|
284581
|
- |
|
dokeos
|
open_source_learning_and_knowledge_management
open_source_learning_and_knowledge_management_tool
|
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a displa…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6574
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284582
|
- |
|
kde
|
konqueror
|
KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in sub…
|
NVD-CWE-Other
|
CVE-2007-6591
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284583
|
- |
|
apple
|
safari
|
Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSNa…
|
NVD-CWE-Other
|
CVE-2007-6592
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284584
|
- |
|
ibm
|
lotus_notes
|
Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary co…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6593
|
2018-10-16 06:55 |
2007-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284585
|
- |
|
clam_anti-virus
|
clamav
|
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool…
|
CWE-59
Link Following
|
CVE-2007-6595
|
2018-10-16 06:55 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284586
|
- |
|
clam_anti-virus
|
clamav
|
ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file.
|
CWE-20
Improper Input Validation
|
CVE-2007-6596
|
2018-10-16 06:55 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284587
|
- |
|
dovecot
|
dovecot
|
Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a diffe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6598
|
2018-10-16 06:55 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284588
|
- |
|
postgresql
|
postgresql
|
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6600
|
2018-10-16 06:55 |
2008-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284589
|
- |
|
openbiblio
|
openbiblio
|
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2007-6606
|
2018-10-16 06:55 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284590
|
- |
|
openbiblio
|
openbiblio
|
OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields…
|
CWE-200
Information Exposure
|
CVE-2007-6607
|
2018-10-16 06:55 |
2008-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
