|
298621
|
- |
|
apple
|
mac_os_x
|
Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from making network requests, which might allow remote attackers to obtain sensitive information.
|
CWE-16
CWE-264
Configuration
Permissions, Privileges, and Access Controls
|
CVE-2007-5856
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298622
|
- |
|
apple
|
mac_os_x
|
Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file is previewed or if an icon is created, which might allow remote attackers to obtain sensitive info…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5857
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298623
|
- |
|
apple
|
safari
|
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that…
|
CWE-399
Resource Management Errors
|
CVE-2007-5859
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298624
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbitrary code via unspecified output files, involving an "insecure file operation."
|
NVD-CWE-Other
|
CVE-2007-5860
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298625
|
- |
|
apple
|
mac_os_x
|
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS fil…
|
NVD-CWE-noinfo
CWE-399
Resource Management Errors
|
CVE-2007-5861
|
2017-07-29 10:33 |
2007-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298626
|
- |
|
coppermine
|
coppermine_photo_gallery
|
Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the data parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2007-5888
|
2017-07-29 10:33 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298627
|
- |
|
manageengine
|
opmanager
opmanager_msp
|
Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) r…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5891
|
2017-07-29 10:33 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298628
|
- |
|
alhem
|
c\+\+_sockets_library
|
HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote attackers to cause a denial of service (crash) via an HTTP request with a missing protocol version number, which triggers an excep…
|
CWE-20
Improper Input Validation
|
CVE-2007-5893
|
2017-07-29 10:33 |
2007-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298629
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (…
|
CWE-399
Resource Management Errors
|
CVE-2007-5896
|
2017-07-29 10:33 |
2007-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298630
|
- |
|
adobe
|
coldfusion
|
Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions via unspecified vectors that trigger establishment of a session to a ColdFusion application in which the (1) CFID or (2) CFTOKEN…
|
CWE-255
Credentials Management
|
CVE-2007-5905
|
2017-07-29 10:33 |
2007-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
