[CLOSE] OSVDB ID : 39846 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.

[CLOSE] OSVDB ID : 37640 - Disclosed: 2007-04-30

Description:

Wireshark contains a flaw in the way it handles SSL and MMS packets that may allow a remote denial of service. The issue is triggered by a specially crafted packet, and will result in loss of availability for the application.

[CLOSE] OSVDB ID : 36231 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : SQL injection vulnerability in down_indir.asp in Gazi Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 35475 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : Directory traversal vulnerability in top.php3 in SWsoft Plesk for Windows 8.1 and 8.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the locale_id parameter.

[CLOSE] OSVDB ID : 35504 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions."

[CLOSE] OSVDB ID : 34433 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary code via a certain .MP4 file. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 34748 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.

[CLOSE] OSVDB ID : 35671 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed DNS query.

[CLOSE] OSVDB ID : 41730 - Disclosed: 2007-04-30

Description:

(Description Provided by CVE) : RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct.

[CLOSE] OSVDB ID : 35510 - Disclosed: 2007-04-29

Description:

appweb contains a flaw that may allow a remote denial of service. The issue is triggered when using format strings (%s %d %d ...) directly into the URL requested, and will result in loss of availability for the appweb server.

[CLOSE] OSVDB ID : 34356 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter.

[CLOSE] OSVDB ID : 35476 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : Directory traversal vulnerability in fileview.php in Imageview 5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the album parameter.

[CLOSE] OSVDB ID : 35503 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : PHP remote file inclusion vulnerability in help/index.php in The Merchant (themerchant) 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the show parameter.

[CLOSE] OSVDB ID : 35501 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php.

[CLOSE] OSVDB ID : 35502 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : Dynamic variable evaluation vulnerability in shared/config/tce_config.php in TCExam 4.0.011 and earlier allows remote attackers to conduct cross-site scripting (XSS) and possibly other attacks by modifying critical variables such as $_SERVER, as demonstrated by injecting web script via the _SERVER[SCRIPT_NAME] parameter.

[CLOSE] OSVDB ID : 35469 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors.

[CLOSE] OSVDB ID : 35466 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a "clean" exit in which "the server I/O loop finishes and the process exits normally."

[CLOSE] OSVDB ID : 35490 - Disclosed: 2007-04-29

Description:

(Description Provided by CVE) : Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information.

[CLOSE] OSVDB ID : 67627 - Disclosed: 2007-04-29

Description:

By default, 2Wire routers install with a default HTTP administrative password. The device has a password of '2wire' or 'Wireless' which is publicly known and documented. This allows attackers to trivially access the program or system.

[CLOSE] OSVDB ID : 35620 - Disclosed: 2007-04-28

Description:

(Description Provided by CVE) : ** DISPUTED ** Directory traversal vulnerability in modules/file.php in Seir Anphin allows remote attackers to obtain sensitive information via a .. (dot dot) in the a[filepath] parameter. NOTE: a third party has disputed this issue because the a array is populated by a database query before use.

[CLOSE] OSVDB ID : 34454 - Disclosed: 2007-04-28

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 34174 - Disclosed: 2007-04-28

Description:

Sphider contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php' script not properly sanitizing user input supplied to the 'include_dir' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

[CLOSE] OSVDB ID : 35474 - Disclosed: 2007-04-28

Description:

(Description Provided by CVE) : SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.

[CLOSE] OSVDB ID : 35616 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : ** REJECT ** The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-time-of-use file race"). NOTE: the researcher has retracted the original advisory, stating that "the portion of vulnerable code is not called in any current version of AFFLIB and is therefore not exploitable."

[CLOSE] OSVDB ID : 35613 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 URL in lib/vnode_s3.cpp; or (3) a long (c) EFW, (d) AFD, or (c) aimage file path. NOTE: the aimage vector (3c) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB.

[CLOSE] OSVDB ID : 35614 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 URL in lib/vnode_s3.cpp; or (3) a long (c) EFW, (d) AFD, or (c) aimage file path. NOTE: the aimage vector (3c) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB.

[CLOSE] OSVDB ID : 35615 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 URL in lib/vnode_s3.cpp; or (3) a long (c) EFW, (d) AFD, or (c) aimage file path. NOTE: the aimage vector (3c) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB.

[CLOSE] OSVDB ID : 35608 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called.

[CLOSE] OSVDB ID : 35640 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (b) magpie_simple.php in external/magpierss/scripts/, the (2) rss_url parameter to (c) magpie_slashbox.php in external/magpierss/scripts/, and the (3) body parameter to the (d) weblogmodule (aka Weblog Comments) module.

[CLOSE] OSVDB ID : 35641 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (b) magpie_simple.php in external/magpierss/scripts/, the (2) rss_url parameter to (c) magpie_slashbox.php in external/magpierss/scripts/, and the (3) body parameter to the (d) weblogmodule (aka Weblog Comments) module.

[CLOSE] OSVDB ID : 35642 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (b) magpie_simple.php in external/magpierss/scripts/, the (2) rss_url parameter to (c) magpie_slashbox.php in external/magpierss/scripts/, and the (3) body parameter to the (d) weblogmodule (aka Weblog Comments) module.

[CLOSE] OSVDB ID : 35643 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (b) magpie_simple.php in external/magpierss/scripts/, the (2) rss_url parameter to (c) magpie_slashbox.php in external/magpierss/scripts/, and the (3) body parameter to the (d) weblogmodule (aka Weblog Comments) module.

[CLOSE] OSVDB ID : 35607 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/aimage.cpp, (f) aimage/imager.cpp, and (g) tools/afxml.cpp. NOTE: the aimage.cpp vector (e) has since been recalled from the researcher's original advisory, since the code is not called in any version of AFFLIB.

[CLOSE] OSVDB ID : 38063 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.

[CLOSE] OSVDB ID : 35609 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_path parameter to (a) a_noskin.php, (b) a_stub.php, (c) admin.php, (d) contact.php, (e) default.php, (f) index.php, and (g) multiblogs.php in blogs/; the (2) view_path and (3) control_path parameters to blogs/admin.php; and the (4) skins_path parameter to (h) blogs/contact.php and (i) blogs/multiblogs.php. NOTE: this issue is disputed by CVE, since the inc_path, view_path, control_path, and skins_path variables are all initialized in conf/_advanced.php before they are used.

[CLOSE] OSVDB ID : 35438 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (daemon crash) and possibly execute arbitrary code via a certain update, which triggers a heap-based buffer overflow in update.c; and (2) cause a denial of service (daemon crash) via unspecified vectors that trigger an off-by-one stack-based buffer overflow in update.c.

[CLOSE] OSVDB ID : 35439 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (daemon crash) and possibly execute arbitrary code via a certain update, which triggers a heap-based buffer overflow in update.c; and (2) cause a denial of service (daemon crash) via unspecified vectors that trigger an off-by-one stack-based buffer overflow in update.c.

[CLOSE] OSVDB ID : 35437 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Buffer overflow in Hitachi Groupmax Mobile Option for Mobile-Phone 07-00 through 07-30, 5 for i-mode 05-11 through 05-23, and 6 for EZweb 06-00 through 06-04 allows remote attackers to execute arbitrary code via unspecified vectors.

[CLOSE] OSVDB ID : 35467 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.

[CLOSE] OSVDB ID : 35465 - Disclosed: 2007-04-27

Description:

(Description Provided by CVE) : Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.