CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2007-1727
https://notcve.org/view.php?id=CVE-2007-1727
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. Vulnerabilidad sin especificar en el HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50 y 7.51 permite a usuarios remotos autenticados acceder a ciertos privilegios facilitados mediante vectores sin especificar. • http://secunia.com/advisories/24746 http://www.securityfocus.com/bid/23163 http://www.securitytracker.com/id?1017817 http://www.vupen.com/english/advisories/2007/1121 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00854999 https://exchange.xforce.ibmcloud.com/vulnerabilities/33241 •
CVSS: 7.5EPSS: 66%CPEs: 3EXPL: 0CVE-2007-1692
https://notcve.org/view.php?id=CVE-2007-1692
The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet Explorer. NOTE: it could be argued that if an attacker already has control over WINS/DNS, then web traffic could already be intercepted by modifying WINS or DNS records, so this would not cross privilege boundaries and would not be a vulnerability. It has also been reported that DHCP is an alternate attack vector. La configuración predeterminada de Microsoft Windows usa el Web Proxy Autodiscovery Protocol (WPAD) sin entradas WPAD estáticas, lo que podría permitir a atacantes remotos interceptar el tráfico web mediante el registro de un servidor proxy usando WINS o DNS y, a continuación, responder a peticiones WPAD, como es demostrado por Internet Explorer. NOTA: se podría argumentar que si un atacante ya tiene control sobre WINS/DNS, entonces el tráfico web ya podría ser interceptado mediante la modificación de registros WINS o DNS, por lo que esto no cruzaría los límites de privilegios y no sería una vulnerabilidad. • http://archives.neohapsis.com/archives/isn/2007-q1/0418.html http://isc.sans.org/diary.html?storyid=2517 http://news.com.com/Windows+weakness+can+lead+to+network+traffic+hijacks/2100-1002_3-6170229.html http://support.microsoft.com/kb/934864 http://www.vupen.com/english/advisories/2007/1115 https://exchange.xforce.ibmcloud.com/vulnerabilities/33244 • CWE-16: Configuration •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2007-1645 – FutureSoft TFTP Server 2000 - Remote Overwrite (SEH)
https://notcve.org/view.php?id=CVE-2007-1645
Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a long request on UDP port 69. NOTE: this issue might overlap CVE-2006-4781 or CVE-2005-1812. Desbordamiento de búfer en FutureSoft TFTP Server 2000 sobre Microsoft Windows 2000 SP4 permite a atacantes remotos ejecutar código de su elección a través de una respuesta UDP sobre el puerto 69. NOTA: este asunto podría solaparse con CVE-2006-4781 o CVE-2005-1812. • https://www.exploit-db.com/exploits/3541 https://exchange.xforce.ibmcloud.com/vulnerabilities/33188 •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2007-1512
https://notcve.org/view.php?id=CVE-2007-1512
Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 Gold and SP1, and Visual Studio .NET 2002 Gold and SP1, and 2003 Gold and SP1 allows user-assisted remote attackers to have an unknown impact (probably crash) via an RTF file with a malformed OLE object, which results in writing two 0x00 characters past the end of szBuffer, aka the "MFC42u.dll Off-by-Two Overflow." NOTE: this issue is due to an incomplete patch (MS07-012) for CVE-2007-0025. Desbordamiento de búfer basado en pila en la función AfxOleSetEditMenu en el componente MFC de Microsoft Windows 2000 SP4, XP SP2, y Server 2003 Gold y SP1, y Visual Studio .NET 2002 Gold y SP1, y 2003 Gold y SP1 permite a atacantes remotos con la complicidad del usuario tener un impacto desconocido (posiblemente caída) mediante un fichero RTF con un objeto OLE mal formado, lo cual resulta en la escritura de 2 caracteres 0x00 pasado el final de szBuffer, también conocido como "MFC42u.dll Off-by-Two Overflow". NOTA: este asunto es debido a un parche incompleto (MS07-012) para CVE-2007-0025. • http://www.securityfocus.com/archive/1/463009/100/0/threaded •
CVSS: 7.1EPSS: 86%CPEs: 3EXPL: 1CVE-2007-1347 – Microsoft Windows - '.doc' Malformed Pointers Denial of Service
https://notcve.org/view.php?id=CVE-2007-1347
Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll. Microsoft Windows Explorer en Windows 2000 SP4 FR y XP SP2 FR, y posiblemente otras versiones y plataformas, permite a atacantes remotos causar una denegación de servicio (corrupción de la memoria y bloqueo) por medio de un archivo de Office con información de resumen de documentos especialmente diseñada, lo que causa un error en la biblioteca Ole32.dll. • https://www.exploit-db.com/exploits/3419 http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html http://osvdb.org/36141 http://www.kb.cert.org/vuls/id/194944 http://www.securityfocus.com/bid/22847 http://www.securitytracker.com/id?1017736 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •