CVE-2007-1887
- EPSS 4.75%
- Veröffentlicht 06.04.2007 01:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:30
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by ca...
CVE-2007-1667
- EPSS 4.61%
- Veröffentlicht 24.03.2007 21:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:04
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf...
CVE-2007-0994
- EPSS 3.21%
- Veröffentlicht 06.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:36:42
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI...
CVE-2007-0009
- EPSS 50.36%
- Veröffentlicht 26.02.2007 20:28:00
- Zuletzt bearbeitet 16.06.2026 22:34:41
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System ser...
CVE-2007-0778
- EPSS 3.12%
- Veröffentlicht 26.02.2007 20:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:16
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i...
CVE-2007-0897
- EPSS 3.39%
- Veröffentlicht 16.02.2007 19:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:30
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record l...
CVE-2007-0454
- EPSS 6.41%
- Veröffentlicht 06.02.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:36
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during...
CVE-2006-6942
- EPSS 3.19%
- Veröffentlicht 19.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:34:05
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b)...
CVE-2006-6499
- EPSS 3.72%
- Veröffentlicht 20.12.2006 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:14
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers ...
CVE-2006-6500
- EPSS 8.29%
- Veröffentlicht 20.12.2006 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:15
Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting...