Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-05-04 | CVE-2007-2495 | Denial of Service vulnerability in Office OCX ExcelViewer.OCX Excel Viewer ActiveX Multiple stack-based buffer overflows in the ExcelOCX ActiveX control in ExcelViewer.ocx 3.1.0.6 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) Save, (6) SaveWebFile, (7) HttpDownloadFile, (8) Open, or (9) OpenWebFile property value. | 7.5 |
| 2007-05-04 | CVE-2007-2494 | Denial of Service vulnerability in Office OCX PowerPoint Viewer ActiveX Multiple stack-based buffer overflows in the PowerPointOCX ActiveX control in PowerPointViewer.ocx 3.1.0.3 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) Save, (6) SaveWebFile, (7) HttpDownloadFile, (8) Open, or (9) OpenWebFile property value. | 10.0 |
| 2007-05-04 | CVE-2007-2493 | Remote File Include vulnerability in MXBB MX Faq Module Module_Root_Path PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 10.0 |
| 2007-05-04 | CVE-2007-2492 | SQL Injection vulnerability in Postnuke Software Foundation Postnuke V4Bjournal Module 0.99 SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action. | 7.5 |
| 2007-05-04 | CVE-2007-2491 | Denial-Of-Service vulnerability in Server The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337. | 7.2 |
| 2007-05-03 | CVE-2007-2490 | Denial of Service vulnerability in Livedata Iccp Server, Maintenance Server and Protocol Server Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denial of service (exit) via crafted Connection-Oriented Transport Protocol (COTP) packets. | 7.8 |
| 2007-05-03 | CVE-2007-2489 | Remote Heap Overflow vulnerability in LiveData Protocol Server WSDL Files Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 (5.00.062), allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a strncpy call. | 10.0 |
| 2007-05-03 | CVE-2007-2486 | Directory Traversal vulnerability in Motobit 1.3/1.5 Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 (aka PStruh-CZ) allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2007-05-03 | CVE-2007-2485 | Remote File Include vulnerability in Wordpress Myflash Plugin PHP remote file inclusion vulnerability in myflash-button.php in the myflash 1.00 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter. | 7.5 |
| 2007-05-03 | CVE-2007-2484 | Remote Security vulnerability in Wp-Table PHP remote file inclusion vulnerability in js/wptable-button.php in the wp-Table 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter. network ruben-boelinger | 6.8 |