Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-01 | CVE-2007-0648 | Remote Denial Of Service vulnerability in Cisco IOS SIP Packet Handling Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. | 7.8 |
| 2007-02-01 | CVE-2007-0647 | Products Format String vulnerability in Apple mac OS X 10.3.9 Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function. network apple | 7.1 |
| 2007-02-01 | CVE-2007-0646 | USE of Externally-Controlled Format String vulnerability in Apple Imovie, mac OS X and Safari Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function. | 7.1 |
| 2007-02-01 | CVE-2007-0644 | Products Format String vulnerability in Apple Safari 2.0.4419.3 Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions. network apple | 7.1 |
| 2007-01-31 | CVE-2007-0642 | SQL Injection vulnerability in RBL Tforum 2.00 SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp. | 7.5 |
| 2007-01-31 | CVE-2007-0641 | Stack Buffer Overflow vulnerability in Shaffer Solutions Corp Dapcnfsd.Dll 0.6.4.0 Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444. | 7.5 |
| 2007-01-31 | CVE-2007-0639 | Remote Security vulnerability in GuppY Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via (1) a REMOTE_ADDR cookie or (2) a cookie specifying an element of the msg array with an error number in the first dimension and 0 in the second dimension, as demonstrated by msg[999][0]. | 7.5 |
| 2007-01-31 | CVE-2007-0637 | Local File Include vulnerability in Galeria Zdjec Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2007-01-31 | CVE-2007-0635 | Remote File Include vulnerability in Encapscms 0.3.6 Multiple PHP remote file inclusion vulnerabilities in EncapsCMS 0.3.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) config[path] parameter to (a) common_foot.php or (b) blogs.php, or (2) the config[theme] parameter to (c) admin/gallery_head.php. | 7.5 |
| 2007-01-31 | CVE-2007-0634 | Remote Denial of Service vulnerability in SUN Solaris 10.0 Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets. | 7.8 |