974",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"name": "1018136",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018136"
},
{
"name": "quicktime-applet-information-disclosure(34571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34571"
},
{
"name": "25130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25130"
},
{
"name": "35575",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35575"
},
{
"name": "24222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24222"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2389",
"datePublished": "2007-05-29T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2414
Vulnerability from cvelistv5
Published
2007-05-01 10:00
Modified
2024-08-07 13:33
Severity ?
EPSS score ?
Summary
MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/1589 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/25026 | third-party-advisory, x_refsource_SECUNIA | |
| http://sourceforge.net/project/shownotes.php?release_id=504709&group_id=63119 | x_refsource_CONFIRM | |
| http://www.myserverproject.net/forum/viewtopic.php?t=1659&sid=ab6d273497a064cd3ed7a83d1c44a70a | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/23716 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/35469 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33971 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1589",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1589"
},
{
"name": "25026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=504709\u0026group_id=63119"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.myserverproject.net/forum/viewtopic.php?t=1659\u0026sid=ab6d273497a064cd3ed7a83d1c44a70a"
},
{
"name": "23716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23716"
},
{
"name": "35469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35469"
},
{
"name": "myserver-data-dos(33971)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33971"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1589",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1589"
},
{
"name": "25026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=504709\u0026group_id=63119"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.myserverproject.net/forum/viewtopic.php?t=1659\u0026sid=ab6d273497a064cd3ed7a83d1c44a70a"
},
{
"name": "23716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23716"
},
{
"name": "35469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35469"
},
{
"name": "myserver-data-dos(33971)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33971"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1589",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1589"
},
{
"name": "25026",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25026"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=504709\u0026group_id=63119",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=504709\u0026group_id=63119"
},
{
"name": "http://www.myserverproject.net/forum/viewtopic.php?t=1659\u0026sid=ab6d273497a064cd3ed7a83d1c44a70a",
"refsource": "CONFIRM",
"url": "http://www.myserverproject.net/forum/viewtopic.php?t=1659\u0026sid=ab6d273497a064cd3ed7a83d1c44a70a"
},
{
"name": "23716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23716"
},
{
"name": "35469",
"refsource": "OSVDB",
"url": "http://osvdb.org/35469"
},
{
"name": "myserver-data-dos(33971)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33971"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2414",
"datePublished": "2007-05-01T10:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2896
Vulnerability from cvelistv5
Published
2007-05-30 01:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1018120 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/1940 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/24123 | vdb-entry, x_refsource_BID | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/25390 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34507 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/35077 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html"
},
{
"name": "1018120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018120"
},
{
"name": "ADV-2007-1940",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1940"
},
{
"name": "24123",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24123"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html"
},
{
"name": "25390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25390"
},
{
"name": "symantec-esm-dos(34507)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34507"
},
{
"name": "35077",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html"
},
{
"name": "1018120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018120"
},
{
"name": "ADV-2007-1940",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1940"
},
{
"name": "24123",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24123"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html"
},
{
"name": "25390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25390"
},
{
"name": "symantec-esm-dos(34507)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34507"
},
{
"name": "35077",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35077"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2896",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html"
},
{
"name": "1018120",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018120"
},
{
"name": "ADV-2007-1940",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1940"
},
{
"name": "24123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24123"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html"
},
{
"name": "25390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25390"
},
{
"name": "symantec-esm-dos(34507)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34507"
},
{
"name": "35077",
"refsource": "OSVDB",
"url": "http://osvdb.org/35077"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2896",
"datePublished": "2007-05-30T01:00:00",
"dateReserved": "2007-05-29T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2927
Vulnerability from cvelistv5
Published
2007-08-08 01:11
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x before 6.0.3.67, on Windows allows remote attackers to cause a denial of service via a crafted 802.11 management frame.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/2756 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/26348 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/37992 | vdb-entry, x_refsource_OSVDB | |
| http://www.kb.cert.org/vuls/id/730169 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/25160 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35788 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2756",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2756"
},
{
"name": "26348",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26348"
},
{
"name": "37992",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37992"
},
{
"name": "VU#730169",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/730169"
},
{
"name": "25160",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25160"
},
{
"name": "atheros-management-frames-dos(35788)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35788"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x before 6.0.3.67, on Windows allows remote attackers to cause a denial of service via a crafted 802.11 management frame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "ADV-2007-2756",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2756"
},
{
"name": "26348",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26348"
},
{
"name": "37992",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37992"
},
{
"name": "VU#730169",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/730169"
},
{
"name": "25160",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25160"
},
{
"name": "atheros-management-frames-dos(35788)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35788"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-2927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x before 6.0.3.67, on Windows allows remote attackers to cause a denial of service via a crafted 802.11 management frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2756",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2756"
},
{
"name": "26348",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26348"
},
{
"name": "37992",
"refsource": "OSVDB",
"url": "http://osvdb.org/37992"
},
{
"name": "VU#730169",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/730169"
},
{
"name": "25160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25160"
},
{
"name": "atheros-management-frames-dos(35788)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35788"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-2927",
"datePublished": "2007-08-08T01:11:00",
"dateReserved": "2007-05-30T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1477
Vulnerability from cvelistv5
Published
2007-10-24 23:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/7562 | vdb-entry, x_refsource_BID | |
| http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/12052 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7562"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"name": "mailsweeper-powerpoint-file-dos(12052)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains \"embedded objects.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7562"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"name": "mailsweeper-powerpoint-file-dos(12052)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains \"embedded objects.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7562"
},
{
"name": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm",
"refsource": "CONFIRM",
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"name": "mailsweeper-powerpoint-file-dos(12052)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1477",
"datePublished": "2007-10-24T23:00:00",
"dateReserved": "2007-10-24T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3956
Vulnerability from cvelistv5
Published
2007-07-24 18:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/38595 | vdb-entry, x_refsource_OSVDB | |
| https://www.exploit-db.com/exploits/4205 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/24977 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/26141 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35518 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38595"
},
{
"name": "4205",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4205"
},
{
"name": "24977",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24977"
},
{
"name": "26141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26141"
},
{
"name": "teamspeak-login-dos(35518)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35518"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "38595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38595"
},
{
"name": "4205",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4205"
},
{
"name": "24977",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24977"
},
{
"name": "26141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26141"
},
{
"name": "teamspeak-login-dos(35518)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35518"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38595",
"refsource": "OSVDB",
"url": "http://osvdb.org/38595"
},
{
"name": "4205",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4205"
},
{
"name": "24977",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24977"
},
{
"name": "26141",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26141"
},
{
"name": "teamspeak-login-dos(35518)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35518"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3956",
"datePublished": "2007-07-24T18:00:00",
"dateReserved": "2007-07-24T00:00:00",
"dateUpdated": "2024-08-07T14:37:05.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1093
Vulnerability from cvelistv5
Published
2007-02-26 17:00
Modified
2024-08-07 12:43
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/33528 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2007/0739 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/33529 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/32683 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/24276 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/32682 | vdb-entry, x_refsource_XF | |
| http://www.hitachi-support.com/security_e/vuls_e/HS07-002_e/index-e.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33528",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33528"
},
{
"name": "ADV-2007-0739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0739"
},
{
"name": "33529",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33529"
},
{
"name": "nnm-unspecified-dos(32683)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32683"
},
{
"name": "24276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24276"
},
{
"name": "nnm-unspecified-code-execution(32682)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32682"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-002_e/index-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33528",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33528"
},
{
"name": "ADV-2007-0739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0739"
},
{
"name": "33529",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33529"
},
{
"name": "nnm-unspecified-dos(32683)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32683"
},
{
"name": "24276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24276"
},
{
"name": "nnm-unspecified-code-execution(32682)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32682"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-002_e/index-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33528",
"refsource": "OSVDB",
"url": "http://osvdb.org/33528"
},
{
"name": "ADV-2007-0739",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0739"
},
{
"name": "33529",
"refsource": "OSVDB",
"url": "http://osvdb.org/33529"
},
{
"name": "nnm-unspecified-dos(32683)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32683"
