CVE-2007-3458

The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.

Publication date: Wed, 27 Jun 2007 22:30:00 +0000

Cyber News related to CVE-2007-3458

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
5 years ago

CVE-2007-3458 - The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors. ...
6 years ago

CVE-2006-4684 - The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different ...
13 years ago

CVE-2006-3695 - Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform ...
6 years ago

CVE-2009-2998 - Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458. Per: ...
5 years ago

CVE-2009-3458 - Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. Per: ...
5 years ago

CVE-2021-3458 - The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified. ...
2 years ago

CVE-2011-3458 - QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 file. ...
12 years ago

CVE-2012-3458 - Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors. ...
11 years ago

CVE-2005-3458 - Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS19 in Workflow Cartridge. ...
11 years ago

CVE-2015-3458 - The fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 does not restrict the stream wrapper used in a template path, which allows remote administrators to ...
7 years ago

CVE-2008-3458 - Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory. ...
6 years ago

CVE-2006-3458 - Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read ...
5 years ago

CVE-2017-3458 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via ...
4 years ago

CVE-2017-12079 - Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field. ...
4 years ago

CVE-2017-12080 - An information exposure vulnerability in default HTTP configuration file in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain sensitive system information via .htaccess file. ...
4 years ago

CVE-2017-16769 - Exposure of private information vulnerability in Photo Viewer in Synology Photo Station 6.8.1-3458 allows remote attackers to obtain metadata from password-protected photographs via the map viewer mode. ...
4 years ago

CVE-2010-3458 - SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-email[recipient] parameter to about/. NOTE: some of these details are obtained ...
3 years ago

CVE-2016-3458 - Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. ...
2 years ago

CVE-2022-3458 - A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The ...
5 months ago

CVE-2023-3458 - A vulnerability was found in SourceCodester Shopping Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file forgot-password.php. The manipulation of the argument contact leads to sql ...
11 months ago

CVE-2013-3458 - Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do not properly process X.509 certificates, which allows remote attackers to cause a denial of service (device crash) via a large volume of (1) SSL or (2) TLS traffic, aka Bug ID ...
10 months ago

CVE-2020-3458 - Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local ...
10 months ago

CVE-2024-26631 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago

CVE-2024-3458 - A vulnerability classified as critical was found in Netentsec NS-ASG Application Security Gateway 6.3. This vulnerability affects unknown code of the file /admin/add_ikev2.php. The manipulation of the argument TunnelId leads to sql injection. The ...
2 months ago Tenable.com

Latest Cyber News

Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 11 minutes ago
Police allege 'evil twin' in-flight Wi-Fi used to steal info The Register - 11 minutes ago
Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities - 51 minutes ago
Indonesian government didn't backup ransomwared data The Register - 1 hour ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 1 hour ago
Portainer: Open-source Docker and Kubernetes management - 1 hour ago
Why every company needs a DDoS response plan - 1 hour ago
Microsoft tells more customers their emails have been stolen The Register - 2 hours ago
Preparing for Q-Day as NIST nears approval of PQC standards - 2 hours ago
Infosec products of the month: June 2024 - 3 hours ago
CVE-2024-38525 - 5 hours ago
CVE-2024-6419 - 6 hours ago
CVE-2024-6418 - 7 hours ago
CVE-2024-6417 - 7 hours ago
CVE-2023-48733 - 7 hours ago
Cybersecurity Today: Cyber Security Today, Week in Review for week ending Friday, June 28, 2024 - 7 hours ago
CVE-2024-6416 - 8 hours ago
Generative AI is new attack vector endangering enterprises, says CrowdStrike CTO - 8 hours ago
Google Chrome to let Isolated Web App access sensitive USB devices - 9 hours ago
CVE-2024-34703 - 9 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

Police allege 'evil twin' in-flight Wi-Fi used to steal info The Register - 11 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 11 minutes ago
CVE-2024-6419 - 6 hours ago
Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities - 51 minutes ago
Why every company needs a DDoS response plan - 1 hour ago
Portainer: Open-source Docker and Kubernetes management - 1 hour ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 1 hour ago
Indonesian government didn't backup ransomwared data The Register - 1 hour ago
Microsoft tells more customers their emails have been stolen The Register - 2 hours ago
Preparing for Q-Day as NIST nears approval of PQC standards - 2 hours ago
Infosec products of the month: June 2024 - 3 hours ago
CVE-2024-6416 - 8 hours ago
CVE-2024-6418 - 7 hours ago
CVE-2024-6417 - 7 hours ago
CVE-2024-34703 - 9 hours ago
Cybersecurity Today: Cyber Security Today, Week in Review for week ending Friday, June 28, 2024 - 7 hours ago
Generative AI is new attack vector endangering enterprises, says CrowdStrike CTO - 8 hours ago
CVE-2024-28797 - 12 hours ago
CVE-2023-50952 - 12 hours ago
CVE-2024-31898 - 12 hours ago