CVSS: 10.0EPSS: 31%CPEs: 1EXPL: 1CVE-2007-1644 – Microsoft DNS Server - Dynamic DNS Update/Change
https://notcve.org/view.php?id=CVE-2007-1644
24 Mar 2007 — The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution). El mecanismo de actualización DNS en el servidor DNS de Microsoft Windows no valida adecuadamente a clien... • https://www.exploit-db.com/exploits/3544 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2007-1382 – PHP 'COM' Extensions - inconsistent Win32 'safe_mode' Bypass
https://notcve.org/view.php?id=CVE-2007-1382
10 Mar 2007 — The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode. La extensión PHP COM para PHP en los sistemas Windows permite a atacantes dependientes del contexto ejecutar código de su elección mediante el objeto COM WScript.Shell, como lo demostrado usando el método Run de dicho objeto para ejecutar cmd.exe, que evita el mo... • https://www.exploit-db.com/exploits/3429 •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2007-1281
https://notcve.org/view.php?id=CVE-2007-1281
06 Mar 2007 — Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression. Kaspersky AntiVirus Engine 6.0.1.411 para Windows y 5.5-10 para Linux permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) mediante un archivo comprimido con UPX manipulado con un desplazamiento (offset) negativo, lo cual dispa... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485 •
CVSS: 10.0EPSS: 12%CPEs: 94EXPL: 0CVE-2007-1093
https://notcve.org/view.php?id=CVE-2007-1093
26 Feb 2007 — Multiple unspecified vulnerabilities in JP1/Cm2/Network Node Manager (NNM) before 07-10-05, and before 08-00-02 in the 08-x series, allow remote attackers to execute arbitrary code, cause a denial of service, or trigger invalid Web utility behavior. Múltiples vulnerabilidades no especificadas en JP1/Cm2/Network Node Manager (NNM) anterior a 07-10-05, y anterior a 08-00-02 en la serie 08-x, permiten a atacantes remotos ejecutar código de su elección, provocar una denegación de servicio, o disparar un comport... • http://osvdb.org/33528 • CWE-94: Improper Control of Generation of Code ('Code Injection') •