|
284621
|
- |
|
sdl
|
sdl_image
|
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6697
|
2018-10-16 06:56 |
2008-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284622
|
- |
|
openldap
|
openldap
|
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to c…
|
CWE-399
Resource Management Errors
|
CVE-2007-6698
|
2018-10-16 06:56 |
2008-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284623
|
- |
|
f5
|
firepass_4100
|
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbit…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6704
|
2018-10-16 06:56 |
2008-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284624
|
- |
|
linksys
|
wag54gs
|
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6707
|
2018-10-16 06:56 |
2008-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284625
|
- |
|
linksys
|
wag54gs
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administ…
|
CWE-352
Origin Validation Error
|
CVE-2007-6708
|
2018-10-16 06:56 |
2008-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284626
|
- |
|
linksys
|
wag54gs
|
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6709
|
2018-10-16 06:56 |
2008-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284627
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter.
|
CWE-22
Path Traversal
|
CVE-2007-6528
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284628
|
- |
|
inmatrix
|
zoom_player
|
Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6533
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284629
|
- |
|
microsoft
|
publisher
|
Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wor…
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2007-6534
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284630
|
- |
|
google
|
toolbar
|
The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, …
|
CWE-200
Information Exposure
|
CVE-2007-6536
|
2018-10-16 06:55 |
2007-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
