Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-04-24 | CVE-2007-0725 | Multiple Security vulnerability in Apple Mac OS X 2007-004 Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by "sending malformed control commands." | 7.2 |
| 2007-04-24 | CVE-2007-0443 | Buffer Overflow vulnerability in GraceNote CDDBControl Multple Parameters ActiveX Control Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters. | 9.3 |
| 2007-04-22 | CVE-2007-2169 | Remote Code Execution vulnerability in Mozzers SubSystem Add.PHP Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote attackers to inject PHP code into subs.php via the (1) Sub-name or (2) Sub-url field. | 7.5 |
| 2007-04-22 | CVE-2007-2168 | Remote Code Execution vulnerability in AimStats Process.PHP Static code injection vulnerability in process.php in AimStats 3.2 and earlier allows remote attackers to inject PHP code into config.php via the databasehost parameter. | 7.5 |
| 2007-04-22 | CVE-2007-2167 | Remote Code Execution vulnerability in Aimstats 3.2 Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action. | 7.5 |
| 2007-04-22 | CVE-2007-2166 | Remote File Include vulnerability in OpenSurveyPilot Group.Inc.PHP PHP remote file inclusion vulnerability in administration/user/lib/group.inc.php in OpenSurveyPilot (osp) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathToProjectAdmin parameter. network opensurveypilot | 6.8 |
| 2007-04-22 | CVE-2007-2165 | Authentication Module Security Bypass vulnerability in ProFTPD AUTH The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd. | 5.1 |
| 2007-04-22 | CVE-2007-2164 | Denial-Of-Service vulnerability in KDE Konqueror 3.5.5 Konqueror 3.5.5 release 45.4 allows remote attackers to cause a denial of service (browser crash or abort) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/. | 5.0 |
| 2007-04-22 | CVE-2007-2163 | Denial-Of-Service vulnerability in Safari Apple Safari allows remote attackers to cause a denial of service (browser crash) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/. | 5.0 |
| 2007-04-22 | CVE-2007-2162 | Denial-Of-Service vulnerability in Iceweasel (1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote attackers to cause a denial of service (browser crash or system hang) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/. | 7.8 |