Vulnerabilities (CVE)

Filtered by CWE-399
Total 2548 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-6044 1 Ibm 1 Websphere Mq 2024-11-21 10.0 HIGH N/A
Multiple unspecified vulnerabilities in IBM WebSphere MQ 6.0 have unknown impact and remote attack vectors involving "memory corruption." NOTE: as of 20071116, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2007-6040 1 Belkin 1 F5d7230-4 2024-11-21 5.0 MEDIUM N/A
The Belkin F5D7230-4 Wireless G Router allows remote attackers to cause a denial of service (degraded networking and logging) via a flood of TCP SYN packets, a related issue to CVE-1999-0116.
CVE-2007-6005 1 Webex Communications 1 Webex Gpccontainer Activex Control 2024-11-21 4.3 MEDIUM N/A
Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote attackers to cause a denial of service (memory access violation and crash) via (1) an invalid argument to the InitParam method or (2) an unspecified vector involving the SetParam method.
CVE-2007-6000 1 Kde 1 Konqueror 2024-11-21 5.0 MEDIUM N/A
KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters.
CVE-2007-5971 2 Apple, Mit 3 Mac Os X, Mac Os X Server, Kerberos 5 2024-11-21 6.9 MEDIUM N/A
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
CVE-2007-5962 3 Foresight Linux, Redhat, Rpath 4 Appliances, Enterprise Linux, Fedora and 1 more 2024-11-21 7.1 HIGH N/A
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
CVE-2007-5901 2 Apple, Mit 3 Mac Os X, Mac Os X Server, Kerberos 5 2024-11-21 6.9 MEDIUM N/A
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code.
CVE-2007-5896 1 Mozilla 1 Firefox 2024-11-21 7.1 HIGH N/A
Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (\x00) and a (1) res://, (2) about:config, or (3) file:/// URI.
CVE-2007-5861 1 Apple 1 Mac Os X 2024-11-21 6.8 MEDIUM N/A
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.
CVE-2007-5859 1 Apple 2 Mac Os X, Safari 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.
CVE-2007-5846 1 Net-snmp 1 Net-snmp 2024-11-21 7.8 HIGH N/A
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
CVE-2007-5712 1 Django Project 1 Django 2024-11-21 2.6 LOW N/A
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.
CVE-2007-5708 1 Openldap 1 Openldap 2024-11-21 7.1 HIGH N/A
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated.
CVE-2007-5707 1 Openldap 1 Openldap 2024-11-21 7.1 HIGH N/A
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
CVE-2007-5656 1 Tibco 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver 2024-11-21 10.0 HIGH N/A
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
CVE-2007-5622 1 3proxy 1 3proxy 2024-11-21 5.0 MEDIUM N/A
Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy.
CVE-2007-5612 1 Ibm 1 Director 2024-11-21 7.8 HIGH N/A
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.
CVE-2007-5585 1 Xscreensaver 1 Xscreensaver 2024-11-21 5.0 MEDIUM N/A
xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen, which allows attackers with physical access to gain access to the locked session.
CVE-2007-5537 1 Cisco 2 Unified Callmanager, Unified Communications Manager 2024-11-21 7.8 HIGH N/A
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822.
CVE-2007-5506 1 Oracle 1 Database Server 2024-11-21 7.8 HIGH N/A
The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20.