Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-14 | CVE-2007-5196 | Information Exposure vulnerability in Suse Linux 10 Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195. | 7.5 |
| 2007-10-14 | CVE-2007-5195 | Information Exposure vulnerability in Suse Linux 10 Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196. | 6.8 |
| 2007-10-13 | CVE-2007-5439 | Permissions, Privileges, and Access Controls vulnerability in Broadcom Etrust Integrated Threat Management 8.1 CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors. | 5.0 |
| 2007-10-13 | CVE-2007-5438 | Improper Input Validation vulnerability in VMWare products Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function. | 1.9 |
| 2007-10-13 | CVE-2007-5437 | Link Following vulnerability in Broadcom Etrust Integrated Threat Management 8.1 The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689. | 5.8 |
| 2007-10-13 | CVE-2007-5436 | Buffer Errors vulnerability in Gdata Antivirus 2007 Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. | 7.6 |
| 2007-10-13 | CVE-2007-5435 | Resource Management Errors vulnerability in Broadcom Erwin Process Modeler 7.2 Unspecified vulnerability in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.2 might allow user-assisted remote attackers to cause a denial of service via a crafted Data Standards File (Datatype Standards File). | 4.3 |
| 2007-10-13 | CVE-2007-4995 | Numeric Errors vulnerability in Openssl Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2007-10-13 | CVE-2007-5332 | Resource Management Errors vulnerability in Broadcom products Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption. | 10.0 |
| 2007-10-13 | CVE-2007-5331 | Code Injection vulnerability in multiple products Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers. | 10.0 |