CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2007-2351
https://notcve.org/view.php?id=CVE-2007-2351
Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors. Vulnerabilidad sin especificar en el HP Power Manager Remote Agent (RA) 4.0Build10 y versiones anteriores en el HP-UX B.11.11 y B.11.23 permite a usuarios locales ejecutar código de su elección mediante vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00819543 http://secunia.com/advisories/25066 http://www.securityfocus.com/bid/23703 http://www.securitytracker.com/id?1017977 http://www.vupen.com/english/advisories/2007/1574 https://exchange.xforce.ibmcloud.com/vulnerabilities/33965 •
CVSS: 7.8EPSS: 8%CPEs: 5EXPL: 0CVE-2007-2246
https://notcve.org/view.php?id=CVE-2007-2246
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434. Vulnerabilidad no especificada en HP-UX B.11.00 y B.11.11, cuando se ejecuta sendmail 8.9.3 o 8.11.1; y HP-UX B.11.23 cuando se ejecuta sendmail 8.11.1; permite a los atacantes remotos causar una denegación de servicio a través de vectores de ataque desconocidos. NOTA: debido a la falta de detalles de HP, no se sabe si este problema es un duplicado de otro CVE como CVE-2006-1173 o CVE-2006-4434. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00841370 http://secunia.com/advisories/24990 http://www.kb.cert.org/vuls/id/349305 http://www.securityfocus.com/bid/23606 http://www.securitytracker.com/id?1017966 http://www.vupen.com/english/advisories/2007/1504 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 16%CPEs: 9EXPL: 2CVE-2007-2191 – FreePBX 2.2 - SIP Packet Multiple HTML Injection Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-2191
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. Múltiples vulnerabilidades de secuencia de comandos en sitios cruzados (XSS) en freePBX 2.2.x permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de los campos (1) From, (2) To, (3) Call-ID, (4) User-Agent, y otros no especificados del protocolo SIP, lo cuales son almacenados en /var/log/asterisk/full y mostrados por admin/modules/logfiles/asterisk-full-log.php. • https://www.exploit-db.com/exploits/29873 http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html http://osvdb.org/35315 http://secunia.com/advisories/24935 http://securityreason.com/securityalert/2627 http://www.securityfocus.com/bid/23575 http://www.vupen.com/english/advisories/2007/1535 https://exchange.xforce.ibmcloud.com/vulnerabilities/33772 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1994
https://notcve.org/view.php?id=CVE-2007-1994
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.00 allows local users to cause a denial of service via unknown vectors. NOTE: due to lack of vendor details, it is not clear whether this is the same as CVE-2007-0916. Vulnerabilidad no especificada en la funcionalidad de transporte Address and Routing Parameter Area (ARPA) en HP-UX B.11.00 permite a usuarios locales provocar una denegación de servicio mediante vectores desconocidos. NOTA: Debido a la falta de detalles del fabricante, no está claro si es similar a CVE-2007-0916. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00944467 http://www.securityfocus.com/bid/23410 http://www.securitytracker.com/id?1017892 http://www.vupen.com/english/advisories/2007/1358 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5624 •
CVSS: 9.3EPSS: 5%CPEs: 3EXPL: 0CVE-2007-1993
https://notcve.org/view.php?id=CVE-2007-1993
Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending "a call to procedure 5, followed by a crafted payload to procedure 2." Un desbordamiento de búfer en el demonio RPC del archivo pfs_mountd.rpc en el Portable File System (PFS) en HP-UX versiones B.11.00, B.11.11 y B.11.23, permite a atacantes remotos ejecutar código arbitrario enviando "a call to procedure 5, followed by a crafted payload to procedure 2." • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=512 http://secunia.com/advisories/24855 http://www.securityfocus.com/bid/23401 http://www.securitytracker.com/id?1017893 http://www.vupen.com/english/advisories/2007/1343 https://exchange.xforce.ibmcloud.com/vulnerabilities/33567 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5751 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •