Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 331 703

Количество 331 703

nvd логотип

CVE-2007-1671

почти 19 лет назад

avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVSS2: 7.8
EPSS: Низкий
nvd логотип

CVE-2007-1670

почти 19 лет назад

Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVSS2: 7.8
EPSS: Низкий
nvd логотип

CVE-2007-1669

почти 19 лет назад

zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVSS2: 7.8
EPSS: Средний
nvd логотип

CVE-2007-1667

почти 19 лет назад

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-1666

почти 19 лет назад

The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.

CVSS2: 10
EPSS: Низкий
nvd логотип

CVE-2007-1665

больше 18 лет назад

Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-1664

больше 18 лет назад

ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-1663

больше 18 лет назад

Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-1662

больше 18 лет назад

Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-1661

больше 18 лет назад

Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.

CVSS2: 6.4
EPSS: Низкий
nvd логотип

CVE-2007-1660

больше 18 лет назад

Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2007-1659

больше 18 лет назад

Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.

CVSS2: 6.8
EPSS: Низкий
nvd логотип

CVE-2007-1658

почти 19 лет назад

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).

CVSS2: 9.3
EPSS: Высокий
nvd логотип

CVE-2007-1657

почти 19 лет назад

Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-1656

почти 19 лет назад

Multiple SQL injection vulnerabilities in index.php in Katalog Plyt Audio 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fraza and (2) litera parameters, different vectors than CVE-2007-1612. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-1655

почти 19 лет назад

Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers.

CVSS2: 10
EPSS: Средний
nvd логотип

CVE-2007-1654

почти 19 лет назад

Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) before 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash) or possibly execute arbitrary code via multiple file transfers, related to multiple open file handles in SFTP (1) put and (2) get operations.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-1653

почти 19 лет назад

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses.

CVSS2: 7.8
EPSS: Низкий
nvd логотип

CVE-2007-1652

почти 19 лет назад

OpenID allows remote attackers to forcibly log a user into an OpenID enabled site, divulge the user's personal information to this site, and add it site to the trusted sites list via a crafted web page, related to cached tokens.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-1651

почти 19 лет назад

Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site.

CVSS2: 6.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2007-1671

avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVSS2: 7.8
2%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1670

Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVSS2: 7.8
2%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1669

zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

CVSS2: 7.8
15%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1667

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

CVSS2: 9.3
2%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1666

The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.

CVSS2: 10
4%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1665

Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

CVSS2: 5
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1664

ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.

CVSS2: 5
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1663

Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

CVSS2: 5
1%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1662

Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references.

CVSS2: 5
5%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1661

Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.

CVSS2: 6.4
3%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1660

Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.

CVSS2: 6.8
6%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1659

Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.

CVSS2: 6.8
5%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-1658

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).

CVSS2: 9.3
76%
Высокий
почти 19 лет назад
nvd логотип
CVE-2007-1657

Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument.

CVSS2: 7.5
5%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1656

Multiple SQL injection vulnerabilities in index.php in Katalog Plyt Audio 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fraza and (2) litera parameters, different vectors than CVE-2007-1612. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS2: 7.5
0%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1655

Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers.

CVSS2: 10
21%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1654

Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) before 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash) or possibly execute arbitrary code via multiple file transfers, related to multiple open file handles in SFTP (1) put and (2) get operations.

CVSS2: 9.3
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1653

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses.

CVSS2: 7.8
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1652

OpenID allows remote attackers to forcibly log a user into an OpenID enabled site, divulge the user's personal information to this site, and add it site to the trusted sites list via a crafted web page, related to cached tokens.

CVSS2: 7.5
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1651

Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site.

CVSS2: 6.8
2%
Низкий
почти 19 лет назад

Уязвимостей на страницу