CVE-2007-1082
published 2007-02-22CVE-2007-1082: FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allows remote servers to cause a denial of service (CPU consumption) via a long response to a…
PriorityP424high7.1CVSS 2.0
AVNACMAuNCNINAC
EXPLOIT
EPSS
2.39%
81.9th percentile
FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allows remote servers to cause a denial of service (CPU consumption) via a long response to a PWD command.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ftpx | ftp_explorer | — | — |
| ftpx | ftp_explorer | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2007-5959 Multiple flaws in Firefox
bugzilla·2007-11-21·CVSS 9.3
CVE-2007-5959 [CRITICAL] CVE-2007-5959 Multiple flaws in Firefox
CVE-2007-5959 Multiple flaws in Firefox
Several flaws were found in the way in which Firefox processed certain
malformed web content. A web page containing malicious content could cause
Firefox to crash or potentially execute arbitrary code as the user running
Firefox.
This fixes the following upstream bugs:
https://bugzilla.mozilla.org/buglist.cgi?bug_id=373911%2C391028%2C393326
Discussion:
Lifting embargo
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2007-1084.html
http://rhn.redhat.com/errata/RHSA-2007-1082.html
http://rhn.redhat.com/errata/RHSA-2007-1083.html
Bugzilla
CVE-2007-5947 Mozilla jar: protocol XSS
bugzilla·2007-11-21·CVSS 4.3
CVE-2007-5947 [MEDIUM] CVE-2007-5947 Mozilla jar: protocol XSS
CVE-2007-5947 Mozilla jar: protocol XSS
A cross site scripting flaw was found in the way Firefox handles the jar: URI
scheme. It is possible for a malicious web site to leverage this flaw to
possibly conduct a cross site scripting attack against a Firefox user.
Discussion:
Lifting embargo
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2007-1084.html
http://rhn.redhat.com/errata/RHSA-2007-1082.html
http://rhn.redhat.com/errata/RHSA-2007-1083.html
Bugzilla
CVE-2007-5960 Mozilla Cross-site Request Forgery flaw
bugzilla·2007-11-21·CVSS 4.3
CVE-2007-5960 [MEDIUM] CVE-2007-5960 Mozilla Cross-site Request Forgery flaw
CVE-2007-5960 Mozilla Cross-site Request Forgery flaw
A race condition exists when setting the window.location property on a web page.
This flaw could allow a page to set an arbitrary Referer header, which may lead
to a Cross-site Request Forgery (CSRF) attack against websites that rely only on
the Referer header.
Discussion:
Lifting embargo
---
This issue was addressed in:
Red Hat Enterprise Linux:
http://rhn.redhat.com/errata/RHSA-2007-1084.html
http://rhn.redhat.com/errata/RHSA-2007-1082.html
http://rhn.redhat.com/errata/RHSA-2007-1083.html
http://osvdb.org/33496http://www.attrition.org/pipermail/vim/2007-March/001470.htmlhttp://www.securityfocus.com/bid/22640https://exchange.xforce.ibmcloud.com/vulnerabilities/32606https://www.exploit-db.com/exploits/3347http://osvdb.org/33496http://www.attrition.org/pipermail/vim/2007-March/001470.htmlhttp://www.securityfocus.com/bid/22640https://exchange.xforce.ibmcloud.com/vulnerabilities/32606https://www.exploit-db.com/exploits/3347
2007-02-22
Published