Search

Find a vulnerability

Search criteria

    10 vulnerabilities by firefly

    VAR-200601-0258

    Vulnerability from variot - Updated: 2025-04-03 22:41

    SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792. PHPNuke EV is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. PHPNuke EV version 7.7 is vulnerable; earlier versions may also be affected.

    For more information: SA17543

    The vulnerability has been confirmed in version 7.7-R1.

    SOLUTION: Edit the source code to ensure that input is properly sanitised.

    PROVIDED AND/OR DISCOVERED BY: Originally reported in PHP-Nuke by sp3x.

    Reported in PHPNuke EV by Lostmon.

    ORIGINAL ADVISORY: http://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html

    OTHER REFERENCES: SA17543: http://secunia.com/advisories/17543/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200601-0258",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "php-nuke ev",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "francisco burzi",
            "version": "7.7_r1"
          },
          {
            "model": "php-nuke",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "php nuke",
            "version": "7.7"
          },
          {
            "model": "studios stronghold",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "firefly",
            "version": "27.7"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "16186"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lostmon is credited with the discovery of this vulnerability.",
        "sources": [
          {
            "db": "BID",
            "id": "16186"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2006-0163",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-0163",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-16271",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-0163",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200601-108",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-16271",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-16271"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field.  NOTE: This is a different vulnerability than CVE-2005-3792. PHPNuke EV is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. \nA successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. \nPHPNuke EV version 7.7 is vulnerable; earlier versions may also be affected. \n\nFor more information:\nSA17543\n\nThe vulnerability has been confirmed in version 7.7-R1. \n\nSOLUTION:\nEdit the source code to ensure that input is properly sanitised. \n\nPROVIDED AND/OR DISCOVERED BY:\nOriginally reported in PHP-Nuke by sp3x. \n\nReported in PHPNuke EV by Lostmon. \n\nORIGINAL ADVISORY:\nhttp://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html\n\nOTHER REFERENCES:\nSA17543:\nhttp://secunia.com/advisories/17543/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-0163"
          },
          {
            "db": "BID",
            "id": "16186"
          },
          {
            "db": "VULHUB",
            "id": "VHN-16271"
          },
          {
            "db": "PACKETSTORM",
            "id": "42959"
          }
        ],
        "trust": 1.35
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-16271",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-16271"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "16186",
            "trust": 2.0
          },
          {
            "db": "NVD",
            "id": "CVE-2006-0163",
            "trust": 2.0
          },
          {
            "db": "SECUNIA",
            "id": "18394",
            "trust": 1.8
          },
          {
            "db": "OSVDB",
            "id": "22316",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-0120",
            "trust": 1.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108",
            "trust": 0.7
          },
          {
            "db": "XF",
            "id": "44978",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "27058",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-80678",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-16271",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "42959",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-16271"
          },
          {
            "db": "BID",
            "id": "16186"
          },
          {
            "db": "PACKETSTORM",
            "id": "42959"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "id": "VAR-200601-0258",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-16271"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-04-03T22:41:47.355000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "http://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/16186"
          },
          {
            "trust": 1.7,
            "url": "http://www.osvdb.org/22316"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/18394"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2006/0120"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44978"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/44978"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2006/0120"
          },
          {
            "trust": 0.3,
            "url": "http://nukevolution.com/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/18394/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/6767/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/17543/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-16271"
          },
          {
            "db": "BID",
            "id": "16186"
          },
          {
            "db": "PACKETSTORM",
            "id": "42959"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-16271"
          },
          {
            "db": "BID",
            "id": "16186"
          },
          {
            "db": "PACKETSTORM",
            "id": "42959"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2006-01-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-16271"
          },
          {
            "date": "2006-01-09T00:00:00",
            "db": "BID",
            "id": "16186"
          },
          {
            "date": "2006-01-11T05:48:09",
            "db": "PACKETSTORM",
            "id": "42959"
          },
          {
            "date": "2006-01-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          },
          {
            "date": "2006-01-11T21:03:00",
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-07-20T00:00:00",
            "db": "VULHUB",
            "id": "VHN-16271"
          },
          {
            "date": "2007-02-14T23:47:00",
            "db": "BID",
            "id": "16186"
          },
          {
            "date": "2006-09-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2006-0163"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "PHPNuke EV Search Module SQL Injection Vulnerability",
        "sources": [
          {
            "db": "BID",
            "id": "16186"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          }
        ],
        "trust": 0.9
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "sql injection",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "42959"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200601-108"
          }
        ],
        "trust": 0.7
      }
    }

