Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-06 | CVE-2007-0756 | Remote Denial of Service vulnerability in Chicken of the VNC Chicken of the VNC 2.0 Chicken of the VNC (cotv) 2.0 allows remote attackers to cause a denial of service (application crash) via a large computer-name size value in a ServerInit packet, which triggers a failed malloc and a resulting NULL dereference. | 7.8 |
| 2007-02-06 | CVE-2007-0454 | USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. | 7.5 |
| 2007-02-04 | CVE-2007-0709 | Denial-Of-Service vulnerability in Comodo Firewall Pro cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments. | 7.2 |
| 2007-02-04 | CVE-2007-0708 | Denial of Service vulnerability in Comodo Firewall PRO 2.4.16.174 cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments. | 7.2 |
| 2007-02-04 | CVE-2007-0706 | Security Bypass vulnerability in Darksky Rss Bar Cross-zone scripting vulnerability in Darksky RSS bar for Internet Explorer before 1.29, RSS bar for Sleipnir before 1.29, and RSS bar for unDonut before 1.29 allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. | 7.5 |
| 2007-02-04 | CVE-2007-0705 | Security Bypass vulnerability in Portable Sleipnir Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. | 7.5 |
| 2007-02-04 | CVE-2007-0704 | Remote Security vulnerability in Somery 0.4.6 PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter, a different vector than CVE-2006-4669. | 7.5 |
| 2007-02-04 | CVE-2007-0703 | Remote Security vulnerability in Webbuilder PHP remote file inclusion vulnerability in library/StageLoader.php in WebBuilder 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[core][module_path] parameter. | 7.5 |
| 2007-02-04 | CVE-2007-0702 | Remote File Include vulnerability in PHPeventman 1.0.2 Multiple PHP remote file inclusion vulnerabilities in phpEventMan 1.0.2 allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) Shared/controller/text.ctrl.php or (2) UserMan/controller/common.function.php. | 7.5 |
| 2007-02-04 | CVE-2007-0701 | Remote File Include vulnerability in Epistemon 1.0 PHP remote file inclusion vulnerability in inc/common.inc.php in Epistemon 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | 7.5 |