},
{
"name": "24276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24276"
},
{
"name": "nnm-unspecified-code-execution(32682)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32682"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-002_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-002_e/index-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1093",
"datePublished": "2007-02-26T17:00:00",
"dateReserved": "2007-02-26T00:00:00",
"dateUpdated": "2024-08-07T12:43:22.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1330
Vulnerability from cvelistv5
Published
2007-05-31 00:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11745 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/7226 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:01.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm"
},
{
"name": "mailsweeper-onstrip-bypass-filter(11745)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11745"
},
{
"name": "7226",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7226"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom \"on strip unsuccessful\" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm"
},
{
"name": "mailsweeper-onstrip-bypass-filter(11745)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11745"
},
{
"name": "7226",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7226"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom \"on strip unsuccessful\" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm",
"refsource": "MISC",
"url": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm"
},
{
"name": "mailsweeper-onstrip-bypass-filter(11745)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11745"
},
{
"name": "7226",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7226"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1330",
"datePublished": "2007-05-31T00:00:00",
"dateReserved": "2007-05-30T00:00:00",
"dateUpdated": "2024-08-08T02:28:01.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1423
Vulnerability from cvelistv5
Published
2007-10-20 10:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11358 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1006117 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "petitforum-liste-info-disclosure(11358)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11358"
},
{
"name": "1006117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1006117"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "petitforum-liste-info-disclosure(11358)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11358"
},
{
"name": "1006117",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1006117"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "petitforum-liste-info-disclosure(11358)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11358"
},
{
"name": "1006117",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1006117"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1423",
"datePublished": "2007-10-20T10:00:00",
"dateReserved": "2007-10-19T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1430
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/6775 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11299 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6775"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-file-directory-traversal(11299)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a \"..\" (dot dot) in an unreal:// URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6775"
},
{
"name": "20030205 Unreal engine: results of my research",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-file-directory-traversal(11299)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a \"..\" (dot dot) in an unreal:// URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6775"
},
{
"name": "20030205 Unreal engine: results of my research",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"name": "20030211 Re: Epic Games threatens to sue security researchers",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"name": "ut-file-directory-traversal(11299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1430",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1463
Vulnerability from cvelistv5
Published
2007-10-24 23:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/7438 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/7439 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11874 | vdb-entry, x_refsource_XF | |
| http://securityreason.com/securityalert/3286 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11875 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/319735 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/319735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/319735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/319735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1463",
"datePublished": "2007-10-24T23:00:00",
"dateReserved": "2007-10-24T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2388
Vulnerability from cvelistv5
Published
2007-05-29 21:00
Modified
2024-08-07 13:33
Severity ?
EPSS score ?
Summary
Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2007/May/msg00005.html | vendor-advisory, x_refsource_APPLE | |
| http://www.vupen.com/english/advisories/2007/1974 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1018136 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kb.cert.org/vuls/id/995836 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.osvdb.org/35576 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/25130 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/24221 | vdb-entry, x_refsource_BID | |
| http://secunia.com/secunia_research/2007-52/advisory/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2007-05-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"name": "ADV-2007-1974",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"name": "1018136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018136"
},
{
"name": "VU#995836",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/995836"
},
{
"name": "35576",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/35576"
},
{
"name": "25130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25130"
},
{
"name": "24221",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24221"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-52/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-06-09T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2007-05-29",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"name": "ADV-2007-1974",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"name": "1018136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018136"
},
{
"name": "VU#995836",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/995836"
},
{
"name": "35576",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/35576"
},
{
"name": "25130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25130"
},
{
"name": "24221",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24221"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-52/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2007-05-29",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"name": "ADV-2007-1974",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"name": "1018136",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018136"
},
{
"name": "VU#995836",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/995836"
},
{
"name": "35576",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35576"
},
{
"name": "25130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25130"
},
{
"name": "24221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24221"
},
{
"name": "http://secunia.com/secunia_research/2007-52/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-52/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2388",
"datePublished": "2007-05-29T21:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3615
Vulnerability from cvelistv5
Published
2007-07-06 19:00
Modified
2024-08-07 14:21
Severity ?
EPSS score ?
Summary
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html | mailing-list, x_refsource_FULLDISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35278 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/472890/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/38095 | vdb-entry, x_refsource_OSVDB | |
| http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/ | x_refsource_MISC | |
| http://secunia.com/advisories/25964 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1018336 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/2450 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/24774 | vdb-entry, x_refsource_BID | |
| http://securityreason.com/securityalert/2875 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070705 Internet Communication Manager Denial Of Service Attack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html"
},
{
"name": "sap-icman-dos(35278)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35278"
},
{
"name": "20070705 Internet Communication Manager Denial Of Service Attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/472890/100/0/threaded"
},
{
"name": "38095",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38095"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/"
},
{
"name": "25964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25964"
},
{
"name": "1018336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018336"
},
{
"name": "ADV-2007-2450",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2450"
},
{
"name": "24774",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24774"
},
{
"name": "2875",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2875"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070705 Internet Communication Manager Denial Of Service Attack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html"
},
{
"name": "sap-icman-dos(35278)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35278"
},
{
"name": "20070705 Internet Communication Manager Denial Of Service Attack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/472890/100/0/threaded"
},
{
"name": "38095",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38095"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/"
},
{
"name": "25964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25964"
},
{
"name": "1018336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018336"
},
{
"name": "ADV-2007-2450",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2450"
},
{
"name": "24774",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24774"
},
{
"name": "2875",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2875"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070705 Internet Communication Manager Denial Of Service Attack",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html"
},
{
"name": "sap-icman-dos(35278)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35278"
},
{
"name": "20070705 Internet Communication Manager Denial Of Service Attack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472890/100/0/threaded"
},
{
"name": "38095",
"refsource": "OSVDB",
"url": "http://osvdb.org/38095"
},
{
"name": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/",
"refsource": "MISC",
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/"
},
{
"name": "25964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25964"
},
{
"name": "1018336",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018336"
},
{
"name": "ADV-2007-2450",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2450"
},
{
"name": "24774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24774"
},
{
"name": "2875",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2875"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3615",
"datePublished": "2007-07-06T19:00:00",
"dateReserved": "2007-07-06T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1456
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://perl.bobbitt.ca/yabbse/index.php?board=2%3Baction=display%3Bthreadid=720 | x_refsource_CONFIRM | |
| http://securityreason.com/securityalert/3270 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11878 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/319763 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/7444 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://perl.bobbitt.ca/yabbse/index.php?board=2%3Baction=display%3Bthreadid=720"
},
{
"name": "3270",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3270"
},
{
"name": "albumpl-command-execution(11878)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11878"
},
{
"name": "20030426 Album.pl Vulnerability - Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/319763"
},
{
"name": "7444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7444"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://perl.bobbitt.ca/yabbse/index.php?board=2%3Baction=display%3Bthreadid=720"
},
{
"name": "3270",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3270"
},
{
"name": "albumpl-command-execution(11878)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11878"
},
{
"name": "20030426 Album.pl Vulnerability - Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/319763"
},
{
"name": "7444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7444"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://perl.bobbitt.ca/yabbse/index.php?board=2;action=display;threadid=720",
"refsource": "CONFIRM",
"url": "http://perl.bobbitt.ca/yabbse/index.php?board=2;action=display;threadid=720"
},
{
"name": "3270",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3270"
},
{
"name": "albumpl-command-execution(11878)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11878"
},
{
"name": "20030426 Album.pl Vulnerability - Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/319763"
},
{
"name": "7444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7444"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1456",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1382
Vulnerability from cvelistv5
Published
2007-03-10 00:00
Modified
2024-08-07 12:50
Severity ?
