JVN/CVE Demo: Jvninfos

JVN List

Name	Title	Summary	Cveinfo	Cvssv2	Jvnurl	Published Date	Last Updated Date	Actions
JVNDB-2007-000783	Cisco 製品の TLS パケットにおけるサービス運用妨害 (DoS) の脆弱性	Cisco PIX、ASA セキュリティアプライアンスには、対象デバイスへの TLS セッションが設定されている際に、TLS パケット処理の不備により、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。(CSCsg43276 および CSCsh97120)	CVE-2007-5569	7.1	http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000783.html	2007-10-17	2007-10-26	View
JVNDB-2007-000784	IBM Lotus Domino の IMAP サービスにおけるバッファオーバーフローの脆弱性	IBM Lotus Domino の IMAP サービスには、過度に長いメールボックス名により、バッファオーバーフローが発生する脆弱性が存在します。	CVE-2007-3510	7.1	http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000784.html	2007-10-23	2007-11-26	View
JVNDB-2007-000785	IBM Lotus Notes の TagAttributeListCopy() 関数におけるバッファオーバーフローの脆弱性	IBM Lotus Notes の nnotes.dll には、TagAttributeListCopy() 関数において、不正な HTML メールを処理した際に、バッファオーバーフローが発生する脆弱性が存在します。	CVE-2007-4222	9.3	http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000785.html	2007-10-23	2008-03-21	View
JVNDB-2007-000786	IBM Lotus Notes/Domino における不適切なアクセス権を付与する脆弱性	IBM Lotus Notes/Domino には、プロセス間通信 (IPC) で使用する共有メモリのメモリマップファイルに Everyone:フルコントロールのアクセス権を付与する脆弱性が存在します。	CVE-2007-5544	6.2	http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000786.html	2007-10-29	2007-11-26	View
JVNDB-2007-000787	IBM Lotus Domino の LotusScript の Evaluate メソッドにおける権限昇格の脆弱性	IBM Lotus Domino には、LotusScript の Evaluate メソッドにおいて @ コマンドを使用する際、セキュリティチェックの処理に不備があるため、認証されたリモートのユーザに権限昇格される脆弱性が存在します。	CVE-2007-5700	6.3	http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000787.html	2007-10-24	2007-11-26	View

Page 1481 of 13768, showing 5 records out of 68839 total, starting on record 7401, ending on 7405

<<first <prev 1477 | 1478 | 1479 | 1480 | 1481 | 1482 | 1483 | 1484 | 1485 next> last>>

Actions

List NVD

History
+
Request History
4 previous requests available
====
Session
+
Session
- 0(null)
====
Request
+
Request

Cake Params
- plugin(null)
- controllerjvninfos
- actionindex
- named(array)
  page1481
  sortname
  directionasc
- pass(empty)
- paging(array)
  Jvninfo(array)
  page1481
  current5
  count68839
  prevPage(true)
  nextPage(true)
  pageCount13768
  order(array)
  Jvninfo.nameasc
  limit5
  options(array)
  page1481
  order(array)
  Jvninfo.nameasc
  sortname
  directionasc
  conditions(empty)
  paramTypenamed
Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route
- keys(array)
  0controller
  1action
- options(array)
  defaultRoute(true)
- defaults(array)
  plugin(null)
- template/:controller/:action/*
====
Sql Log
+

Sql Logs

default
No query logs.

====

Timer

+

Memory

Peak Memory Use 3.97 MB

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.30 MB
View render complete	2.80 MB

Timers

Total Request Time: 132 (ms)

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.55
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	112.13
Event: Controller.beforeRender	4.69
» Processing toolbar data	4.61
Rendering View	6.35
» Event: View.beforeRender	0.03
» Rendering APP/View/Jvninfos/index.ctp	5.40
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.53
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

