Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-16 | CVE-2007-0264 | Remote Buffer Overflow vulnerability in Winzip 9.0 Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long command line argument. local winzip | 6.6 |
| 2007-01-16 | CVE-2007-0258 | Cross-Site Scripting vulnerability in Open Solution Quick.Cart Cross-site scripting (XSS) vulnerability in index.php in (1) Fastilo 2.0 and (2) Open Solution Quick.Cart 2.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. | 6.8 |
| 2007-01-16 | CVE-2007-0250 | Input Validation vulnerability in Nwom Topsites 3.0 index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information via a ' (quote) character in the o parameter, which forces a SQL error. | 5.0 |
| 2007-01-16 | CVE-2007-0249 | Input Validation vulnerability in Nwom Topsites 3.0 Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites 3.0 allows remote attackers to inject arbitrary web script or HTML via the o parameter. network nwom | 6.8 |
| 2007-01-16 | CVE-2006-6931 | Denial of Service vulnerability in Snort Backtracking Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a "backtracking attack." | 5.0 |
| 2007-01-16 | CVE-2006-6487 | Cross-Site Scripting vulnerability in DT Guestbook DT Guestbook 1.0F Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook (dt_guestbook) 1.0f, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the error[] parameter. | 5.1 |
| 2007-01-16 | CVE-2007-0248 | Remote Denial of Service vulnerability in Squid 2.6.Stable6 The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop. | 5.0 |
| 2007-01-16 | CVE-2007-0247 | Resource Management Errors vulnerability in Squid squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions. | 5.0 |
| 2007-01-13 | CVE-2007-0231 | Cross-Site Scripting vulnerability in SIX Apart Movable Type 3.33 Cross-site scripting (XSS) vulnerability in Movable Type (MT) 3.33, when nofollow is disabled and unmoderated comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Comments field. network six-apart | 6.8 |
| 2007-01-13 | CVE-2007-0228 | Denial of Service vulnerability in Eiqnetworks Enterprise Security Analyzer 2.0/2.1/2.5 The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference. | 5.0 |