Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-08 | CVE-2007-0035 | Improper Input Validation vulnerability in Microsoft Office and Works Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word Array Overflow Vulnerability." | 9.3 |
2007-05-08 | CVE-2007-2521 | Code Injection vulnerability in E-Gads PHP remote file inclusion vulnerability in common.php in E-GADS! before 2.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the locale parameter. | 7.5 |
2007-05-07 | CVE-2007-2488 | Information Disclosure vulnerability in Asterisk IAX2 Text Frame The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate data, which allows remote attackers to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application crash), by sending a frame that lacks a 0 byte. | 10.0 |
2007-05-07 | CVE-2007-2239 | Remote Buffer Overflow vulnerability in Axis Camera Control ActiveX Control AxisCamControl.OCX Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100, 2110, 2120, 2130 PTZ, 2420, 2420-IR, 2400, 2400+, 2401, 2401+, 2411, and Panorama PTZ allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long argument. | 9.3 |
2007-05-07 | CVE-2007-1861 | Resource Management Errors vulnerability in Linux Kernel The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow. | 4.9 |
2007-05-04 | CVE-2007-2507 | Directory Traversal vulnerability in Treble Designs 1024 CMS 0.7 Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows remote attackers to read arbitrary files via a .. | 7.8 |
2007-05-04 | CVE-2007-2506 | Denial Of Service vulnerability in Progress WebSpeed WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or wsisa.dll with WService=wsbroker1/_edit.r in the PATH_INFO. | 7.8 |
2007-05-04 | CVE-2007-2505 | Remote Buffer Overflow vulnerability in Intervations Mailcopa 8.0120070323 Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attackers to execute arbitrary code via a long command line argument, as demonstrated by a long string in the subject field in a mailto URI. | 9.3 |
2007-05-04 | CVE-2007-2502 | Denial of Service vulnerability in HP ProCurve 9300m Switches Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015. | 7.8 |
2007-05-04 | CVE-2007-2501 | Unspecified vulnerability in Fernando M.A.D.S. Codepress Eval injection vulnerability in codepress.html in CodePress before 0.9.4 allows remote attackers to execute arbitrary code via certain input that is used in an eval function call. | 7.5 |