Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-14 | CVE-2007-0931 | Multiple vulnerability in Aruba Mobility Controller Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings. | 7.5 |
2007-02-14 | CVE-2007-0930 | Input Validation vulnerability in Apache Stats Extract Function Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function. | 7.5 |
2007-02-14 | CVE-2007-0927 | Remote Buffer Overflow vulnerability in Utorrent 1.6 Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a torrent file with a crafted announce header. | 7.5 |
2007-02-14 | CVE-2007-0926 | Remote Security vulnerability in Kvguestbook 1.0Beta The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables. | 7.5 |
2007-02-14 | CVE-2007-0924 | Authentication Bypass vulnerability in Till Gerken PHPpolls 1.0.3 Till Gerken phpPolls 1.0.3 allows remote attackers to bypass authentication and perform certain administrative actions via a direct request to phpPollAdmin.php3. | 7.5 |
2007-02-14 | CVE-2007-0923 | Input Validation vulnerability in Radical Technologies Portal Search buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information (business logic) via a query string composed of a search for certain characters. | 7.8 |
2007-02-14 | CVE-2007-0920 | SQL Injection vulnerability in Philboard Philboard_forum.ASP SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | 7.5 |
2007-02-14 | CVE-2007-0919 | Directory Traversal vulnerability in Nickolas Grigoriadis Mini web Server 0.0.6 Directory traversal vulnerability in Nickolas Grigoriadis Mini Web server (MiniWebsvr) 0.0.6 allows remote attackers to list the directory immediately above the web root via a ..%00 sequence in the URI. | 7.8 |
2007-02-14 | CVE-2007-0918 | Unspecified vulnerability in Cisco IOS The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. network cisco | 7.1 |
2007-02-14 | CVE-2007-0914 | Remote Denial of Service vulnerability in SUN Solaris 10.0 Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors. network sun | 7.1 |