CVE-2007-2782

Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allows remote attackers to predict the ISN value, and perform session hijacking or disruption.

Publication date: Tue, 16 Oct 2018 21:45:00 +0000

Cyber News related to CVE-2007-2782

CVE-2024-32771 - An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network authenticated administrators to perform an ...
4 months ago

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-2782 - Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allows remote attackers to predict the ISN value, and perform session hijacking or disruption. ...
1 year ago

CVE-2014-2782 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2006-2782 - Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. Fixed in: Firefox ...
6 years ago

CVE-2016-2782 - The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by ...
3 years ago

CVE-2013-2782 - Schneider Electric Trio J-Series License Free Ethernet Radio with firmware 3.6.0 through 3.6.3 uses the same AES encryption key across different customers' installations, which makes it easier for remote attackers to defeat cryptographic ...
11 years ago

CVE-2015-2782 - Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive. ...
7 years ago

CVE-2005-2782 - PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote attackers to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for ...
7 years ago

CVE-2009-2782 - SQL injection vulnerability in the JFusion (com_jfusion) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. ...
7 years ago

CVE-2008-2782 - Multiple directory traversal vulnerabilities in OtomiGenX 2.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) library_rss.php and (2) rss.php. ...
7 years ago

CVE-2012-2782 - Unspecified vulnerability in the decode_slice_header function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change." ...
6 years ago

CVE-2011-2782 - The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors. ...
4 years ago

CVE-2019-2782 - Vulnerability in the Oracle Payments component of Oracle E-Business Suite (subcomponent: File Transmission). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated ...
4 years ago

CVE-2020-2782 - Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access ...
4 years ago

CVE-2017-2782 - An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy ...
2 years ago

CVE-2018-2782 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access ...
2 years ago

CVE-2022-2782 - In affected versions of Octopus Server it is possible for a session token to be valid indefinitely due to improper validation of the session token parameters. ...
2 years ago

CVE-2023-2782 - Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.3.1-38. ...
1 year ago

CVE-2024-2782 - The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST ...
8 months ago

CVE-2023-39298 - A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to ...
4 months ago

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
6 years ago

Latest Cyber News

CVE-2025-25246 - 22 hours ago
CVE-2025-1022 - 22 hours ago
CVE-2025-1025 - 22 hours ago
CVE-2025-1026 - 22 hours ago
CVE-2025-1028 - 23 hours ago
CVE-2025-23114 - 1 day ago
CVE-2024-53966 - 1 day ago
CVE-2025-0413 - 1 day ago
CVE-2024-53962 - 1 day ago
CVE-2024-53963 - 1 day ago
CVE-2024-53964 - 1 day ago
CVE-2024-53965 - 1 day ago
CVE-2023-39943 - 1 day ago
CVE-2023-40222 - 1 day ago
CVE-2024-11467 - 1 day ago
CVE-2024-11468 - 1 day ago
CVE-2024-48445 - 1 day ago
CVE-2024-8125 - 1 day ago
CVE-2024-13722 - 1 day ago
CVE-2024-13723 - 1 day ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-13114 - 1 day ago
CVE-2024-13115 - 1 day ago
CVE-2024-13325 - 1 day ago
CVE-2024-13326 - 1 day ago
CVE-2024-13327 - 1 day ago
CVE-2024-13328 - 1 day ago
CVE-2024-13329 - 1 day ago
CVE-2024-13330 - 1 day ago
CVE-2024-13331 - 1 day ago
CVE-2024-13332 - 1 day ago
CVE-2025-0368 - 1 day ago
CVE-2025-0466 - 1 day ago
CVE-2024-12597 - 1 day ago
CVE-2024-13607 - 1 day ago
CVE-2024-10237 - 1 day ago
CVE-2024-10238 - 1 day ago
CVE-2024-10239 - 1 day ago
CVE-2024-12046 - 1 day ago
CVE-2024-13514 - 1 day ago
CVE-2025-20881 - 1 day ago