- EPSS 11.38%
- Veröffentlicht 26.06.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:35
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cl...
CVE-2007-2443
- EPSS 3.48%
- Veröffentlicht 26.06.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:35
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
- EPSS 7.52%
- Veröffentlicht 26.06.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:27
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
CVE-2007-3409
- EPSS 3.49%
- Veröffentlicht 26.06.2007 18:30:00
- Zuletzt bearbeitet 16.06.2026 22:41:58
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
CVE-2007-3304
- EPSS 3.3%
- Veröffentlicht 20.06.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:41:27
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the m...
CVE-2007-2875
- EPSS 0.44%
- Veröffentlicht 11.06.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:37
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading th...
- EPSS 2.42%
- Veröffentlicht 16.05.2007 22:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:12
The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid sec...
CVE-2007-2691
- EPSS 2.85%
- Veröffentlicht 16.05.2007 01:19:00
- Zuletzt bearbeitet 16.06.2026 22:40:07
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
CVE-2007-2444
- EPSS 0.78%
- Veröffentlicht 14.05.2007 21:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:36
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to ...
- EPSS 11.31%
- Veröffentlicht 10.05.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:52
The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL poin...