| Max CVSS | 9.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1351 | 8.5 |
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo
|
16-10-2018 - 16:38 | 06-04-2007 - 01:19 | |
| CVE-2007-0653 | 9.3 |
Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption.
|
16-10-2018 - 16:33 | 21-03-2007 - 22:19 | |
| CVE-2007-0537 | 2.6 |
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags withi
|
16-10-2018 - 16:33 | 29-01-2007 - 16:28 | |
| CVE-2007-0654 | 9.3 |
Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow.
|
16-10-2018 - 16:33 | 21-03-2007 - 22:19 | |
| CVE-2006-7139 | 2.6 |
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid fre
|
16-10-2018 - 16:29 | 07-03-2007 - 20:19 | |
| CVE-2007-0451 | 4.3 |
Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage." Upgrade to SpamAssassin version 3.1.8
|
11-10-2017 - 01:31 | 16-02-2007 - 19:28 | |
| CVE-2007-1564 | 6.8 |
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
|
11-10-2017 - 01:31 | 21-03-2007 - 19:19 | |
| CVE-2007-0242 | 4.3 |
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences t
|
11-10-2017 - 01:31 | 03-04-2007 - 16:19 | |
| CVE-2007-0177 | 5.1 |
Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecif
|
29-07-2017 - 01:30 | 11-01-2007 - 00:28 |