Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-16 | CVE-2007-4379 | Multiple vulnerability in RndLabs Babo Violent 2 Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size. network rndlabs | 4.3 |
2007-08-16 | CVE-2007-4378 | Multiple vulnerability in RndLabs Babo Violent 2 Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login. network rndlabs | 6.8 |
2007-08-16 | CVE-2007-4377 | Remote Buffer Overflow vulnerability in Netwin Surgemail 38K Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. network netwin | 6.0 |
2007-08-16 | CVE-2007-4376 | Unspecified vulnerability in Szymon Kosok Best TOP List Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/. network szymon-kosok | 6.8 |
2007-08-16 | CVE-2007-4375 | Remote Information Disclosure vulnerability in Diskeeper 2007/9 The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address. network diskeeper | 5.8 |
2007-08-16 | CVE-2007-4374 | Remote Security vulnerability in Babo Violent Babo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, which allows remote authenticated users to spoof messages. | 4.0 |
2007-08-16 | CVE-2007-4373 | Security Bypass vulnerability in Babo Violent The server in Babo Violent 2 2.08.00 and earlier does not properly implement password protection, which might allow remote attackers to bypass authentication by reconnecting after a connection closes. network rndlabs | 6.8 |
2007-08-16 | CVE-2007-4091 | Buffer Overflow vulnerability in Rsync 2.6.9 Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function. network rsync | 6.8 |
2007-08-15 | CVE-2007-4371 | File-Upload vulnerability in Hotscripts Neuron Blog 1.1 Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/. network hotscripts | 6.8 |
2007-08-15 | CVE-2007-4369 | Local File Include vulnerability in SOTEeSKLEP _Files Directory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to read arbitrary files via a .. | 5.0 |