Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2007-05-14 CVE-2007-2444 Improper Privilege Management vulnerability in multiple products
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.
local
low complexity
samba debian canonical CWE-269
7.2
2007-05-10 CVE-2007-2583 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
network
low complexity
oracle debian canonical
4.0
2007-05-09 CVE-2007-1864 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
network
low complexity
php debian canonical redhat CWE-119
7.5
2007-04-24 CVE-2007-2138 Permissions, Privileges, and Access Controls vulnerability in multiple products
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings."
6.0
2007-04-06 CVE-2007-1887 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
network
low complexity
php canonical debian CWE-120
7.5
2007-04-06 CVE-2007-1216 Double Free vulnerability in multiple products
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via a message with an "an invalid direction encoding".
network
low complexity
mit canonical debian CWE-415
critical
9.0
2007-04-06 CVE-2007-0957 Out-Of-Bounds Write vulnerability in multiple products
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers.
network
low complexity
mit debian canonical CWE-787
critical
9.0
2007-04-06 CVE-2007-0956 Missing Authentication for Critical Function vulnerability in multiple products
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
network
low complexity
mit debian canonical CWE-306
critical
10.0
2007-03-30 CVE-2007-1349 Improper Input Validation vulnerability in multiple products
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
network
low complexity
apache canonical redhat CWE-20
5.0
2007-03-21 CVE-2007-1562 Information Exposure vulnerability in multiple products
The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
6.8