EPSS score ?
Summary
The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.exploit-db.com/exploits/3429 | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3429",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP\u0027s safe mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3429",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP\u0027s safe mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3429",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1382",
"datePublished": "2007-03-10T00:00:00",
"dateReserved": "2007-03-09T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3334
Vulnerability from cvelistv5
Published
2007-06-21 22:00
Modified
2024-08-07 14:14
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2288",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"name": "ingres-wakeup-privilege-escalation(35002)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
},
{
"name": "25756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25756"
},
{
"name": "25775",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25775"
},
{
"name": "37488",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37488"
},
{
"name": "ADV-2007-2290",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"name": "ingres-communications-server-bo(34991)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37487"
},
{
"name": "1018278",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018278"
},
{
"name": "ingres-data-access-server-bo(34992)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"name": "24585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24585"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2288",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"name": "ingres-wakeup-privilege-escalation(35002)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
},
{
"name": "25756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25756"
},
{
"name": "25775",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25775"
},
{
"name": "37488",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37488"
},
{
"name": "ADV-2007-2290",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"name": "ingres-communications-server-bo(34991)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"name": "37487",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37487"
},
{
"name": "1018278",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018278"
},
{
"name": "ingres-data-access-server-bo(34992)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"name": "24585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24585"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2288",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"name": "ingres-wakeup-privilege-escalation(35002)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
},
{
"name": "25756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25756"
},
{
"name": "25775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25775"
},
{
"name": "37488",
"refsource": "OSVDB",
"url": "http://osvdb.org/37488"
},
{
"name": "ADV-2007-2290",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"name": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"name": "ingres-communications-server-bo(34991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"name": "37487",
"refsource": "OSVDB",
"url": "http://osvdb.org/37487"
},
{
"name": "1018278",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018278"
},
{
"name": "ingres-data-access-server-bo(34992)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"name": "24585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24585"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3334",
"datePublished": "2007-06-21T22:00:00",
"dateReserved": "2007-06-21T00:00:00",
"dateUpdated": "2024-08-07T14:14:12.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1280
Vulnerability from cvelistv5
Published
2007-05-09 22:00
Modified
2024-08-07 12:50
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/25211 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/23878 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/1714 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34181 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1018020 | vdb-entry, x_refsource_SECTRACK | |
| http://www.adobe.com/support/security/bulletins/apsb07-10.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/468360/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/35867 | vdb-entry, x_refsource_OSVDB | |
| http://www.devtarget.org/adobe-advisory-05-2007.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25211"
},
{
"name": "23878",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23878"
},
{
"name": "ADV-2007-1714",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1714"
},
{
"name": "robohelp-files-xss(34181)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34181"
},
{
"name": "1018020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-10.html"
},
{
"name": "20070511 Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468360/100/0/threaded"
},
{
"name": "35867",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35867"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.devtarget.org/adobe-advisory-05-2007.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25211"
},
{
"name": "23878",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23878"
},
{
"name": "ADV-2007-1714",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1714"
},
{
"name": "robohelp-files-xss(34181)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34181"
},
{
"name": "1018020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-10.html"
},
{
"name": "20070511 Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468360/100/0/threaded"
},
{
"name": "35867",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35867"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.devtarget.org/adobe-advisory-05-2007.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25211"
},
{
"name": "23878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23878"
},
{
"name": "ADV-2007-1714",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1714"
},
{
"name": "robohelp-files-xss(34181)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34181"
},
{
"name": "1018020",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018020"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb07-10.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-10.html"
},
{
"name": "20070511 Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468360/100/0/threaded"
},
{
"name": "35867",
"refsource": "OSVDB",
"url": "http://osvdb.org/35867"
},
{
"name": "http://www.devtarget.org/adobe-advisory-05-2007.txt",
"refsource": "MISC",
"url": "http://www.devtarget.org/adobe-advisory-05-2007.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1280",
"datePublished": "2007-05-09T22:00:00",
"dateReserved": "2007-03-05T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1644
Vulnerability from cvelistv5
Published
2007-03-24 00:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/43603 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33473 | vdb-entry, x_refsource_XF | |
| https://www.exploit-db.com/exploits/3544 | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43603",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43603"
},
{
"name": "win-dnsupdate-unauthorized-access(33473)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33473"
},
{
"name": "3544",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3544"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43603",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43603"
},
{
"name": "win-dnsupdate-unauthorized-access(33473)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33473"
},
{
"name": "3544",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3544"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43603",
"refsource": "OSVDB",
"url": "http://osvdb.org/43603"
},
{
"name": "win-dnsupdate-unauthorized-access(33473)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33473"
},
{
"name": "3544",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3544"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1644",
"datePublished": "2007-03-24T00:00:00",
"dateReserved": "2007-03-23T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2161
Vulnerability from cvelistv5
Published
2008-05-12 22:00
Modified
2024-08-07 08:49
Severity ?
EPSS score ?
