Max CVSS | 5.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-2445 | 5.0 |
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.
|
16-10-2018 - 16:43 | 16-05-2007 - 22:30 | |
CVE-2007-1558 | 2.6 |
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APO
|
16-10-2018 - 16:39 | 16-04-2007 - 22:19 | |
CVE-2007-2589 | 5.0 |
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
|
11-10-2017 - 01:32 | 11-05-2007 - 04:20 | |
CVE-2007-1841 | 4.3 |
The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service (tunnel crash) via crafted (1) DELETE (ISAKMP_NPTYPE_D) and (2) NOTIFY (ISAKMP_NPTYPE_N) messages.
|
11-10-2017 - 01:32 | 10-04-2007 - 22:19 | |
CVE-2007-1856 | 2.1 |
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
|
11-10-2017 - 01:32 | 18-04-2007 - 03:19 |