CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 2007

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2007-1081 2007-02-22 2017-07-29
7.5
None Remote Low Not required Partial Partial Partial
The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows attackers to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information.
52 CVE-2007-1080 DoS Overflow 2007-02-22 2017-10-11
7.8
None Remote Low Not required None None Complete
Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via (1) long filename in a response to a LIST command, and (2) a long response to a CWD command.
53 CVE-2007-1079 DoS Overflow 2007-02-22 2017-10-11
7.8
None Remote Low Not required None None Complete
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command.
54 CVE-2007-1078 94 Exec Code File Inclusion 2007-02-22 2018-10-16
7.5
None Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in index.php in FlashGameScript 1.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the func parameter.
55 CVE-2007-1077 Exec Code Sql 2007-02-22 2008-11-15
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in page.asp in Design4Online UserPages2 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
56 CVE-2007-1076 22 Dir. Trav. 2007-02-22 2017-07-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.
57 CVE-2007-1075 DoS 2007-02-22 2017-10-11
7.8
None Remote Low Not required None None Complete
TurboFTP 5.30 Build 572 allows remote servers to cause a denial of service (CPU consumption) via a response with a large number of newline characters.
58 CVE-2007-1074 Exec Code Overflow 2007-02-22 2017-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long group field in a (b) NZB file.
59 CVE-2007-1073 Exec Code 2007-02-22 2018-10-16
10.0
None Remote Low Not required Complete Complete Complete
Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.
60 CVE-2007-1072 264 DoS 2007-02-22 2019-05-23
7.2
None Local Low Not required Complete Complete Complete
The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.
61 CVE-2007-1071 DoS Exec Code Overflow 2007-02-22 2011-03-08
7.8
None Remote Low Not required None None Complete
Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503.
62 CVE-2007-1070 Exec Code Overflow 2007-02-21 2018-10-16
10.0
None Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll.
63 CVE-2007-1068 255 +Info 2007-02-22 2017-07-29
7.2
None Local Low Not required Complete Complete Complete
The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423.
64 CVE-2007-1067 +Priv 2007-02-22 2017-07-29
7.2
None Local Low Not required Complete Complete Complete
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624.
65 CVE-2007-1066 +Priv 2007-02-22 2017-07-29
6.8
None Local Low ??? Complete Complete Complete
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting "a thread under ConnectionClient.exe," aka CSCsg20558.
66 CVE-2007-1065 +Priv 2007-02-22 2017-07-29
6.8
None Local Low ??? Complete Complete Complete
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836.
67 CVE-2007-1064 +Priv 2007-02-22 2017-07-29
6.8
None Local Low ??? Complete Complete Complete
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120.
68 CVE-2007-1063 798 2007-02-22 2019-05-23
10.0
None Remote Low Not required Complete Complete Complete
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.
69 CVE-2007-1062 287 Bypass 2007-02-22 2019-05-23
10.0
None Remote Low Not required Complete Complete Complete
The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and earlier does not properly handle administrator HTTP sessions, which allows remote attackers to bypass authentication controls via a direct URL request to the administrative HTTP interface for a limited time
70 CVE-2007-1061 Exec Code Sql 2007-02-22 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
71 CVE-2007-1060 Exec Code File Inclusion 2007-02-22 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, when register_globals and allow_fopenurl are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the ROOTDIR parameter to (1) createemails.inc.php and (2) send_emails.inc.php in /admin/includes/.
72 CVE-2007-1059 Exec Code File Inclusion 2007-02-22 2017-10-19
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the gbpfad parameter. NOTE: some sources mention "Ultimate Fun Board," but this appears to be an error.
73 CVE-2007-1058 Exec Code Sql 2007-02-21 2017-10-19
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in user_pages/page.asp in Online Web Building 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter.
74 CVE-2007-1057 Exec Code 2007-02-21 2017-10-11
6.9
None Local Medium Not required Complete Complete Complete
The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client.