Summary
Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/30147 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42298 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/29111 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2008/1468/references | vdb-entry, x_refsource_VUPEN | |
| https://www.exploit-db.com/exploits/5563 | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30147"
},
{
"name": "tftpserversp-errormessage-bo(42298)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42298"
},
{
"name": "29111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29111"
},
{
"name": "ADV-2008-1468",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1468/references"
},
{
"name": "5563",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5563"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30147"
},
{
"name": "tftpserversp-errormessage-bo(42298)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42298"
},
{
"name": "29111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29111"
},
{
"name": "ADV-2008-1468",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1468/references"
},
{
"name": "5563",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5563"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30147",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30147"
},
{
"name": "tftpserversp-errormessage-bo(42298)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42298"
},
{
"name": "29111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29111"
},
{
"name": "ADV-2008-1468",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1468/references"
},
{
"name": "5563",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5563"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2161",
"datePublished": "2008-05-12T22:00:00",
"dateReserved": "2008-05-12T00:00:00",
"dateUpdated": "2024-08-07T08:49:58.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-05-29 21:30
Modified
2024-11-21 00:30
Severity ?
Summary
Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| apple | mac_os_x | 10.0 | |
| apple | mac_os_x | 10.0.1 | |
| apple | mac_os_x | 10.0.2 | |
| apple | mac_os_x | 10.0.3 | |
| apple | mac_os_x | 10.0.4 | |
| apple | mac_os_x | 10.1 | |
| apple | mac_os_x | 10.1.1 | |
| apple | mac_os_x | 10.1.2 | |
| apple | mac_os_x | 10.1.3 | |
| apple | mac_os_x | 10.1.4 | |
| apple | mac_os_x | 10.1.5 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x | 10.2.1 | |
| apple | mac_os_x | 10.2.2 | |
| apple | mac_os_x | 10.2.3 | |
| apple | mac_os_x | 10.2.4 | |
| apple | mac_os_x | 10.2.5 | |
| apple | mac_os_x | 10.2.6 | |
| apple | mac_os_x | 10.2.7 | |
| apple | mac_os_x | 10.2.8 | |
| apple | mac_os_x | 10.3 | |
| apple | mac_os_x | 10.3.1 | |
| apple | mac_os_x | 10.3.2 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x | 10.3.4 | |
| apple | mac_os_x | 10.3.5 | |
| apple | mac_os_x | 10.3.6 | |
| apple | mac_os_x | 10.3.7 | |
| apple | mac_os_x | 10.3.8 | |
| apple | mac_os_x | 10.3.9 | |
| apple | mac_os_x | 10.4 | |
| apple | mac_os_x | 10.4.1 | |
| apple | mac_os_x | 10.4.2 | |
| apple | mac_os_x | 10.4.3 | |
| apple | mac_os_x | 10.4.4 | |
| apple | mac_os_x | 10.4.5 | |
| apple | mac_os_x | 10.4.6 | |
| apple | mac_os_x | 10.4.7 | |
| apple | mac_os_x | 10.4.8 | |
| apple | mac_os_x | 10.4.9 | |
| microsoft | all_windows | * | |
| apple | quicktime | 7.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:java:*:*:*:*:*",
"matchCriteriaId": "CF6369C7-DA45-4E7D-A258-FDCA0EEDD842",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not clear potentially sensitive memory before use, which allows remote attackers to read memory from a web browser via unknown vectors related to Java applets."
},
{
"lang": "es",
"value": "Apple QuickTime para Java 7.1.6 en Mac OS X y Windows no limpia zonas de memoria potencialmente sensibles antes de usarla, lo cual permite a atacantes remotos leer la memoria desde un navegador web a trav\u00e9s de vectores desconocidos relacionados con applets Java."
}
],
"id": "CVE-2007-2389",
"lastModified": "2024-11-21T00:30:39.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-05-29T21:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25130"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/434748"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/35575"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24222"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018136"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/434748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/35575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34571"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| 3d-ftp | 3d-ftp | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:3d-ftp:3d-ftp:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A76E29-73DC-4B58-A8BB-ECC77ECE38C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner."
}
],
"id": "CVE-2003-1472",
"lastModified": "2024-11-20T23:47:14.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3297"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/319818"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/7451"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/319818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/7451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11883"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| clearswift_limited | mailsweeper | 4.3.6_sp1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift_limited:mailsweeper:4.3.6_sp1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "167B5409-AF42-496D-AD37-6FBA721C2406",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom \"on strip unsuccessful\" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove."
}
],
"id": "CVE-2003-1330",
"lastModified": "2024-11-20T23:46:53.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7226"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11745"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| microsoft | all_windows | * | |
| epic_games | unreal_engine | 226f | |
| epic_games | unreal_engine | 433 | |
| epic_games | unreal_engine | 436 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:226f:*:*:*:*:*:*:*",
"matchCriteriaId": "A99F5526-E641-464B-83A3-A9AF27AC287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:433:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC39AE7-3145-4095-A471-C1668CAB8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:epic_games:unreal_engine:436:*:*:*:*:*:*:*",
"matchCriteriaId": "93D14650-A8AC-4CBB-9968-0EF215623DE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a \"..\" (dot dot) in an unreal:// URL."
}
],
"id": "CVE-2003-1430",
"lastModified": "2024-11-20T23:47:07.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6775"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11299"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-06 19:30
Modified
2024-11-21 00:33
Severity ?
Summary
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| sap | internet_communication_manager | * | |
| sap | sap_web_application_server | 6.10 | |
| sap | sap_web_application_server | 6.20 | |
| sap | sap_web_application_server | 6.40 | |
| sap | sap_web_application_server | 7.0 | |
| sap | sap_web_application_server | 7.0.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:internet_communication_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "651B211A-A926-40F2-A477-2107CD0FC78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FE5FAC41-5C2B-4653-A757-ADBFD37E716E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_web_application_server:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A68E0969-971D-4D97-97EE-F901B05885DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*",
"matchCriteriaId": "B41DF7D3-9EF1-4F5B-870E-5D1FDF095509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_web_application_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F89AF4D-B15A-4D91-B6A4-0A206772BC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_web_application_server:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E194A2-DFBF-444F-99D0-A038A4C7EC6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache."
},
{
"lang": "es",
"value": "El Internet Communication Manager (tambi\u00e9n conocido como ICMAN.exe o ICM) en el SAP NetWeaver Application Server 6.x y 7.x, posiblemente s\u00f3lo bajo Windows, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del proceso) a trav\u00e9s de un URI de cierta longitud que contenga el par\u00e1metro sap-isc-key, relacionado con la configuraci\u00f3n del cach\u00e9 de la web."
}
],
"id": "CVE-2007-3615",
"lastModified": "2024-11-21T00:33:39.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-06T19:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38095"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25964"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2875"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/472890/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24774"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018336"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2450"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/472890/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35278"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| microsoft | all_windows | * | |
| unix | unix | any_version | |
| petitforum | petitforum | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:unix:unix:any_version:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8C2159-A91B-4599-BDDA-AEC890150B00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:petitforum:petitforum:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C23772-F667-492B-8C19-BD26CB805FB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords."
}
],
"id": "CVE-2003-1423",
"lastModified": "2024-11-20T23:47:06.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1006117"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1006117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11358"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-01 10:19
Modified
2024-11-21 00:30
Severity ?
