CVE-2007-6427
- EPSS 4.24%
- Veröffentlicht 18.01.2008 23:00:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
CVE-2007-5000
- EPSS 78.07%
- Veröffentlicht 13.12.2007 18:46:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inje...
CVE-2007-6206
- EPSS 0.06%
- Veröffentlicht 04.12.2007 00:46:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might ...
CVE-2007-1285
- EPSS 6.82%
- Veröffentlicht 06.03.2007 20:19:00
- Zuletzt bearbeitet 23.04.2026 00:35:47
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.