|
299801
|
- |
|
apple
|
mac_os_x
|
Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available,…
|
CWE-287
Improper Authentication
|
CVE-2007-5855
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299802
|
- |
|
apple
|
mac_os_x
|
Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.
|
CWE-16
CWE-264
Configuration
Permissions, Privileges, and Access Controls
|
CVE-2007-5856
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299803
|
- |
|
apple
|
mac_os_x
|
Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive info…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5857
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299804
|
- |
|
apple
|
safari
|
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that…
|
CWE-399
Resource Management Errors
|
CVE-2007-5859
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299805
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."
|
NVD-CWE-Other
|
CVE-2007-5860
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299806
|
- |
|
apple
|
mac_os_x
|
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS fil…
|
NVD-CWE-noinfo
CWE-399
Resource Management Errors
|
CVE-2007-5861
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299807
|
- |
|
coppermine
|
coppermine_photo_gallery
|
Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the data parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5888
|
2017-07-29 10:33 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299808
|
- |
|
manageengine
|
opmanager
opmanager_msp
|
Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) r…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5891
|
2017-07-29 10:33 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299809
|
- |
|
alhem
|
c\+\+_sockets_library
|
HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote attackers to cause a denial of service (crash) via an HTTP request with a missing protocol version number, which triggers an excep…
|
CWE-20
Improper Input Validation
|
CVE-2007-5893
|
2017-07-29 10:33 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299810
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (…
|
CWE-399
Resource Management Errors
|
CVE-2007-5896
|
2017-07-29 10:33 |
2007-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
