Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-30 | CVE-2007-6192 | Cryptographic Issues vulnerability in Citrix Netscaler 8.0 The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack. | 4.3 |
| 2007-10-11 | CVE-2007-5373 | Cryptographic Issues vulnerability in Ldapscripts 1.4/1.7 ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function. | 2.1 |
| 2007-09-21 | CVE-2007-5024 | Cryptographic Issues vulnerability in EMC VMWare Server 1.0.4/1.0.4Build56528 EMC VMware Server before 1.0.4 Build 56528 writes passwords in cleartext to unspecified log files, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2005-3620. | 2.1 |
| 2007-09-18 | CVE-2007-4960 | Cryptographic Issues vulnerability in Linden LAB Second Life 1 Argument injection vulnerability in the Linden Lab Second Life secondlife:// protocol handler, as used in Internet Explorer and possibly Firefox, allows remote attackers to obtain sensitive information via a '" ' (double-quote space) sequence followed by the -autologin and -loginuri arguments, which cause the handler to post login credentials and software installation details to an arbitrary URL. | 5.0 |
| 2007-09-18 | CVE-2007-4751 | Cryptographic Issues vulnerability in Data-Vision Remotedocs R-Viewer RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files. | 1.9 |
| 2007-09-18 | CVE-2007-4750 | Cryptographic Issues vulnerability in Data-Vision Remotedocs R-Viewer Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allows user-assisted remote attackers to execute arbitrary code via a crafted RDZ archive in which the first file has an executable extension. | 9.3 |
| 2007-09-18 | CVE-2007-4928 | Cryptographic Issues vulnerability in Axis 207W Network Camera The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information. | 4.9 |
| 2007-09-18 | CVE-2007-4926 | Cryptographic Issues vulnerability in Axis 207W Camera The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which allows remote attackers to obtain sensitive information by sniffing the wireless network or by leveraging unspecified other vectors. | 9.3 |
| 2007-08-31 | CVE-2007-4613 | Cryptographic Issues vulnerability in BEA Weblogic Server SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an error response, a different vulnerability than CVE-2006-2461. | 6.8 |
| 2007-07-16 | CVE-2007-3805 | Cryptographic Issues vulnerability in Clavister Coreplus 8.81.00 The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (gateway stop) via certain certificates. | 5.4 |