====

Log
+

Logs

There were no log entries made this request

====
Variables
+
View Variables
- jvninfos(array)
  0(array)
  Jvninfo(array)
  id52120
  nameJVNDB-2007-000783
  titleCisco 製品の TLS パケットにおけるサービス運用妨害 (DoS) の脆弱性
  summaryCisco PIX、ASA セキュリティアプライアンスには、対象デバイスへの TLS セッションが設定されている際に、TLS パケット処理の不備により、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。(CSCsg43276 および CSCsh97120)
  cveinfo_nameCVE-2007-5569
  cveinfo_id28924
  nvdinfo_nameCVE-2007-5569
  nvdinfo_id57634
  cvssv27.1
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000783.html
  published_date2007-10-17
  registered_date2007-10-26
  last_updated_date2007-10-26
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id28924
  nameCVE-2007-5567
  statusCandidate
  descriptionPHP remote file inclusion vulnerability in _lib/fckeditor/upload_config.php in Galmeta Post 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the DDS parameter.
  phaseAssigned (20071018)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id57634
  nameCVE-2007-5569
  descriptionCisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120.
  reject(null)
  CVSS_version2
  CVSS_score7.1
  severityHigh
  CVSS_base_score7.1
  CVSS_impact_subscore6.9
  CVSS_exploit_subscore8.6
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:M/Au:N/C:N/I:N/A:C)
  sourcecve
  pub_date2017-01-07
  published2007-10-18
  modified_date2011-03-07
  typeCVE
  seq2007-5569
  deleted(null)
  created(null)
  modified(null)
  1(array)
  Jvninfo(array)
  id52121
  nameJVNDB-2007-000784
  titleIBM Lotus Domino の IMAP サービスにおけるバッファオーバーフローの脆弱性
  summaryIBM Lotus Domino の IMAP サービスには、過度に長いメールボックス名により、バッファオーバーフローが発生する脆弱性が存在します。
  cveinfo_nameCVE-2007-3510
  cveinfo_id26865
  nvdinfo_nameCVE-2007-3510
  nvdinfo_id55661
  cvssv27.1
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000784.html
  published_date2007-10-23
  registered_date2007-11-26
  last_updated_date2007-11-26
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id26865
  nameCVE-2007-3508
  statusCandidate
  description** DISPUTED ** Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution.
  phaseAssigned (20070702)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id55661
  nameCVE-2007-3510
  descriptionBuffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name.
  reject(null)
  CVSS_version2
  CVSS_score9
  severityHigh
  CVSS_base_score9
  CVSS_impact_subscore10
  CVSS_exploit_subscore8
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-07
  published2007-10-29
  modified_date2011-03-07
  typeCVE
  seq2007-3510
  deleted(null)
  created(null)
  modified(null)
  2(array)
  Jvninfo(array)
  id52122
  nameJVNDB-2007-000785
  titleIBM Lotus Notes の TagAttributeListCopy() 関数におけるバッファオーバーフローの脆弱性
  summaryIBM Lotus Notes の nnotes.dll には、TagAttributeListCopy() 関数において、不正な HTML メールを処理した際に、バッファオーバーフローが発生する脆弱性が存在します。
  cveinfo_nameCVE-2007-4222
  cveinfo_id27577
  nvdinfo_nameCVE-2007-4222
  nvdinfo_id56351
  cvssv29.3
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000785.html
  published_date2007-10-23
  registered_date2007-11-26
  last_updated_date2008-03-21
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id27577
  nameCVE-2007-4220
  statusCandidate
  descriptionDirectory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services.
