CVSS: 7.8EPSS: 3%CPEs: 9EXPL: 0CVE-2008-0212
https://notcve.org/view.php?id=CVE-2008-0212
ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. ovtopmd en HP OpenView Network Node Manager (OV NNM) versiones 6.41, 7.01 y 7.51, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de una petición TCP diseñada que desencadena un acceso de memoria fuera de límites. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=652 http://secunia.com/advisories/28798 http://www.securityfocus.com/archive/1/487586/100/0/threaded http://www.securityfocus.com/bid/27629 http://www.securitytracker.com/id?1019306 http://www.vupen.com/english/advisories/2008/0424 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 5%CPEs: 13EXPL: 0CVE-2007-6482
https://notcve.org/view.php?id=CVE-2007-6482
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Vulnerabilidad no especificada en el demonio Device Manager (utdevmgrd) en Sun Ray Server Software 2.0, 3.0, 3.1, y 3.1.1 permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de vectores no especificados. • http://osvdb.org/40846 http://secunia.com/advisories/28148 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103175-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201227-1 http://www.securityfocus.com/bid/26944 http://www.securitytracker.com/id?1019118 http://www.vupen.com/english/advisories/2007/4269 https://exchange.xforce.ibmcloud.com/vulnerabilities/39133 •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 2CVE-2007-6232 – ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-6232
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en index.php en FTP Admin 0.1.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro error en una acción de página de error. • https://www.exploit-db.com/exploits/4681 https://www.exploit-db.com/exploits/4684 http://secunia.com/advisories/27875 https://exchange.xforce.ibmcloud.com/vulnerabilities/38780 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 90%CPEs: 222EXPL: 1CVE-2007-5365 – Ubuntu 6.06 - DHCPd Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-5365
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. Un desbordamiento de búfer en la región stack de la memoria en la función cons_options en el archivo options.c en dhcpd en OpenBSD versiones 4.0 hasta 4.2, y algunas otras implementaciones de dhcpd basadas en ISC dhcp-2, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo del demonio) por medio de una petición DHCP que especifica un tamaño máximo de mensaje más pequeño que el IP MTU mínimo. • https://www.exploit-db.com/exploits/4601 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354 http://secunia.com/advisories/27160 http://secunia.com/advisories/27273 http://secunia.com/advisories/27338 http://secunia.com/advisories/27350 http://secunia.com/advisories/32668 http://securitytracker.com/id?1021157 http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1 http://www.coresecurity&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 14%CPEs: 21EXPL: 3CVE-2007-4938 – MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Desbordamiento de búfer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de aplicación) o posiblemente ejecutar código de su elección a través de un archivo .avi con cierto "tamaño indx tratado" y valores nEntriesInuse, y un cierto valor wLongsPerEntry. • https://www.exploit-db.com/exploits/30578 http://osvdb.org/45940 http://secunia.com/advisories/27016 http://securityreason.com/securityalert/3144 http://www.mandriva.com/security/advisories?name=MDKSA-2007:192 http://www.securityfocus.com/archive/1/479222/100/0/threaded http://www.securityfocus.com/bid/25648 http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/36581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •