Primary
Vendor — Product
Description
Discovered
Published
CVSS Score Source & Patch Info Adobe — Photoshop
Adobe — Photoshop Elements Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0, allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
unknown
2007-04-30
8.0 CVE-2007-2365
MILW0RM
BID
FRSIRT
SECUNIA
XF AFFLIB — AFFLIB Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 URL in lib/vnode_s3.cpp; or (3) a long (c) EFW, (d) AFD, or (c) aimage file path. NOTE: the aimage vector (3c) has since been recalled from the researcher’s original advisory, since the code is not called in any version of AFFLIB.
unknown
2007-04-30
10.0 CVE-2007-2053
BUGTRAQ
OTHER-REF
BID
XF AFFLIB — AFFLIB Multiple format string vulnerabilities in AFFLIB before 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/aimage.cpp, (f) aimage/imager.cpp, and (g) tools/afxml.cpp. NOTE: the aimage.cpp vector (e) has since been recalled from the researcher’s original advisory, since the code is not called in any version of AFFLIB.
unknown
2007-04-30
7.0 CVE-2007-2054
BUGTRAQ
OTHER-REF
XF AFFLIB — AFFLIB AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called.
unknown
2007-04-30
7.0 CVE-2007-2055
BUGTRAQ
OTHER-REF
XF AFFLIB — AFFLIB Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote attackers to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls, possibly involving (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afinfo.cpp, (e) aimage/imager.cpp, and (f) tools/afxml.cpp. NOTE: this identifier is intended to address the vectors that were not fixed in CVE-2007-2054, but the unfixed vectors were not explicitly listed.
unknown
2007-04-30
10.0 CVE-2007-2352
BUGTRAQ
OTHER-REF Ahhp-Portal — Ahhp-Portal Multiple PHP remote file inclusion vulnerabilities in page.php in Ahhp-Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) fp or (2) sc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-05-01
7.0 CVE-2007-2428
BID Ariadne — Ariadne CMS Cross-site scripting (XSS) vulnerability in index.php in Ariadne 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the ARLogin parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-05-02
7.0 CVE-2007-2433
SECUNIA Aventail — Aventail Connect Buffer overflow in asnsp.dll in Aventail Connect 4.1.2.13 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed DNS query.
unknown
2007-05-02
10.0 CVE-2007-2434
FULLDISC
BID
XF b2evolution — b2evolution ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in b2evolution allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_path parameter to (a) a_noskin.php, (b) a_stub.php, (c) admin.php, (d) contact.php, (e) default.php, (f) index.php, and (g) multiblogs.php in blogs/; the (2) view_path and (3) control_path parameters to blogs/admin.php; and the (4) skins_path parameter to (h) blogs/contact.php and (i) blogs/multiblogs.php. NOTE: this issue is disputed by CVE, since the inc_path, view_path, control_path, and skins_path variables are all initialized in conf/_advanced.php before they are used.
unknown
2007-04-30
7.0 CVE-2007-2358
BUGTRAQ
VIM
XF Burak Yilmaz — Burak Yilmaz Blog SQL injection vulnerability in bry.asp in Burak Yilmaz Blog 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2007-05-01
7.0 CVE-2007-2420
BUGTRAQ
BID
XF Burnstone — BurnCMS Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/; or (3) authuser.php, (4) misc.php, or (5) connect.php in lib/.
unknown
2007-04-30
7.0 CVE-2007-2364
MILW0RM
BID
FRSIRT
XF Cerulean Studios — Trillian Pro Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (pluginsrendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.
unknown
2007-05-02
7.0 CVE-2007-2418
OTHER-REF Cerulean Studios — Trillian Pro Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string.
unknown
2007-05-02
7.0 CVE-2007-2478
IDEFENSE
OTHER-REF
BID
FRSIRT
SECTRACK
SECUNIA
XF
XF Cisco — PIX
Cisco — Adaptive Security Appliance Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.
unknown
2007-05-02
10.0 CVE-2007-2462
CISCO
CERT-VN
BID CMS Made Simple — CMS Made Simple SQL injection vulnerability in stylesheet.php in CMS Made Simple 1.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter.
unknown
2007-05-02
7.0 CVE-2007-2473
OTHER-REF
OTHER-REF
BID
SECUNIA Comdev — Modules Builder ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter to (1) config-bak.php or (2) config.php. NOTE: CVE disputes this vulnerability because the unmodified scripts set the applicable variable to the empty string; reasonable modified copies would use a fixed pathname string.
