|
284881
|
- |
|
mywebftp
|
mywebftp
|
MyWebFTP, possibly 5.3.2, stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain an MD5 password hash via a direct request for pass/…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5919
|
2018-10-16 06:47 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284882
|
- |
|
bitchx
cypress
|
bitchx
cypress
|
The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostn…
|
CWE-200
Information Exposure
|
CVE-2007-5922
|
2018-10-16 06:47 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284883
|
- |
|
tetex
tug
|
tetex
texlive_2007
|
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5935
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284884
|
- |
|
tetex
tug
|
tetex
texlive_2007
|
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5936
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284885
|
- |
|
tetex
tug
|
tetex
texlive_2007
|
Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5937
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284886
|
- |
|
simple_machines
|
simple_machines_forum
|
Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a message in private forums by using the advanced search module with the "show results as messages" option, then searching for possib…
|
CWE-16
Configuration
|
CVE-2007-5943
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284887
|
- |
|
mozilla
|
firefox
seamonkey
|
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have t…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5947
|
2018-10-16 06:47 |
2007-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284888
|
- |
|
x.org
|
xserver
|
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages dependi…
|
CWE-200
Information Exposure
|
CVE-2007-5958
|
2018-10-16 06:47 |
2008-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284889
|
- |
|
mozilla
|
firefox
seamonkey
|
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via …
|
NVD-CWE-noinfo
|
CVE-2007-5959
|
2018-10-16 06:47 |
2007-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284890
|
- |
|
mozilla
|
firefox
|
ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service (application crash) via a crafted reply to an unspecified listing command, related to "reading from …
|
CWE-20
Improper Input Validation
|
CVE-2007-5691
|
2018-10-16 06:46 |
2007-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
