Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-31 | CVE-2007-0465 | Unspecified vulnerability in Apple Installer and mac OS X Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename. | 7.6 |
| 2007-01-30 | CVE-2007-0603 | Remote Code Execution vulnerability in PGP Corporate Desktop 9.5 PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address. | 7.1 |
| 2007-01-30 | CVE-2007-0601 | Remote Security vulnerability in Aztek Forum Aztek Forum 4.0 common/safety.php in Aztek Forum 4.00 allows remote attackers to enter certain data containing %22 sequences (URL encoded double quotes) and other potentially dangerous manipulations by sending a cookie, which bypasses the blacklist matching against the GET and PUT superglobal arrays. | 7.5 |
| 2007-01-30 | CVE-2007-0600 | SQL Injection vulnerability in Makit Newsposter Script News_Page.ASP SQL injection vulnerability in news_page.asp in Martyn Kilbryde Newsposter Script (aka makit news/blog poster) 3 and earlier allows remote attackers to execute arbitrary SQL commands via the uid parameter. | 7.5 |
| 2007-01-30 | CVE-2007-0599 | Remote Security vulnerability in Aztek Forum Aztek Forum 4.0 Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/common_actions.php, via vectors associated with extract operations on the (1) POST, (2) GET, (3) COOKIE, and (4) SERVER superglobal arrays. | 7.5 |
| 2007-01-30 | CVE-2007-0598 | SQL-Injection vulnerability in Aztek Forum Aztek Forum 4.0 SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote attackers to execute arbitrary SQL commands via the fid cookie to forum.php. | 7.5 |
| 2007-01-30 | CVE-2007-0591 | Remote File Include vulnerability in VU LE AN Virtual Path 1.0 PHP remote file inclusion vulnerability in configure.php in Vu Le An Virtual Path (VirtualPath) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2007-01-30 | CVE-2007-0589 | SQL-Injection vulnerability in Forum Livre Forum Livre 1.0 SQL injection vulnerability in Forum Livre 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to info_user.asp. | 7.5 |
| 2007-01-30 | CVE-2007-0588 | Remote Memory Corruption vulnerability in Apple Mac OS X QuickDraw InternalUnpackBits The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. network apple | 7.1 |
| 2007-01-30 | CVE-2007-0584 | Remote File Include vulnerability in Php Generic MembreManager.PHP PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | 7.5 |