Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-15 | CVE-2007-4698 | Cross-Site Scripting vulnerability in Apple Safari Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to conduct cross-site scripting (XSS) attacks by causing JavaScript events to be associated with the wrong frame. | 4.3 |
2007-11-15 | CVE-2007-4692 | Improper Authentication vulnerability in Apple Safari The tabbed browsing feature in Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to spoof HTTP authentication for other sites and possibly conduct phishing attacks by causing an authentication sheet to be displayed for a tab that is not active, which makes it appear as if it is associated with the active tab. | 4.3 |
2007-11-15 | CVE-2006-7229 | Resource Management Errors vulnerability in Ubuntu Linux Kernel 2.6.15 The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flood of network traffic. | 7.8 |
2007-11-14 | CVE-2007-3694 | Cross-Site Scripting vulnerability in Getmiro Broadcast Machine 0.9.9.9 Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |
2007-11-14 | CVE-2007-5957 | Multiple vulnerability in IBM Informix Dynamic Server Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests. | 4.9 |
2007-11-14 | CVE-2007-5956 | Path Traversal vulnerability in IBM Informix Dynamic Server Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable. | 7.2 |
2007-11-14 | CVE-2007-5955 | Cross-Site Scripting vulnerability in Updir Updir.Net 2.03 Cross-site scripting (XSS) vulnerability in updir.php in UPDIR.NET before 2.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2007-11-14 | CVE-2007-5954 | Cross-Site Scripting vulnerability in Jlmforo System Jlmforo System Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo System allows remote attackers to inject arbitrary web script or HTML via the clave parameter. | 4.3 |
2007-11-14 | CVE-2007-5953 | Information Disclosure vulnerability in DAViCal Really Simple CalDAV Store Unspecified vulnerability in Really Simple CalDAV Store (RSCDS) before 0.9.0 allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2007-11-14 | CVE-2007-5952 | Cross-Site Scripting vulnerability in Helioscalendar Helios Calendar 1.2.1Beta Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |