Security Vulnerabilities, CVEs, Published In June 2007 (Denial of service)
SlackRoll before 8 accepts gpg exit codes other than 0 and 1 as evidence of a valid signature, which allows remote Slackware mirror sites or man-in-the-middle attackers to cause a denial of service (data inconsistency) or possibly install Trojan horse packages via malformed gpg signatures.
Max CVSS
6.4
EPSS Score
0.08%
Published
2007-06-29
Updated
2008-11-15
Conti FtpServer 1.0 allows remote authenticated users to cause a denial of service (daemon crash) via a certain string containing "//A:" in the argument to the LIST command.
Max CVSS
6.8
EPSS Score
1.69%
Published
2007-06-29
Updated
2018-10-16
PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to cause a denial of service (infinite loop and resource consumption) via a malformed WDP project file.
Max CVSS
7.1
EPSS Score
0.95%
Published
2007-06-28
Updated
2018-10-16
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.
Max CVSS
4.3
EPSS Score
17.77%
Published
2007-06-28
Updated
2018-10-16
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
Max CVSS
5.0
EPSS Score
1.86%
Published
2007-06-28
Updated
2018-10-16
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.
Max CVSS
4.3
EPSS Score
2.88%
Published
2007-06-28
Updated
2018-10-16
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.
Max CVSS
4.3
EPSS Score
11.37%
Published
2007-06-28
Updated
2018-10-16
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
Max CVSS
4.3
EPSS Score
20.48%
Published
2007-06-28
Updated
2018-10-16
Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors related to "memory buffers" of Secure Socket Layer (SSL) records.
Max CVSS
7.8
EPSS Score
6.04%
Published
2007-06-28
Updated
2017-09-29
Unspecified vulnerability in the TCP Loopback/Fusion implementation in Sun Solaris 10 allows local users to cause a denial of service (resource exhaustion and service hang) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-06-28
Updated
2017-09-29
input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.
Max CVSS
7.8
EPSS Score
2.65%
Published
2007-06-27
Updated
2018-10-16
Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.
Max CVSS
7.8
EPSS Score
3.66%
Published
2007-06-27
Updated
2018-10-16
The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-06-27
Updated
2017-10-11
Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i730 phone, allows remote attackers to cause a denial of service (device hang and call termination) via a malformed SIP INVITE message, a different vulnerability than CVE-2007-3351.
Max CVSS
4.3
EPSS Score
0.60%
Published
2007-06-27
Updated
2017-07-29
The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to multiple format string specifiers in the From field, a spoofed source IP address, and limitations of the function stack frame.
Max CVSS
4.3
EPSS Score
6.43%
Published
2007-06-27
Updated
2017-07-29
The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sending a certain SIP INVITE message, but not providing an ACK when the call is answered.
Max CVSS
2.3
EPSS Score
0.37%
Published
2007-06-27
Updated
2017-07-29
Format string vulnerability on the Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 allows remote attackers to cause a denial of service (blocked call reception and calling) via format string specifiers in an SIP INVITE message that lacks a host name in the Contact header.
Max CVSS
2.3
EPSS Score
0.29%
Published
2007-06-27
Updated
2017-07-29
Format string vulnerability in the Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attackers to cause a denial of service (blocked call reception and slow calling) via format string specifiers in an SDP header value, a different vulnerability than CVE-2007-3349.
Max CVSS
5.0
EPSS Score
0.95%
Published
2007-06-27
Updated
2017-07-29
AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnerability than CVE-2007-3350.
Max CVSS
7.8
EPSS Score
0.95%
Published
2007-06-27
Updated
2017-07-29
Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation.
Max CVSS
5.0
EPSS Score
2.27%
Published
2007-06-27
Updated
2017-07-29
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
Max CVSS
7.5
EPSS Score
11.59%
Published
2007-06-26
Updated
2024-02-03
LiteWEB 2.7 allows remote attackers to cause a denial of service (hang) via a large number of requests for nonexistent pages.
Max CVSS
5.0
EPSS Score
9.24%
Published
2007-06-26
Updated
2018-10-16
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets.
Max CVSS
5.0
EPSS Score
0.81%
Published
2007-06-26
Updated
2017-10-11
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.
Max CVSS
5.0
EPSS Score
0.81%
Published
2007-06-26
Updated
2018-10-16
Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop.
Max CVSS
7.8
EPSS Score
0.81%
Published
2007-06-26
Updated
2017-10-11