Summary
MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| myserver | myserver | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:myserver:myserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7D11D3-4073-4C82-990F-A011C7AF6D75",
"versionEndIncluding": "0.8.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "MyServer anterior a 0.8.8 permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no identificados."
}
],
"id": "CVE-2007-2414",
"lastModified": "2024-11-21T00:30:43.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-01T10:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35469"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25026"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/shownotes.php?release_id=504709\u0026group_id=63119"
},
{
"source": "cve@mitre.org",
"url": "http://www.myserverproject.net/forum/viewtopic.php?t=1659\u0026sid=ab6d273497a064cd3ed7a83d1c44a70a"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23716"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1589"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?release_id=504709\u0026group_id=63119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.myserverproject.net/forum/viewtopic.php?t=1659\u0026sid=ab6d273497a064cd3ed7a83d1c44a70a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33971"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| microsoft | all_windows | * | |
| unix | unix | * | |
| invision_power_services | invision_board | 1.0 | |
| invision_power_services | invision_board | 1.0.1 | |
| invision_power_services | invision_board | 1.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:invision_power_services:invision_board:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC7F0E6-7DA6-41E3-9F73-4FFF699195C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:invision_power_services:invision_board:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAA35A95-B8FD-4ED8-95E0-409E50BF13AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:invision_power_services:invision_board:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4066556-F0CE-4E8B-B88D-C3BA03D98D95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access."
}
],
"id": "CVE-2003-1454",
"lastModified": "2024-11-20T23:47:11.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3276"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/319747"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7440"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/319747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11871"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-24 18:30
Modified
2024-11-21 00:34
Severity ?
Summary
TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| teamspeak | web_server | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamspeak:web_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D1F5B1-7F5A-4B76-975B-4DDBD22566B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534."
},
{
"lang": "es",
"value": "TeamSpeak WebServer 2.0 para Windows no valida la longitud del valor del par\u00e1metro y no expiran las sesiones TCP, lo cual permite a atacantes remotos provocar denegaci\u00f3n de servicio (consumo de CPU y memoria)a trav\u00e9s de los par\u00e1metros username y password en una respuesta en login.tscmd sobre el puerto TCP 14534."
}
],
"id": "CVE-2007-3956",
"lastModified": "2024-11-21T00:34:27.463",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-24T18:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38595"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26141"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24977"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35518"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/4205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/4205"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| clearswift | mailsweeper_for_smtp | 4.3.6 | |
| clearswift | mailsweeper_for_smtp | 4.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper_for_smtp:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D8CF9366-9433-465B-8801-C38089C67F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper_for_smtp:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7F206C-DEC9-4F47-A26E-9621197363D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains \"embedded objects.\""
}
],
"id": "CVE-2003-1477",
"lastModified": "2024-11-20T23:47:15.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7562"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12052"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-26 17:28
Modified
2024-11-21 00:27
Severity ?
Summary
Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachi:hi_ux_we2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F142415-BFE4-4C6D-9163-1595F36499B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager:05_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "85C7FB22-C9C3-476A-B820-6F54B79ED15B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager:05_00:*:unlimited:*:*:*:*:*",
"matchCriteriaId": "80ABF7BD-0DB3-4B0B-B486-A2AC6E940273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager_250:05_00:*:*:*:*:*:*:*",
"matchCriteriaId": "EC536BD0-32DA-4D73-9606-07F71C137D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager_250:05_00_c:*:*:*:*:*:*:*",
"matchCriteriaId": "83C2BDC7-2A71-493B-8F2A-2B77EF99C829",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager_250:05_00:*:*:*:*:*:*:*",
"matchCriteriaId": "EC536BD0-32DA-4D73-9606-07F71C137D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager_250:05_00_a:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC5C01F-1E30-4F58-987B-1A2A2D005B37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hitachi:hi_ux_we2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F142415-BFE4-4C6D-9163-1595F36499B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager_250:05_00:*:*:*:*:*:*:*",
"matchCriteriaId": "EC536BD0-32DA-4D73-9606-07F71C137D27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:05_20:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "97B05744-D8C4-40E1-B228-D660D54A3523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:05_20_e:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "76BEF6D5-0F4E-469A-A30D-7448BF0EA238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "6722267F-64FB-4B0C-A740-254A997C85E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_50_a:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "48E937E6-B444-4EF3-8332-5F717BD30353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_51:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "B3E4F71E-6A8E-461B-AF58-6EAAA30BDB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_71_c:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "632D72EC-CF39-4B05-83CA-99D281BA48B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:05_20:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "97B05744-D8C4-40E1-B228-D660D54A3523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:05_20_e:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "76BEF6D5-0F4E-469A-A30D-7448BF0EA238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:05_20_f:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "1781910F-991C-45B2-9614-A5CA3C65BD33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "6722267F-64FB-4B0C-A740-254A997C85E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_50_a:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "48E937E6-B444-4EF3-8332-5F717BD30353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_51:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "B3E4F71E-6A8E-461B-AF58-6EAAA30BDB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_71_c:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "632D72EC-CF39-4B05-83CA-99D281BA48B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_71_d:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "26433FCC-5405-49AF-8A62-6E238EB1E8CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:05_20:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "97B05744-D8C4-40E1-B228-D660D54A3523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:05_20_e:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "76BEF6D5-0F4E-469A-A30D-7448BF0EA238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "6722267F-64FB-4B0C-A740-254A997C85E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_50_a:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "48E937E6-B444-4EF3-8332-5F717BD30353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_51:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "B3E4F71E-6A8E-461B-AF58-6EAAA30BDB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:06_71_c:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "632D72EC-CF39-4B05-83CA-99D281BA48B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:05_20:*:*:*:*:*:*:*",
"matchCriteriaId": "D104967C-D81D-4C43-93B3-AC9A0CCC0191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:05_20_e:*:*:*:*:*:*:*",
"matchCriteriaId": "34138FC6-37C5-4BB9-828D-0535A061173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_00:*:*:*:*:*:*:*",
"matchCriteriaId": "3B340E4D-21CC-4241-867D-A3407758EFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_50_a:*:*:*:*:*:*:*",
"matchCriteriaId": "77C22F31-0ACF-4A3B-AED8-041EF7C97826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_51:*:*:*:*:*:*:*",
"matchCriteriaId": "397C05A6-9BBF-4DAC-BA91-7A03AC76E66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_71_c:*:*:*:*:*:*:*",
"matchCriteriaId": "8436526F-1A2D-442F-ADB3-B2FCF1DB76A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:05_20:*:*:*:*:*:*:*",
"matchCriteriaId": "D104967C-D81D-4C43-93B3-AC9A0CCC0191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:05_20_e:*:*:*:*:*:*:*",
"matchCriteriaId": "34138FC6-37C5-4BB9-828D-0535A061173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:05_20_f:*:*:*:*:*:*:*",
"matchCriteriaId": "13EB7530-9E36-471C-964B-591A36E0D04B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_00:*:*:*:*:*:*:*",
"matchCriteriaId": "3B340E4D-21CC-4241-867D-A3407758EFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_50_a:*:*:*:*:*:*:*",
