CVE-2021-3450 – CA certificate check bypass with X509_V_FLAG_X509_STRICT
https://notcve.org/view.php?id=CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. • http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mc • CWE-295: Improper Certificate Validation •
CVE-2007-6232 – ftp Admin 0.1.0 - Local File Inclusion / Cross-Site Scripting / Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-6232
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en index.php en FTP Admin 0.1.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro error en una acción de página de error. • https://www.exploit-db.com/exploits/4681 https://www.exploit-db.com/exploits/4684 http://secunia.com/advisories/27875 https://exchange.xforce.ibmcloud.com/vulnerabilities/38780 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-4938 – MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Desbordamiento de búfer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de aplicación) o posiblemente ejecutar código de su elección a través de un archivo .avi con cierto "tamaño indx tratado" y valores nEntriesInuse, y un cierto valor wLongsPerEntry. • https://www.exploit-db.com/exploits/30578 http://osvdb.org/45940 http://secunia.com/advisories/27016 http://securityreason.com/securityalert/3144 http://www.mandriva.com/security/advisories?name=MDKSA-2007:192 http://www.securityfocus.com/archive/1/479222/100/0/threaded http://www.securityfocus.com/bid/25648 http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/36581 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-2736 – Achievo 1.1.0 - 'config_atkroot' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-2736
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. Vulnerabilidad de inclusión remota de archivo en PHP en index.php de Achievo 1.1.0 permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro config_atkroot. • https://www.exploit-db.com/exploits/3928 http://osvdb.org/37919 http://www.securityfocus.com/bid/23992 https://exchange.xforce.ibmcloud.com/vulnerabilities/34305 •
CVE-2007-1898 – Jetbox CMS 2.1 Email - 'FormMail.php' Input Validation
https://notcve.org/view.php?id=CVE-2007-1898
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. formmail.php en Jetbox CMS 2.1 permite a atacantes remotos envíar e-mails de su elección a través de recipientes modificados, a través de los parámetros _SETTINGS[allowed_email_hosts][], y subject. Jetbox CMS version 2.1 suffers from an e-mail injection vulnerability that allows for spamming. • https://www.exploit-db.com/exploits/30040 http://securityreason.com/securityalert/2710 http://www.netvigilance.com/advisory0026 http://www.osvdb.org/34088 http://www.securityfocus.com/archive/1/468644/100/0/threaded http://www.securityfocus.com/bid/23989 http://www.securitytracker.com/id?1018063 http://www.vupen.com/english/advisories/2007/1831 https://exchange.xforce.ibmcloud.com/vulnerabilities/34292 •