 |
|
|
| Затронутые продукты: |  | APPLE : QuickTime 7.1 | | CVE: |  | CVE-2007-0718 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a QTIF file with a Video Sample Description containing a Color table ID of 0, which triggers memory corruption when QuickTime assumes that a color table exists.) | | | | CVE-2007-0717 (Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.) | | | | CVE-2007-0716 (Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file.) | | | | CVE-2007-0715 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT file.) | | | | CVE-2007-0714 (Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom (UDTA) with an Atom size field with a large value.) | | | | CVE-2007-0713 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie file.) | | | | CVE-2007-0712 (Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MIDI file.) | | | | CVE-2007-0711 (Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file.) |
| Затронутые продукты: | | PHP : PHP 4.4 | | | | PHP : PHP 5.2 | | CVE: | | CVE-2007-1396 (The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, should be included in CVE. However, it has been fixed by the vendor.) |
| Затронутые продукты: | | WORDPRESS : WordPress 2.1 | | | | PHPNUKE : PHP-Nuke 8.0 | | | | WEBO : Web Organizer 1.0 | | | | PHPMYADMIN : phpMyAdmin 2.10 | | | | DYNALIENS : dynaliens 2.1 | | CVE: | | CVE-2007-1520 (The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks.) | | | | CVE-2007-1519 (Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948.) | | | | CVE-2007-1416 (PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote attackers to execute arbitrary PHP code via a URL in the formurl parameter.) | | | | CVE-2007-1414 (Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote attackers to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions.php, (d) include/plugin_api.inc.php, (e) index.php, or (f) pluginmgr.php.) | | | | CVE-2007-1395 (Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase </SCRIPT> end tag, which bypasses the protection against lowercase </script>.) | | | | CVE-2007-1391 (PHP remote file inclusion vulnerability in modules/abook/foldertree.php in Leo West WEBO (aka weborganizer) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter.) | | | | CVE-2007-1390 (Multiple cross-site scripting (XSS) vulnerabilities in dynaliens 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) recherche.php3 or (2) ajouter.php3.) | | | | CVE-2007-1389 (dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privileged actions via a direct request for (1) validlien.php3 (2) supprlien.php3 (3) supprub.php3 (4) validlien.php3 (5) confsuppr.php3 (6) modiflien.php3, or (7) confmodif.php3 in admin/.) | | | | CVE-2007-1325 (The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.) |
| Оригинальный текст |  | RaeD Hasadya, Remote File Include In Script Coppermine Photo Gallery (09.03.2007) |
| | | c_r_ck_(at)_hotmail.com, Lazarus Guestbook (admin.php)Remote File Include Expliot (09.03.2007) |
| | | sn0oPy.team_(at)_gmail.com, dynaliens v2.0/v2.1 bypass admin authentification + XSS (09.03.2007) |
| | | alfa_(at)_virtuax.be, xss in phpmyadmin >=2.8.0 and < 2.10.0 (09.03.2007) |
| | | r00t2000_(at)_hush.com, Word Press Sensitive Directory exposure (SQL) (09.03.2007) |
| | | RaeD Hasadya, Remote File Include In Script copyright (c) James Coyle; JCcorp (09.03.2007) |
| | | erdc_(at)_echo.or.id, [ECHO_ADV_67$2007] WEBO (Web Organizer) <= 1.0 (baseDir) Remote File Inclusion Vulnerability (09.03.2007) |
| | | RaeD Hasadya, XSS In Script deviantART (09.03.2007) |
| | | Omid, Sql injection in WordPress 2.1.2 (09.03.2007) |
| | | ascii, Php Nuke POST XSS on steroids (09.03.2007) |
| Затронутые продукты: | | OMNIKEY : CardMan 4040 | | CVE: | | CVE-2007-0005 (Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges.) |
| Затронутые продукты: | | PHP : PHP 4.4 | | CVE: | | CVE-2007-1401 (Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions before 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.) |
| Затронутые продукты: | | CA : eTrust Admin 8.1 | | CVE: | | CVE-2007-1345 (Unspecified vulnerability in cube.exe in the GINA component for CA (Computer Associates) eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the password reset interface.) |
| Затронутые продукты: | | NOVELL : NetMail 3.5 | | CVE: | | CVE-2007-1350 (Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication.) |
| Затронутые продукты: | | CONQUEST : Conquest 8.2 | | CVE: | | CVE-2007-1371 (Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933.) |
| Затронутые продукты: | | ORACLE : MySQL 5.0 | | CVE: | | CVE-2007-1420 (MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.) |
|
|
|
|
|
|
|
|