  phaseAssigned (20070808)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id56351
  nameCVE-2007-4222
  descriptionBuffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email.
  reject(null)
  CVSS_version2
  CVSS_score9.3
  severityHigh
  CVSS_base_score9.3
  CVSS_impact_subscore10
  CVSS_exploit_subscore8.6
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-07
  published2007-10-29
  modified_date2008-09-05
  typeCVE
  seq2007-4222
  deleted(null)
  created(null)
  modified(null)
  3(array)
  Jvninfo(array)
  id52123
  nameJVNDB-2007-000786
  titleIBM Lotus Notes/Domino における不適切なアクセス権を付与する脆弱性
  summaryIBM Lotus Notes/Domino には、プロセス間通信 (IPC) で使用する共有メモリのメモリマップファイルに Everyone:フルコントロールのアクセス権を付与する脆弱性が存在します。
  cveinfo_nameCVE-2007-5544
  cveinfo_id28899
  nvdinfo_nameCVE-2007-5544
  nvdinfo_id57609
  cvssv26.2
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000786.html
  published_date2007-10-29
  registered_date2007-11-26
  last_updated_date2007-11-26
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id28899
  nameCVE-2007-5542
  statusCandidate
  descriptionStack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
  phaseAssigned (20071018)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id57609
  nameCVE-2007-5544
  descriptionIBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.
  reject(null)
  CVSS_version2
  CVSS_score6.2
  severityMedium
  CVSS_base_score6.2
  CVSS_impact_subscore10
  CVSS_exploit_subscore1.9
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:H/Au:N/C:C/I:C/A:C)
  sourcecve
  pub_date2017-01-07
  published2007-10-29
  modified_date2011-03-07
  typeCVE
  seq2007-5544
  deleted(null)
  created(null)
  modified(null)
  4(array)
  Jvninfo(array)
  id52124
  nameJVNDB-2007-000787
  titleIBM Lotus Domino の LotusScript の Evaluate メソッドにおける権限昇格の脆弱性
  summaryIBM Lotus Domino には、LotusScript の Evaluate メソッドにおいて @ コマンドを使用する際、セキュリティチェックの処理に不備があるため、認証されたリモートのユーザに権限昇格される脆弱性が存在します。
  cveinfo_nameCVE-2007-5700
  cveinfo_id29055
  nvdinfo_nameCVE-2007-5700
  nvdinfo_id57757
  cvssv26.3
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000787.html
  published_date2007-10-24
  registered_date2007-11-26
  last_updated_date2007-11-26
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id29055
  nameCVE-2007-5698
  statusCandidate
  descriptionCross-site scripting (XSS) vulnerability in default.asp in CREApark GOLD KOY PORTALI allows remote attackers to inject arbitrary web script or HTML via the aranan parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
  phaseAssigned (20071029)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id57757
  nameCVE-2007-5700
  descriptionThe Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information.
  reject(null)
  CVSS_version2
  CVSS_score6.3
  severityMedium
  CVSS_base_score6.3
  CVSS_impact_subscore6.9
  CVSS_exploit_subscore6.8
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:M/Au:S/C:C/I:N/A:N)
  sourcecve
  pub_date2017-01-07
  published2007-10-29
  modified_date2011-03-07
  typeCVE
  seq2007-5700
  deleted(null)
  created(null)
  modified(null)
- $request->data(empty)
- $this->validationErrors(array)
  Jvninfo(empty)
  Cveinfo(empty)
  Nvdinfo(empty)
- Loaded Helpers(array)
  0Number
  1SimpleGraph
  2Paginator
  3DebugTimer
  4Toolbar
  5Html
  6Text
  7Form
  8Session
  9HtmlToolbar
====