"matchCriteriaId": "77C22F31-0ACF-4A3B-AED8-041EF7C97826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_51:*:*:*:*:*:*:*",
"matchCriteriaId": "397C05A6-9BBF-4DAC-BA91-7A03AC76E66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_71_c:*:*:*:*:*:*:*",
"matchCriteriaId": "8436526F-1A2D-442F-ADB3-B2FCF1DB76A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_71_d:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B0AB54-91E2-43B0-9647-85D52C27B7CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:05_20:*:*:*:*:*:*:*",
"matchCriteriaId": "D104967C-D81D-4C43-93B3-AC9A0CCC0191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:05_20_e:*:*:*:*:*:*:*",
"matchCriteriaId": "34138FC6-37C5-4BB9-828D-0535A061173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_00:*:*:*:*:*:*:*",
"matchCriteriaId": "3B340E4D-21CC-4241-867D-A3407758EFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_50_a:*:*:*:*:*:*:*",
"matchCriteriaId": "77C22F31-0ACF-4A3B-AED8-041EF7C97826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_51:*:*:*:*:*:*:*",
"matchCriteriaId": "397C05A6-9BBF-4DAC-BA91-7A03AC76E66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_250:06_71_c:*:*:*:*:*:*:*",
"matchCriteriaId": "8436526F-1A2D-442F-ADB3-B2FCF1DB76A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "EED44E31-D5C0-4389-894D-54ADAF10C632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:07_10_04:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CD2E91-42B5-424E-9013-78F9978D0087",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "EED44E31-D5C0-4389-894D-54ADAF10C632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:07_10_04:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CD2E91-42B5-424E-9013-78F9978D0087",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "EED44E31-D5C0-4389-894D-54ADAF10C632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager:07_10_04:*:*:*:*:*:*:*",
"matchCriteriaId": "D7CD2E91-42B5-424E-9013-78F9978D0087",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pa-risc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBF2333-9086-4F28-90D2-D240A7F60222",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "2E920F8D-B077-4D86-B665-C50D3FA679D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00_01:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "9AF94E77-8C4D-41A7-A32B-8B454BDF14A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "2E920F8D-B077-4D86-B665-C50D3FA679D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00_01:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "9AF94E77-8C4D-41A7-A32B-8B454BDF14A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:ipfilter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA02499F-0E90-4E07-938D-453BE1E46DAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "2E920F8D-B077-4D86-B665-C50D3FA679D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00_01:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "9AF94E77-8C4D-41A7-A32B-8B454BDF14A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:pa-risc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBF2333-9086-4F28-90D2-D240A7F60222",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3631FF-103A-4A9B-AE8D-F7BA4C72FAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00_01:*:*:*:*:*:*:*",
"matchCriteriaId": "7915A6FC-71EF-4305-B74C-9D623C9D978E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "2E920F8D-B077-4D86-B665-C50D3FA679D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter:08_00_01:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "9AF94E77-8C4D-41A7-A32B-8B454BDF14A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3631FF-103A-4A9B-AE8D-F7BA4C72FAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00_01:*:*:*:*:*:*:*",
"matchCriteriaId": "7915A6FC-71EF-4305-B74C-9D623C9D978E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:ipfilter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA02499F-0E90-4E07-938D-453BE1E46DAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3631FF-103A-4A9B-AE8D-F7BA4C72FAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00_01:*:*:*:*:*:*:*",
"matchCriteriaId": "7915A6FC-71EF-4305-B74C-9D623C9D978E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager:05_00:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "85C7FB22-C9C3-476A-B820-6F54B79ED15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cm2-network_node_manager:05_00_c:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "84F5701E-EA63-4B0F-811D-960079619D20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3631FF-103A-4A9B-AE8D-F7BA4C72FAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:jp1-cm2-network_node_manager_starter_250:08_00_01:*:*:*:*:*:*:*",
"matchCriteriaId": "7915A6FC-71EF-4305-B74C-9D623C9D978E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en JP1/Cm2/Network Node Manager (NNM) anterior a 07-10-05, y anterior a 08-00-02 en la serie 08-x, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n, provocar una denegaci\u00f3n de servicio, o disparar un comportamiento inv\u00e1lido de la herramienta Web."
}
],
"id": "CVE-2007-1093",
"lastModified": "2024-11-21T00:27:29.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-26T17:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33528"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33529"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24276"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-002_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0739"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32682"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-002_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32683"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| microsoft | all_windows | * | |
| unix | unix | any_version | |
| myphpnuke | myphpnuke | 1.8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:unix:unix:any_version:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8C2159-A91B-4599-BDDA-AEC890150B00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:myphpnuke:myphpnuke:1.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0D673DA6-49A1-425C-8A59-66479784FD73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters."
}
],
"id": "CVE-2003-1372",
"lastModified": "2024-11-20T23:46:59.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0231.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/8125"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3931"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6892"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0231.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/8125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/6892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11376"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-06 01:19
Modified
2024-11-21 00:27
Severity ?
Summary
Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | abstract_cpe | |
| kaspersky_lab | kaspersky_antivirus_engine | 6.0.1.411 | |
| linux | linux_kernel | * | |
| kaspersky_lab | kaspersky_antivirus_engine | 5.5.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_antivirus_engine:6.0.1.411:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEAD0D1-CA5E-4B27-9A36-5614F4FDF4F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:ia32_64-bit:*:*:*:*:*",
"matchCriteriaId": "4F8CD59E-22A6-4B56-8834-B8A18FBC1A7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_antivirus_engine:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FFFF2C-7C8F-42EE-8B37-AAB833112B16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression."
},
{
"lang": "es",
"value": "Kaspersky AntiVirus Engine 6.0.1.411 para Windows y 5.5-10 para Linux permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de CPU) mediante un archivo comprimido con UPX manipulado con un desplazamiento (offset) negativo, lo cual dispara un bucle infinito durante la extracci\u00f3n."
}
],
"id": "CVE-2007-1281",
"lastModified": "2024-11-21T00:27:56.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-06T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24391"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22795"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017718"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0810"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32797"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| research_triangle_software | cryptobuddy | 1.0 | |
| research_triangle_software | cryptobuddy | 1.2 | |
| microsoft | all_windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:research_triangle_software:cryptobuddy:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE15D0B-55D6-44CD-9892-A1D56FC0F39A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:research_triangle_software:cryptobuddy:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E16399-2A7A-41D4-8E20-A218616CD721",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data."
}
],
"id": "CVE-2003-1392",
"lastModified": "2024-11-20T23:47:01.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/311176"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6812"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/311176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11317"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-12 22:20
Modified
2024-11-21 00:46
Severity ?
Summary
Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| tftp | tftp_server_sp | 1.4 | |
| tftp | tftp_server_sp | 1.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tftp:tftp_server_sp:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D22E904A-1FA8-488A-85FD-17C1970F7733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tftp:tftp_server_sp:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "41B02A27-108D-436C-81B6-5550331328ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en TFTP Server SP 1.4 y 1.5 en Windows y posiblemente otras versiones, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete de error TFTP largo. NOTA: algunos de estos detalles se han obtenido de terceros."