75 CVE-2007-1056 264 2007-02-21 2018-10-16
7.2
None Local Low Not required Complete Complete Complete
VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the "VMware tools service" service. NOTE: exploitation is simplified via (1) weak file permissions (Users = Read & Execute) for %PROGRAMFILES%\VMware; and weak registry key permissions (access by Users) for (2) vmmouse, (3) vmscsi, (4) VMTools, (5) vmx_svga, and (6) vmxnet in HKLM\SYSTEM\CurrentControlSet\Services\; which allows local users to perform various privileged actions outside of the guest OS by executing certain files under %PROGRAMFILES%\VMware\VMware Tools, as demonstrated by (a) VMControlPanel.cpl and (b) vmwareservice.exe.
76 CVE-2007-1055 94 XSS 2007-02-21 2018-10-19
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177.
77 CVE-2007-1054 XSS 2007-02-21 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer.
78 CVE-2007-1053 Exec Code File Inclusion 2007-02-21 2018-10-16
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpXmms 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the tcmdp parameter to (1) phpxmmsb.php or (2) phpxmmst.php. NOTE: this issue has been disputed by a reliable third party, stating that the tcmdp variable is initialized by config.php.
79 CVE-2007-1052 Exec Code File Inclusion 2007-02-21 2018-10-16
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dbpath parameter, a different vector than CVE-2006-5062. NOTE: this issue has been disputed by a reliable third party for 4.65, stating that the dbpath variable is initialized in an included file that is created upon installation.
80 CVE-2007-1051 Bypass 2007-02-21 2018-10-16
4.6
None Local Low Not required Partial Partial Partial
Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.
81 CVE-2007-1050 79 XSS 2007-02-21 2018-10-16
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via (1) the go parameter, (2) the keyword parameter in the search menu (go=search), or (3) the username or (4) the password in a go=Login action.
82 CVE-2007-1049 XSS 2007-02-21 2011-03-08
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and possibly other vectors involving the action variable.
83 CVE-2007-1048 Exec Code File Inclusion 2007-02-21 2018-10-16
7.5
None Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in admin_rebuild_search.php in phpbb_wordsearch allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
84 CVE-2007-1047 2007-02-21 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in Distributed Checksum Clearinghouse (DCC) before 1.3.51 allows remote attackers to delete or add hosts in /var/dcc/maps.
85 CVE-2007-1046 2007-02-21 2018-10-16
5.0
None Remote Low Not required Partial None None
Dem_trac allows remote attackers to read log file contents via a direct request for /anc_sit.txt.
86 CVE-2007-1045 264 +Priv 2007-02-21 2018-10-16
10.0
None Remote Low Not required Complete Complete Complete
mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"sdfg", which allows remote attackers to gain privileges.
87 CVE-2007-1044 200 +Info 2007-02-21 2018-10-16
5.0
None Remote Low Not required Partial None None
Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2.
88 CVE-2007-1043 Bypass 2007-02-21 2018-10-16
7.5
None Remote Low Not required Partial Partial Partial
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
89 CVE-2007-1042 22 Dir. Trav. +Info 2007-02-21 2017-07-29
5.8
None Remote Medium Not required Partial Partial None
Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
90 CVE-2007-1041 119 Exec Code Overflow 2007-02-21 2017-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote attackers to execute arbitrary code via a .nzb file with a long (1) group or (2) subject string.
91 CVE-2007-1040 Dir. Trav. +Info 2007-02-21 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter.
92 CVE-2007-1039 2007-02-21 2017-07-29
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 and earlier has unknown impact and attack vectors.
93 CVE-2007-1038 DoS 2007-02-21 2017-07-29
5.0
None Remote Low Not required None None Partial
Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a .nzb file with a subject field containing ';' (semicolon) characters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
94 CVE-2007-1037 119 Exec Code Overflow 2007-02-21 2017-07-29
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier allows remote attackers to execute arbitrary code via a .nzb file with a long subject field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
95 CVE-2007-1036 264 Bypass 2007-02-21 2018-10-16
7.5
None Remote Low Not required Partial Partial Partial
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests.
96 CVE-2007-1035 2007-02-21 2017-07-29
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.
97 CVE-2007-1034 89 Exec Code Sql 2007-02-21 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
98 CVE-2007-1033 Bypass 2007-02-21 2017-07-29
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x-dev module for Drupal allows remote attackers to bypass access restrictions via a crafted URL.
99 CVE-2007-1032 +Priv 2007-02-21 2017-07-29
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."
100 CVE-2007-1031 22 Dir. Trav. 2007-02-21 2017-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter.
Total number of vulnerabilities : 534   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.