Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-25 | CVE-2007-0485 | Remote File Include vulnerability in Webchat.Org Webchat 0.77 PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 allows remote attackers to execute arbitrary PHP code via a URL in the WEBCHATPATH parameter. | 7.5 |
| 2007-01-25 | CVE-2007-0484 | SQL-Injection vulnerability in Enthusiast 3.1 Multiple SQL injection vulnerabilities in Enthusiast 3.1 allow remote attackers to execute arbitrary SQL commands via the cat parameter to (1) show_owned.php, (2) show_joined.php, and possibly other files. | 7.5 |
| 2007-01-25 | CVE-2007-0481 | Remote Memory Corruption vulnerability in Cisco IOS IPv6 Source Routing Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing header. | 7.8 |
| 2007-01-25 | CVE-2007-0479 | Denial Of Service vulnerability in Cisco IOS TCP Listener Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x allows remote attackers to cause a denial of service by sending crafted TCP traffic to an IPv4 address on the IOS device. | 7.8 |
| 2007-01-24 | CVE-2006-6952 | Products Drivers Multiple Local Privilege Escalation Vulenrabilities in Computer Associates Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. | 7.2 |
| 2007-01-24 | CVE-2007-0444 | Buffer Errors vulnerability in Citrix Metaframe and Metaframe Presentation Server Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions. | 7.2 |
| 2007-01-24 | CVE-2007-0471 | Permissions, Privileges, and Access Controls vulnerability in Checkpoint Connectra NGX R60/R62 sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie authentication token. | 7.5 |
| 2007-01-24 | CVE-2007-0470 | Local Privilege Escalation vulnerability in Sun Solaris Tip Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors. | 7.2 |
| 2007-01-23 | CVE-2007-0003 | Authentication Bypass vulnerability in Andrew Morgan Linux PAM 0.99.7.0 pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters. | 7.2 |
| 2007-01-23 | CVE-2007-0435 | Improper Authentication vulnerability in T-Com Speedport 500V and Speedport 500V Firmware T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value. | 7.5 |