Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-15 | CVE-2007-3780 | Improper Input Validation vulnerability in Mysql Community Server 5.0.41 MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol. | 5.0 |
| 2007-07-11 | CVE-2007-3716 | Improper Input Validation vulnerability in SUN JDK and JRE The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715. | 9.3 |
| 2007-07-11 | CVE-2007-3715 | Improper Input Validation vulnerability in SUN products Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716. | 9.3 |
| 2007-07-11 | CVE-2007-3711 | Improper Input Validation vulnerability in 3Com Tippingpoint IPS TOS Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets. | 7.5 |
| 2007-07-11 | CVE-2007-3701 | Improper Input Validation vulnerability in multiple products TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack. | 7.5 |
| 2007-06-26 | CVE-2006-7208 | Improper Input Validation vulnerability in Adam VAN Dongen COM Forum and PHPbb Component PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 6.8 |
| 2007-06-26 | CVE-2007-3400 | Improper Input Validation vulnerability in Nctsoft Nctaudioeditor and Nctaudiostudio The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method. | 9.3 |
| 2007-06-26 | CVE-2007-3391 | Improper Input Validation vulnerability in Wireshark 0.99.5 Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop. | 7.8 |
| 2007-06-26 | CVE-2007-3389 | Improper Input Validation vulnerability in Wireshark Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload. | 5.0 |
| 2007-06-01 | CVE-2007-1362 | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter within cookie path or name values, which could trigger a misinterpretation of cookie data, aka "Path Abuse in Cookies." | 4.3 |