}
],
"id": "CVE-2008-2161",
"lastModified": "2024-11-21T00:46:13.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-12T22:20:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30147"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29111"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1468/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42298"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/5563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1468/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/5563"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-12 01:19
Modified
2024-11-21 00:29
Severity ?
Summary
The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers to cause a denial of service (daemon crash) via a long meta list command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| metamod-p | metamod-p | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:metamod-p:metamod-p:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6639225A-84E2-49E9-B2EE-C007178D1564",
"versionEndIncluding": "1.19_p29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers to cause a denial of service (daemon crash) via a long meta list command."
},
{
"lang": "es",
"value": "La funci\u00f3n safevoid_vsnprintf de Metamod-P 1.19p29 y anteriores en Windows permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante un comando meta list largo."
}
],
"id": "CVE-2007-1981",
"lastModified": "2024-11-21T00:29:36.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-12T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24738"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=681753"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498782"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=681753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1247"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-24 00:19
Modified
2024-11-21 00:28
Severity ?
Summary
The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | abstract_cpe |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution)."
},
{
"lang": "es",
"value": "El mecanismo de actualizaci\u00f3n DNS en el servidor DNS de Microsoft Windows no valida adecuadamente a clientes en ciertos despliegues o configuraciones, lo cual permite a atacantes remotos cambiar registros de DNS para un servidor web proxy y conducir ataque de \"hombre en medio\" (man-in-the-middle) sobre el trafico web, llevando a cabo ataques de pharming a trav\u00e9s del envenenamiento de registros DNS, y provocar denegaci\u00f3n de servicio (error de resoluci\u00f3n de nombre).\r\n"
}
],
"id": "CVE-2007-1644",
"lastModified": "2024-11-21T00:28:49.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-24T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/43603"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33473"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/3544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/43603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/3544"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-29 21:30
Modified
2024-11-21 00:30
Severity ?
Summary
Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| apple | mac_os_x | 10.0 | |
| apple | mac_os_x | 10.0.1 | |
| apple | mac_os_x | 10.0.2 | |
| apple | mac_os_x | 10.0.3 | |
| apple | mac_os_x | 10.0.4 | |
| apple | mac_os_x | 10.1 | |
| apple | mac_os_x | 10.1.1 | |
| apple | mac_os_x | 10.1.2 | |
| apple | mac_os_x | 10.1.3 | |
| apple | mac_os_x | 10.1.4 | |
| apple | mac_os_x | 10.1.5 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x | 10.2.1 | |
| apple | mac_os_x | 10.2.2 | |
| apple | mac_os_x | 10.2.3 | |
| apple | mac_os_x | 10.2.4 | |
| apple | mac_os_x | 10.2.5 | |
| apple | mac_os_x | 10.2.6 | |
| apple | mac_os_x | 10.2.7 | |
| apple | mac_os_x | 10.2.8 | |
| apple | mac_os_x | 10.3 | |
| apple | mac_os_x | 10.3.1 | |
| apple | mac_os_x | 10.3.2 | |
| apple | mac_os_x | 10.3.3 | |
| apple | mac_os_x | 10.3.4 | |
| apple | mac_os_x | 10.3.5 | |
| apple | mac_os_x | 10.3.6 | |
| apple | mac_os_x | 10.3.7 | |
| apple | mac_os_x | 10.3.8 | |
| apple | mac_os_x | 10.3.9 | |
| apple | mac_os_x | 10.4 | |
| apple | mac_os_x | 10.4.1 | |
| apple | mac_os_x | 10.4.2 | |
| apple | mac_os_x | 10.4.3 | |
| apple | mac_os_x | 10.4.4 | |
| apple | mac_os_x | 10.4.5 | |
| apple | mac_os_x | 10.4.6 | |
| apple | mac_os_x | 10.4.7 | |
| apple | mac_os_x | 10.4.8 | |
| apple | mac_os_x | 10.4.9 | |
| microsoft | all_windows | * | |
| apple | quicktime | 7.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF824694-52DE-44E3-ACAD-60B2A84CD3CE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A0891-A37A-4E0D-AA73-B18BFD6B1447",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC38AB-D689-4B2B-9DAE-F03F4DFD15BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C580935-0091-4163-B747-750FB7686973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8719F3C4-F1DE-49B5-9301-22414A2B6F9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09ED46A8-1739-411C-8807-2A416BDB6DFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "786BB737-EA99-4EC6-B742-0C35BF2453F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:quicktime:7.1.6:*:java:*:*:*:*:*",
"matchCriteriaId": "CF6369C7-DA45-4E7D-A258-FDCA0EEDD842",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apple QuickTime for Java 7.1.6 on Mac OS X and Windows does not properly restrict QTObject subclassing, which allows remote attackers to execute arbitrary code via a web page containing a user-defined class that accesses unsafe functions that can be leveraged to write to arbitrary memory locations."
},
{
"lang": "es",
"value": "Apple QuickTime para Java versi\u00f3n 7.1.6 en Mac OS X y Windows, no restringe apropiadamente la subclase de QTObject, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una p\u00e1gina web que contiene una clase definida por el usuario que accede a funciones no seguras que pueden ser aprovechadas para escribir en ubicaciones de memoria arbitrarias."
}
],
"id": "CVE-2007-2388",
"lastModified": "2024-11-21T00:30:39.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-05-29T21:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25130"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-52/advisory/"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/995836"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/35576"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24221"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018136"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-52/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/995836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/35576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1974"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-10 00:19
Modified
2024-11-21 00:28
Severity ?
Summary
The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | abstract_cpe | |
| php | com_extensions | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*",
"matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:com_extensions:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73BDC038-A61B-4383-A171-32DBC6328523",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP\u0027s safe mode."
},
{
"lang": "es",
"value": "La extensi\u00f3n PHP COM para PHP en los sistemas Windows permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n mediante el objeto COM WScript.Shell, como lo demostrado usando el m\u00e9todo Run de dicho objeto para ejecutar cmd.exe, que evita el modo seguro del PHP."
}
],
"id": "CVE-2007-1382",
"lastModified": "2024-11-21T00:28:10.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-10T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/3429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/3429"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-08 01:17
Modified
2024-11-21 00:31
Severity ?
Summary
Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x before 6.0.3.67, on Windows allows remote attackers to cause a denial of service via a crafted 802.11 management frame.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| atheros | wireless_adapter_drivers | * | |
| atheros | wireless_adapter_drivers | * | |
| microsoft | all_windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:atheros:wireless_adapter_drivers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA9A6015-7F86-4C1D-ACA8-921A470A6ED2",
"versionEndIncluding": "5.1.1.9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:atheros:wireless_adapter_drivers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE229A4-8314-4F1C-938F-768FB866CED7",
"versionEndIncluding": "6.0.3.67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Atheros 802.11 a/b/g wireless adapter drivers before 5.3.0.35, and 6.x before 6.0.3.67, on Windows allows remote attackers to cause a denial of service via a crafted 802.11 management frame."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en los controladores de dispositivo Atheros 802.11 a/b/g wireless versiones anteriores a 5.3.0.35, y 6.x versiones anteriores a 6.0.3.67, en Windows, permite a atacantes remotos provocar una denegaci\u00f3n de servicio mediante una trama de gesti\u00f3n 802.11 manipulada."
