CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3069
https://notcve.org/view.php?id=CVE-2007-3069
xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence. xscreensaver en Sun Solaris 10 anterior al 04/06/2007, cuando se está ejecutando una sesión GNOME con soporte de Tecnología Asistencial (Assistive Technology), permite a atacantes con acceso físico tomar el control de la sesión después de introducir una secuencia Alt-Tab. • http://osvdb.org/36586 http://secunia.com/advisories/25531 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102834-1 http://www.securityfocus.com/bid/24314 http://www.securitytracker.com/id?1018194 http://www.vupen.com/english/advisories/2007/2056 https://exchange.xforce.ibmcloud.com/vulnerabilities/34722 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1832 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2007-2990
https://notcve.org/view.php?id=CVE-2007-2990
Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. Vulnerabilidad no especificada en inetd de Sun Solaris 10 versiones anteriores a 20070529 permite a usuarios locales provocar una denegación de servicio (terminación de demonio) mediante manipulaciones no especificadas del fichero de socket de dominio Unix var/run/.inetd.uds. • http://osvdb.org/36585 http://secunia.com/advisories/25450 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102921-1 http://www.securityfocus.com/bid/24213 http://www.securitytracker.com/id?1018133 http://www.vupen.com/english/advisories/2007/1984 https://exchange.xforce.ibmcloud.com/vulnerabilities/34577 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2032 •
CVSS: 7.8EPSS: 7%CPEs: 2EXPL: 0CVE-2007-2989
https://notcve.org/view.php?id=CVE-2007-2989
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298. La biblioteca libike de Sun Solaris 9 versiones anteriores a 20070529 contiene un error lógico referido a un puntero concreto, lo cual permite a atacantes remotos provocar una denegación de servicio (caída de demonio in.iked) al enviar paquetes UDP concretos con un puerto origen distinto al 500. NOTA. Esta vulnerabilidad podría solaparse con CVE-2006-2298. • http://osvdb.org/36584 http://secunia.com/advisories/25465 http://secunia.com/advisories/25661 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102745-1 http://support.avaya.com/elmodocs2/security/ASA-2007-227.htm http://www.securityfocus.com/bid/24209 http://www.securitytracker.com/id?1018134 http://www.vupen.com/english/advisories/2007/1982 http://www.vupen.com/english/advisories/2007/2188 https://exchange.xforce.ibmcloud.com/vulnerabilities/34576 https://oval. •
CVSS: 5.0EPSS: 6%CPEs: 6EXPL: 1CVE-2007-2882
https://notcve.org/view.php?id=CVE-2007-2882
Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets. Vulnerabilidad no especificada en el módulo cliente NFS de Sun Solaris 8 hasta 10 anterior al 24/05/2007, cuando opera como un servidor NFS, permite a atacantes remotos provocar una denegación de servicio (caída) mediante determinados paquetes de Lista de Control de Acceso (Access Control List o acl). • http://osvdb.org/34908 http://secunia.com/advisories/25403 http://secunia.com/advisories/25879 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102911-1 http://support.avaya.com/elmodocs2/security/ASA-2007-245.htm http://www.securityfocus.com/bid/24145 http://www.securitytracker.com/id?1018129 http://www.vupen.com/english/advisories/2007/1943 https://exchange.xforce.ibmcloud.com/vulnerabilities/34504 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre. •
CVSS: 10.0EPSS: 5%CPEs: 18EXPL: 1CVE-2007-2736 – Achievo 1.1.0 - 'config_atkroot' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-2736
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. Vulnerabilidad de inclusión remota de archivo en PHP en index.php de Achievo 1.1.0 permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro config_atkroot. • https://www.exploit-db.com/exploits/3928 http://osvdb.org/37919 http://www.securityfocus.com/bid/23992 https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 •