unknown
2007-05-01
7.0 CVE-2007-2422
BUGTRAQ
XF E-Annu — E-Annu SQL injection vulnerability in home.php in E-Annu allows remote attackers to execute arbitrary SQL commands via the a parameter.
unknown
2007-05-01
7.0 CVE-2007-2416
BUGTRAQ
BID
XF EMC — RSA Security SiteKey EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP.
unknown
2007-04-30
10.0 CVE-2006-7201
OTHER-REF
OTHER-REF Fabrice Bellard — QEMU Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2 might allow local users to execute arbitrary code via unspecified vectors related to “attempting to mark non-existent regions as dirty,” aka the “bitblt” heap overflow.
unknown
2007-05-02
7.0 CVE-2007-1320
OTHER-REF
DEBIAN
BID
FRSIRT
SECUNIA
SECUNIA FileRun — FileRun SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter.
unknown
2007-05-02
7.0 CVE-2007-2469
OTHER-REF
BID
SECUNIA FireFly — FireFly Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/.
unknown
2007-05-02
7.0 CVE-2007-2456
MILW0RM
VIM
BID
FRSIRT FireFly — FireFly PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-05-02
7.0 CVE-2007-2460
VIM
FRSIRT Gregory Kokanosky — phpMyNewsLetter admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier provides access to configuration modification before login, which allows remote attackers to cause a denial of service (loss of configuration data), and possibly perform direct static code injection, via a saveGlobalconfig action.
unknown
2007-04-30
10.0 CVE-2007-2371
MILW0RM
BID Gregory Kokanosky — phpMyNewsLetter admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/.
unknown
2007-04-30
10.0 CVE-2007-2372
MILW0RM
BID Hitachi — Groupmax Mobile Option Buffer overflow in Hitachi Groupmax Mobile Option for Mobile-Phone 07-00 through 07-30, 5 for i-mode 05-11 through 05-23, and 6 for EZweb 06-00 through 06-04 allows remote attackers to execute arbitrary code via unspecified vectors.
unknown
2007-05-01
7.0 CVE-2007-2421
OTHER-REF
BID
FRSIRT
SECUNIA
XF HP — Power Manager Remote Agent Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors.
unknown
2007-04-30
7.0 CVE-2007-2351
HP
BID
FRSIRT
SECUNIA
SECTRACK IBM — WebSphere Application Server Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 5.1.1.14, and WAS for z/OS 601 before 6.0.2.13, has unknown impact and attack vectors, related to a “Potential security exposure,” aka PK26123.
unknown
2007-04-30
7.0 CVE-2006-7198
OTHER-REF
AIXAPAR
AIXAPAR
FRSIRT
SECTRACK
SECUNIA
XF ManageEngine — PasswordManager Pro ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the “-port 2345” and “-u root” arguments. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-05-01
10.0 CVE-2007-2429
BID Microsoft — Windows 2000
Microsoft — Windows Server 2003
Microsoft — Windows XP Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source.
unknown
2007-04-30
8.0 CVE-2007-2374
OTHER-REF
BID MicroWorld Technologies — eScan The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan 8.0.671.1, and possibly other versions, allows remote or local attackers to gain privileges and execute arbitrary commands by connecting directly to TCP port 2222.
unknown
2007-05-02
10.0 CVE-2007-0655
OTHER-REF
FRSIRT
SECUNIA Novell — Novell SecureLogin Unspecified vulnerability in the ADSCHEMA utility in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to granting “users excess permissions to their own attributes.”
unknown
2007-05-02
7.0 CVE-2007-2475
NOVELL
FRSIRT Novell — Novell SecureLogin Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes.
unknown
2007-05-02
7.0 CVE-2007-2476
OTHER-REF
FRSIRT Nukedit — Nukedit Cross-site scripting (XSS) vulnerability in utilities/search.asp in nukedit 4.9.7b allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2007-05-02
7.0 CVE-2007-2432
BID
SECUNIA OPeNDAP — Server3 The get_url function in DODS_Dispatch.pm for the CGI_server in OPeNDAP 3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
unknown
2007-04-30
10.0 CVE-2007-2355
OTHER-REF
OTHER-REF
CERT-VN
BID
FRSIRT
SECTRACK
SECUNIA phpMyChat — phpMyChat ** DISPUTED ** PHP remote file inclusion vulnerability in phpMyChat.php3 in phpMyChat 0.14.5 allows remote attackers to execute arbitrary PHP code via a URL in the {ChatPath} parameter. NOTE: this has been disputed by multiple third parties and CVE because $ChatPath is set to a constant value.
unknown
2007-05-02
7.0 CVE-2007-2477
BUGTRAQ
BUGTRAQ
VIM
VIM Pixaria — Pixaria Gallery PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery before 1.4.3 allows remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter.
unknown
2007-05-02
7.0 CVE-2007-2457
MILW0RM
OTHER-REF
OTHER-REF
OTHER-REF
BID
FRSIRT
SECUNIA
XF Pixaria — Pixaria Gallery Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery before 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter to psg.smarty.lib.php and certain include and library scripts.
unknown
2007-05-02
7.0 CVE-2007-2458
OTHER-REF
OTHER-REF
OTHER-REF
FRSIRT pnFlashGames — pnFlashGames SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
unknown
2007-05-01
7.0 CVE-2007-2427
MILW0RM
BID Ruben Boelinger — myflash PHP remote file inclusion vulnerability in myflash-button.php in the myflash 1.00 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter.
unknown
2007-05-03
7.0 CVE-2007-2485
MILW0RM
OTHER-REF
BID
FRSIRT
XF Sphider — Sphider ** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. NOTE: a third party disputes this vulnerability, stating that “the application is not vulnerable to this issue.”
unknown
2007-05-01
7.0 CVE-2007-2411
BUGTRAQ
BID
BUGTRAQ
XF Sun — JRE
Sun — SDK
Sun — Java Enterprise System Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to “Incorrect Use of System Classes” and probably related to support for JNLP files.
unknown
2007-05-02
7.0 CVE-2007-2435
SUNALERT
BID
FRSIRT
SECUNIA
SECTRACK
XF Symantec — LiveState Recovery
Symantec — Ghost
Symantec — BackupExec System Recovery
Symantec — Norton Save & Recovery Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
unknown
2007-04-30
7.0 CVE-2007-2359
IDEFENSE
OTHER-REF
SECTRACK
XF Symantec — Enterprise Security Manager The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent upgrade protocol.
unknown
2007-04-30
10.0 CVE-2007-2375
OTHER-REF
BID
SECUNIA Tecnick.com — TCExam Dynamic variable evaluation vulnerability in shared/config/tce_config.php in TCExam 4.0.011 and earlier allows remote attackers to conduct cross-site scripting (XSS) and possibly other attacks by modifying critical variables such as $_SERVER, as demonstrated by injecting web script via the _SERVER[SCRIPT_NAME] parameter.
unknown
2007-05-01
7.0 CVE-2007-2431
MILW0RM
OTHER-REF
VIM The GIMP Team — GIMP Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
unknown
2007-04-30
8.0 CVE-2007-2356
MILW0RM
BID
SECUNIA
XF
OTHER-REF
FRSIRT The Merchant Project — The Merchant PHP remote file inclusion vulnerability in help/index.php in The Merchant (themerchant) 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the show parameter.
unknown
2007-05-01
7.0 CVE-2007-2424
MILW0RM Tony Cook — Imager Heap-based buffer overflow in Imager before 0.57 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via compressed 8-bit BMP files.
unknown
2007-05-01
10.0 CVE-2007-2413
OTHER-REF
OTHER-REF
SECUNIA
BID
FRSIRT Turnkey Web Tools — SunShop Shopping Cart Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different vectors than CVE-2007-2070.
unknown
2007-05-02
7.0 CVE-2007-2474
BUGTRAQ
BID VIM Development Group — VIM The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
unknown
2007-05-02
8.0 CVE-2007-2438
MLIST
MLIST
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BUGTRAQ
BID
FRSIRT
SECUNIA WF-Links — WF-Links SQL injection vulnerability in viewcat.php in the WF-Links (wflinks) 1.03 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter.
unknown
2007-04-30
7.0 CVE-2007-2373
MILW0RM Wildbits — myGallery PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter.
unknown
2007-05-01
7.0 CVE-2007-2426
MILW0RM
BID
FRSIRT
SECUNIA
XF Xoops — John Mordo Jobs Module SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings.
unknown
2007-04-30
7.0 CVE-2007-2370
MILW0RM
VIM