Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-06-04 | CVE-2007-2995 | Remote Security vulnerability in IBM AIX 5.2.0/5.3 Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors. network ibm | 4.3 |
| 2007-06-04 | CVE-2007-2993 | Cross-Site Scripting vulnerability in Interneserviceslosungen Multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) allow remote attackers to inject arbitrary web script or HTML via (1) user-created text fields; the (2) F05003, (3) F05005, and (4) F05015 fields; and other unspecified standard fields. network omegasoft | 4.3 |
| 2007-06-04 | CVE-2007-2991 | Cross-Site Scripting vulnerability in Evenzia Content Management Systems (CMS) Cross-site scripting (XSS) vulnerability in includes/send.inc.php in Evenzia CMS allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. network evenzia | 4.3 |
| 2007-06-04 | CVE-2007-2513 | Man In The Middle vulnerability in Novell Groupwise 6.5/7.0 Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack. network novell | 4.3 |
| 2007-06-04 | CVE-2007-2452 | Local Buffer Overflow vulnerability in GNU Locate Old Format Locate Database Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036. network gnu | 6.0 |
| 2007-06-04 | CVE-2007-1593 | Resource Management Errors vulnerability in Symantec Veritas Volume Replicator The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer. | 5.0 |
| 2007-06-01 | CVE-2007-2990 | Local Denial of Service vulnerability in SUN Solaris 10.0 Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | 4.9 |
| 2007-06-01 | CVE-2007-2984 | Buffer Errors vulnerability in Media Technology Group Cdpass Activex Control 1.0.0.13 Multiple stack-based buffer overflows in the Media Technology Group CDPass ActiveX control in CDPass.dll allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving the GetTOC2 method. | 6.8 |
| 2007-06-01 | CVE-2007-2980 | Buffer Errors vulnerability in Lead Technologies products Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long DriverName property, a different ActiveX control than CVE-2007-2827. | 6.8 |
| 2007-06-01 | CVE-2007-2978 | Link Following vulnerability in Eggblog Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | 6.8 |