+

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:1481/sort:name/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:1481/sort:name/direction:asc
Remote Port	1612
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.196
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.216.4
Http Via	1.1 squid-proxy-5b5d847c96-gt9x4 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.196
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.196
Unique Id	aGUZPa6bHd7vBlKDQtA4IAAAAew
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.196
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.196
Redirect Unique Id	aGUZPa6bHd7vBlKDQtA4IAAAAew
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.196
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.196
Redirect Redirect Unique Id	aGUZPa6bHd7vBlKDQtA4IAAAAew
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1751456061.7053
Request Time	1751456061

====

Include
+
Included Files

Include Paths
- 0/virtual/inogo77/public_html/jvn/lib
- 2/opt/remi/php56/root/usr/share/pear
- 3/opt/remi/php56/root/usr/share/php
- 4/usr/share/pear
- 5/usr/share/php
- 6-> /virtual/inogo77/public_html/jvn/lib/Cake/
Included Files
- core(array)
  Cache(array)
  0CORE/Cache/Cache.php
  1CORE/Cache/Engine/FileEngine.php
  2CORE/Cache/CacheEngine.php
  Component(array)
  0CORE/Controller/Component/SessionComponent.php
  1CORE/Controller/Component/PaginatorComponent.php
  Config(array)
  0CORE/Config/routes.php
  1CORE/Config/config.php
  Controller(array)
  0CORE/Controller/Controller.php
  1CORE/Controller/ComponentCollection.php
  2CORE/Controller/Component.php
  Datasource(array)
  0CORE/Model/Datasource/CakeSession.php
  1CORE/Model/Datasource/Database/Mysql.php
  2CORE/Model/Datasource/DboSource.php
  3CORE/Model/Datasource/DataSource.php
  Error(array)
  0CORE/Error/exceptions.php
  1CORE/Error/ErrorHandler.php
  I18n(array)
  0CORE/I18n/I18n.php
  1CORE/I18n/L10n.php
  Log(array)
  0CORE/Log/CakeLog.php
  1CORE/Log/LogEngineCollection.php
  2CORE/Log/Engine/FileLog.php
  3CORE/Log/Engine/BaseLog.php
  4CORE/Log/CakeLogInterface.php
  Model(array)
  0CORE/Model/Model.php
  1CORE/Model/BehaviorCollection.php
  2CORE/Model/ConnectionManager.php
  Network(array)
  0CORE/Network/CakeRequest.php
  1CORE/Network/CakeResponse.php
  Other(array)
  0CORE/bootstrap.php
  1CORE/basics.php
  2CORE/Core/App.php
  3CORE/Core/Configure.php
  4CORE/Core/CakePlugin.php
  5CORE/Event/CakeEventListener.php
  6CORE/Event/CakeEvent.php
  7CORE/Event/CakeEventManager.php
  8CORE/Core/Object.php
  Routing(array)
  0CORE/Routing/Dispatcher.php
  1CORE/Routing/Filter/AssetDispatcher.php
  2CORE/Routing/DispatcherFilter.php
  3CORE/Routing/Filter/CacheDispatcher.php
  4CORE/Routing/Router.php
  5CORE/Routing/Route/CakeRoute.php
  6CORE/Routing/Route/PluginShortRoute.php
  Utility(array)
  0CORE/Utility/Hash.php
  1CORE/Utility/Inflector.php
  2CORE/Utility/ObjectCollection.php
  3CORE/Utility/Debugger.php
  4CORE/Utility/String.php
  5CORE/Utility/ClassRegistry.php
  View(array)
  0CORE/View/HelperCollection.php
- app(array)
  Component(array)
  0APP/Controller/Component/CommonComponent.php
  Config(array)
  0APP/Config/core.php
  1APP/Config/bootstrap.php
  2APP/Config/routes.php
  3APP/Config/database.php
  Controller(array)
  0APP/Controller/JvninfosController.php
  1APP/Controller/AppController.php
  Model(array)
  0APP/Model/Jvninfo.php
  1APP/Model/AppModel.php
  2APP/Model/Cveinfo.php
  3APP/Model/Nvdinfo.php
  Other(array)
  0APP/webroot/index.php
- plugins(array)
  DebugKit(array)
  Component(array)
  0DebugKit/Controller/Component/ToolbarComponent.php
  Other(array)
  0DebugKit/Lib/DebugMemory.php
  1DebugKit/Lib/Panel/HistoryPanel.php
  2DebugKit/Lib/DebugPanel.php
  3DebugKit/Lib/Panel/SessionPanel.php
  4DebugKit/Lib/Panel/RequestPanel.php
  5DebugKit/Lib/Panel/SqlLogPanel.php
  6DebugKit/Lib/Panel/TimerPanel.php
  7DebugKit/Lib/Panel/LogPanel.php
  8DebugKit/Lib/Panel/VariablesPanel.php
  9DebugKit/Lib/Panel/EnvironmentPanel.php
  10DebugKit/Lib/Panel/IncludePanel.php
  11DebugKit/Lib/DebugTimer.php
  Log(array)
  0DebugKit/Lib/Log/Engine/DebugKitLog.php
====