}
],
"id": "CVE-2007-2927",
"lastModified": "2024-11-21T00:31:59.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-08T01:17:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "http://osvdb.org/37992"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/26348"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730169"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/25160"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2007/2756"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35788"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-21 22:30
Modified
2024-11-21 00:32
Severity ?
Summary
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| ca | etrust_secure_content_manager | 8.0 | |
| ingres | database_server | 3.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingres:database_server:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B836C674-BF4F-4D60-AA33-D778B712D3A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en mont\u00edculo en los componentes (1) Communications Server (iigcc.exe) y (2) Data Access Server (iigcd.exe) para el Ingres Database Server 3.0.3, como el utilizado en los productos del CA (Computer Associates) incluyendo el eTrust Secure Content Manager r8 bajo Windows, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2007-3334",
"lastModified": "2024-11-21T00:32:58.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-21T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37487"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37488"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25756"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25775"
},
{
"source": "cve@mitre.org",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24585"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018278"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-21 23:30
Modified
2024-11-21 00:32
Severity ?
Summary
Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| microsoft | internet_explorer | 5 | |
| microsoft | internet_explorer | 6.0 | |
| microsoft | internet_explorer | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4071D03-D955-4C1B-ACD8-A864F7D0FA02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to \"see a valid memory address\" via unspecified vectors, a different issue than CVE-2007-0217."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en la implementaci\u00f3n del FTP del Microsoft Internet Explorer permite a atacantes remotos \"ver una direcci\u00f3n de memoria v\u00e1lida\" a trav\u00e9s de vectores sin especificar, vulnerabilidad diferente a la CVE-2007-0217."
}
],
"id": "CVE-2007-3341",
"lastModified": "2024-11-21T00:32:59.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-06-21T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36398"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:alt-n:webadmin:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C83170D0-11D7-42A3-9002-A241FE09F5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alt-n:webadmin:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A6ADF1C-2098-40B1-B336-04594BB82674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alt-n:webadmin:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D257AB15-2FED-42CF-83F1-B68332897729",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter."
}
],
"id": "CVE-2003-1463",
"lastModified": "2024-11-20T23:47:13.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3286"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/319735"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7438"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7439"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/319735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-10 00:19
Modified
2024-11-21 00:27
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| adobe | robohelp | 6 | |
| adobe | robohelp | x5 | |
| adobe | robohelp_server | 6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:robohelp:6:*:*:*:*:*:*:*",
"matchCriteriaId": "3817D773-F9A8-4738-B159-93CCA297348D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:robohelp:x5:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB40133-E48B-4C57-BF03-5712A59B2185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:robohelp_server:6:*:*:*:*:*:*:*",
"matchCriteriaId": "462BB435-3230-4045-BDA6-3B51FC6E76F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 allows remote attackers to inject arbitrary web script or HTML via a URL after a # (hash) in the URL path, as demonstrated using en/frameset-7.html, and possibly other unspecified vectors involving templates and (1) whstart.js and (2) whcsh_home.htm in WebHelp, (3) wf_startpage.js and (4) wf_startqs.htm in FlashHelp, or (5) WindowManager.dll in RoboHelp Server 6."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site-scripting (XSS) en Adobe RoboHelp versiones X5, 6 y Server versi\u00f3n 6 permite a los atacantes remotos inyectar scripts web o HTML arbitrarios por medio de una direcci\u00f3n URL despu\u00e9s de un valor de direcci\u00f3n URL en la ruta de url, como se ha demostrado utilizando en/frameset-7.html, y posiblemente otros vectores no especificados con plantillas y (1) whstart.js y (2) whcsh_home.htm en WebHelp, (3) wf_startpage.js y (4) wf_startqs.htm en FlashHelp o (5) la biblioteca WindowManager.dll en RoboHelp Server versi\u00f3n 6."
}
],
"id": "CVE-2007-1280",
"lastModified": "2024-11-21T00:27:56.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-05-10T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35867"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25211"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-10.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.devtarget.org/adobe-advisory-05-2007.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/468360/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23878"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018020"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1714"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb07-10.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.devtarget.org/adobe-advisory-05-2007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/468360/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34181"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| microsoft | all_windows | * | |
| unix | unix | * | |
| mike_bobbitt | album.pl | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mike_bobbitt:album.pl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E10B3E59-BA11-4DFB-A4E0-E96D4BCAA1B0",
"versionEndIncluding": "6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors."
}
],
"id": "CVE-2003-1456",
"lastModified": "2024-11-20T23:47:12.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://perl.bobbitt.ca/yabbse/index.php?board=2%3Baction=display%3Bthreadid=720"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3270"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/archive/1/319763"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7444"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://perl.bobbitt.ca/yabbse/index.php?board=2%3Baction=display%3Bthreadid=720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/archive/1/319763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11878"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-30 01:30
Modified
2024-11-21 00:31
Severity ?
Summary
Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | all_windows | * | |
| symantec | enterprise_security_manager | 6.5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_security_manager:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7082C313-6747-4A49-B137-0CE2CB3ADB4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en los encargados y agentes de Symantec Enterprise Security Manager (ESM) 6.5.3 en Windows anteriores a la fecha 24/05/2007 permite a atacantes remotos causar una denegaci\u00f3n de servicio (agotamiento de la CPU y cuelgue de aplicaci\u00f3n) a trav\u00e9s de determinados escaneos de red a los puertos ESM."
}
],
"evaluatorSolution": "The vendor has released an update addressing this issue: \r\n\r\nSymantec Enterprise Security Manager 6.5.3 \r\nSymantec Mini Update Package.zip\r\nhttp://www.symantec.com/avcenter/security/ESM/esmPU/Mini Update Package.zip\r\n\r\n",
"id": "CVE-2007-2896",
"lastModified": "2024-11-21T00:31:55.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-30T01:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35077"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25390"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24123"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018120"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1940"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34507"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:unix:unix:any_version:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8C2159-A91B-4599-BDDA-AEC890150B00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phorum:phorum:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF010968-6E3B-430A-BF06-9F63EEA3EC03",
"versionEndIncluding": "3.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:phorum:phorum:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6650BE9D-5F4B-4B22-BD7E-ABCC067D5455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:phorum:phorum:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8E0CA9-F6D4-4DD3-A3EA-F3A40965261B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors."
}
],
"id": "CVE-2003-1467",
"lastModified": "2024-11-20T23:47:13.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3288"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/321310"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7572"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7573"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7576"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7577"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7584"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12487"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/321310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/7584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12502"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}