Security Vulnerabilities, CVEs, Published In 2007 (Denial of service)
QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) HELO, (2) MAIL FROM, or (3) RCPT TO command; or (4) a long string in the message sent after the DATA command; possibly a related issue to CVE-2006-5551.
Max CVSS
7.8
EPSS Score
0.94%
Published
2007-12-28
Updated
2018-10-15
Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows in the (1) SocketAddress::Connect function in libsolve/sockprot.cpp and (2) monitor_bridge function in src/bridge.cpp.
Max CVSS
5.0
EPSS Score
5.46%
Published
2007-12-28
Updated
2017-08-08
TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file. NOTE: this might be a duplicate of CVE-2006-6288.
Max CVSS
4.3
EPSS Score
26.53%
Published
2007-12-28
Updated
2018-10-15
Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart.
Max CVSS
6.8
EPSS Score
0.87%
Published
2007-12-27
Updated
2018-10-15
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks.
Max CVSS
7.8
EPSS Score
2.32%
Published
2007-12-24
Updated
2018-10-15
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-12-24
Updated
2017-08-08
CVE-2007-6509
Public exploit
Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp.
Max CVSS
7.8
EPSS Score
74.46%
Published
2007-12-21
Updated
2017-08-08
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via an empty string in the argument to the ProcessRequestEx method.
Max CVSS
7.1
EPSS Score
0.93%
Published
2007-12-20
Updated
2018-10-15
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
4.37%
Published
2007-12-20
Updated
2018-10-30
Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a .M3U file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.8
EPSS Score
28.05%
Published
2007-12-20
Updated
2018-10-15
Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffman.c in Hammer of Thyrion 1.4.2 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted huffman encoded packet. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
5.32%
Published
2007-12-20
Updated
2011-03-08
Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote attackers to cause a denial of service (crash) via a long Host header.
Max CVSS
5.0
EPSS Score
6.13%
Published
2007-12-20
Updated
2018-10-15
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
Max CVSS
10.0
EPSS Score
57.57%
Published
2007-12-20
Updated
2018-10-15
Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.
Max CVSS
4.3
EPSS Score
0.40%
Published
2007-12-19
Updated
2018-10-15
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
Max CVSS
5.0
EPSS Score
0.40%
Published
2007-12-19
Updated
2018-10-15
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."
Max CVSS
3.3
EPSS Score
0.22%
Published
2007-12-19
Updated
2018-10-15
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119.
Max CVSS
6.1
EPSS Score
0.23%
Published
2007-12-19
Updated
2023-02-13
Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111.
Max CVSS
5.0
EPSS Score
0.42%
Published
2007-12-19
Updated
2023-02-13
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service (crash) via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference.
Max CVSS
5.0
EPSS Score
55.74%
Published
2007-12-19
Updated
2018-10-15
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
5.00%
Published
2007-12-24
Updated
2017-09-29
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-12-18
Updated
2018-10-30
Multiple buffer overflows in the HandleEmotsConfig function in the GG Client in Gadu-Gadu 7.7 Build 3669 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (gg.exe process crash) via a long string in an emots.txt file.
Max CVSS
4.3
EPSS Score
3.15%
Published
2007-12-17
Updated
2018-10-15
Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and add arbitrary user accounts or cause a denial of service as administrators via an unspecified "crafted link," possibly related to the gg protocol.
Max CVSS
4.3
EPSS Score
0.08%
Published
2007-12-17
Updated
2018-10-15
The gg protocol handler in Gadu-Gadu, when this product is installed but not running, does not properly handle the skin attribute, which allows remote attackers to cause a denial of service (resource consumption) via unspecified network traffic.
Max CVSS
4.3
EPSS Score
0.26%
Published
2007-12-17
Updated
2018-10-15
Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.
Max CVSS
7.2
EPSS Score
0.30%
Published
2007-12-15
Updated
2017-08-08