CVSS: 7.6EPSS: 14%CPEs: 21EXPL: 3CVE-2007-4938 – MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Desbordamiento de búfer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de aplicación) o posiblemente ejecutar código de su elección a través de un archivo .avi con cierto "tamaño indx tratado" y valores nEntriesInuse, y un cierto valor wLongsPerEntry. • https://www.exploit-db.com/exploits/30578 http://osvdb.org/45940 http://secunia.com/advisories/27016 http://securityreason.com/securityalert/3144 http://www.mandriva.com/security/advisories?name=MDKSA-2007:192 http://www.securityfocus.com/archive/1/479222/100/0/threaded http://www.securityfocus.com/bid/25648 http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/36581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0CVE-2007-4590
https://notcve.org/view.php?id=CVE-2007-4590
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors. El comando get_system_info de Ignite-UX C.7.0 hasta C.7.3, y DynRootDisk (DRD) A.1.0.16.417 hasta A.2.0.0.5.92, en HP-UX B.11.11, B.11.23, y B.11.31 no informa a los usuarios locales de cambios de red realizados por el comando, lo cual tiene impacto y vectores de ataque desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118367 http://osvdb.org/37563 http://secunia.com/advisories/26599 http://securitytracker.com/id?1018607 http://www.securityfocus.com/bid/25469 http://www.vupen.com/english/advisories/2007/2985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5515 •
CVSS: 10.0EPSS: 31%CPEs: 2EXPL: 0CVE-2007-4241
https://notcve.org/view.php?id=CVE-2007-4241
Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781. Desbordamiento de búfer en ldcconn de Hewlett-Packard (HP) Controller para Cisco Local Director en HP-UX 11.11i permite a atacantes remotos ejecutar código de su elección mediante una cadena larga al puerto TCP 17781. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=572 http://secunia.com/advisories/26373 http://securitytracker.com/id?1018524 http://www.securityfocus.com/bid/25227 http://www.vupen.com/english/advisories/2007/2813 https://exchange.xforce.ibmcloud.com/vulnerabilities/35847 •
CVSS: 1.5EPSS: 0%CPEs: 3EXPL: 0CVE-2007-4179
https://notcve.org/view.php?id=CVE-2007-4179
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not certain due to lack of vendor details. Vulnerabilidad no especificada la funcionalidad de transporte Address and Routing Parameter Area (ARPA) de HP-UX B.11.11 y B.11.23 permite a usuarios locales provocar una denegación de servicio no especificada mediante vectores no especificados. NOTA: este asunto es probablemente diferente de CVE-2007-0916, pero no es debido a carencia de detalles del fabricante. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01090656 http://secunia.com/advisories/26279 http://www.securityfocus.com/bid/25165 http://www.securitytracker.com/id?1018501 http://www.vupen.com/english/advisories/2007/2758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5948 •
CVSS: 7.1EPSS: 4%CPEs: 3EXPL: 0CVE-2007-4125
https://notcve.org/view.php?id=CVE-2007-4125
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors. Vulnerabilidad no especificada en la funcionalidad de transporte Address and Routing Parameter Area (ARPA) de HP-UX B.11.11, B.11.23, y B.11.31 permite a atacantes remotos provocar una denegación de servicio mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01087206 http://secunia.com/advisories/26279 http://www.securityfocus.com/bid/25147 http://www.securitytracker.com/id?1018482 http://www.vupen.com/english/advisories/2007/2728 https://exchange.xforce.ibmcloud.com/vulnerabilities/35702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5243 •