Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-23 | CVE-2007-0433 | Products Multiple vulnerability in BEA Aqualogic Service BUS 2.0/2.1/2.2 Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2, when using Active Directory LDAP for authentication, allows remote authenticated users to access the server even after the account has been disabled. | 6.5 |
| 2007-01-23 | CVE-2007-0430 | Denial-Of-Service vulnerability in Mac OS X The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. | 4.9 |
| 2007-01-23 | CVE-2007-0429 | Remote Denial of Service vulnerability in Divx Player 6.4.1 DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed with DivX Player 6.4.1, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the GoWindowed method for a certain instance of the ActiveX object. | 5.0 |
| 2007-01-23 | CVE-2007-0428 | Denial-Of-Service vulnerability in wzdftpd Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference. | 5.0 |
| 2007-01-23 | CVE-2006-6951 | Cross-Site Scripting vulnerability in Odysseus Blog Blog.PHP Cross-site scripting (XSS) vulnerability in blog.php in OdysseusBlog allows remote attackers to inject arbitrary web script or HTML via the page parameter. network odysseus-blog | 6.8 |
| 2007-01-23 | CVE-2006-6950 | Insecure Default Accounts and Directory Traversal vulnerability in Conti Ftpserver 1.0Build2.8 Directory traversal vulnerability in Conti FTPServer 1.0 Build 2.8 allows remote attackers to read arbitrary files and list arbitrary directories via a .. | 5.0 |
| 2007-01-23 | CVE-2006-6949 | Insecure Default Accounts and Directory Traversal vulnerability in Conti Ftpserver 1.0Build2.8 Conti FTPServer 1.0 Build 2.8 stores user passwords in cleartext in MyServerSettings.ini, which allows local users to obtain sensitive information by reading this file. | 4.6 |
| 2007-01-23 | CVE-2007-0426 | Products Multiple vulnerability in Oracle Weblogic Portal 9.2 BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered environment using WebLogic Portal entitlements, does not properly propagate entitlement policy changes if the changes are made on a managed server while the Administrative Server is unavailable, which might allow attackers to bypass intended restrictions. network oracle | 6.8 |
| 2007-01-23 | CVE-2007-0424 | Products Multiple vulnerability in BEA Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for Netscape Enterprise Server before September 2006 for Netscape Enterprise Server allow remote attackers to cause a denial of service via certain requests that trigger errors that lead to a server being marked as unavailable, hosting web server failure, or CPU consumption. | 5.0 |
| 2007-01-23 | CVE-2007-0423 | Products Multiple vulnerability in Oracle Weblogic Portal 9.2 BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be "inadvertently affected," which has an unknown impact. local oracle | 4.4 |