    VAR-200712-0450

    Vulnerability from variot - Updated: 2022-05-17 01:58

    Firefly is an open source media server used by Roku SoundBridge and iTunes. There are multiple security vulnerabilities such as information disclosure and denial of service in Firefly: ------------------------------------ -----A] Directory traversal on Windows platform -------------------------------------- --- If you use 3 periods in the HTTP request, you can get the specific file in the parent directory of Firefly's management root folder, that is, the attacker can download all the configuration files of the server or firefly.log and other files. Mt-daapd.conf file. This vulnerability can only be exploited on Windows servers. -----------------------------------B] Windows platform bypasses certification -------- --------------------------- If the server is password protected, an unauthenticated remote attacker can have a \"/\" position before the URI. Use the period (\".\"), backslash (\"\\"), or blank (GET file.txt HTTP/1.0) to download the files in the management root folder. This vulnerability can only be exploited on Windows servers. ----------------------------------------------C] Copy HTTP Parameter Denial Service --------------------------------------------- Send Two or more HTTP parameters with the same name (such as two Host or User-Agent) can cause the server to terminate. -----------------------------------D] Partial query results in 100% CPU usage ----- ------------------------------ The remote attacker connects to the server and sends the first line of the request (GET/HTTP/1.0) This can cause the server's CPU to reach 100% until it is disconnected from the server. Firefly Media Server is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to handle specially crafted HTTP GET requests. Attackers can exploit these issues to access potentially sensitive information, crash the server, or consume excessive resources. Successful exploits could aid in further attacks or deny service to legitimate users

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0450",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": null,
            "trust": 0.6,
            "vendor": "no",
            "version": null
          },
          {
            "model": "media server firefly media server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "firefly",
            "version": "0.2.41"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          },
          {
            "db": "BID",
            "id": "26770"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Luigi Auriemma is credited with the discovery of these issues.",
        "sources": [
          {
            "db": "BID",
            "id": "26770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-514"
          }
        ],
        "trust": 0.9
      },
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2007-6919",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "CNVD",
                "id": "CNVD-2007-6919",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Firefly is an open source media server used by Roku SoundBridge and iTunes. There are multiple security vulnerabilities such as information disclosure and denial of service in Firefly: ------------------------------------ -----A] Directory traversal on Windows platform -------------------------------------- --- If you use 3 periods in the HTTP request, you can get the specific file in the parent directory of Firefly\u0027s management root folder, that is, the attacker can download all the configuration files of the server or firefly.log and other files. Mt-daapd.conf file. This vulnerability can only be exploited on Windows servers. -----------------------------------B] Windows platform bypasses certification -------- --------------------------- If the server is password protected, an unauthenticated remote attacker can have a \\\"/\\\" position before the URI. Use the period (\\\".\\\"), backslash (\\\"\\\\\\\"), or blank (GET file.txt HTTP/1.0) to download the files in the management root folder. This vulnerability can only be exploited on Windows servers. ----------------------------------------------C] Copy HTTP Parameter Denial Service --------------------------------------------- Send Two or more HTTP parameters with the same name (such as two Host or User-Agent) can cause the server to terminate. -----------------------------------D] Partial query results in 100% CPU usage ----- ------------------------------ The remote attacker connects to the server and sends the first line of the request (GET/HTTP/1.0) This can cause the server\u0027s CPU to reach 100% until it is disconnected from the server. Firefly Media Server is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to handle specially crafted HTTP GET requests. \nAttackers can exploit these issues to access potentially sensitive information, crash the server, or consume excessive resources. Successful exploits could aid in further attacks or deny service to legitimate users",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          },
          {
            "db": "BID",
            "id": "26770"
          }
        ],
        "trust": 0.81
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "26770",
            "trust": 1.5
          },
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-514",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          },
          {
            "db": "BID",
            "id": "26770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-514"
          }
        ]
      },
      "id": "VAR-200712-0450",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          }
        ]
      },
      "last_update_date": "2022-05-17T01:58:12.639000Z",
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 0.6,
            "url": "http://marc.info/?l=bugtraq\u0026m=119706669307492\u0026w=2"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/26770"
          },
          {
            "trust": 0.3,
            "url": "http://www.fireflymediaserver.org/index.php"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/484763"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          },
          {
            "db": "BID",
            "id": "26770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-514"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          },
          {
            "db": "BID",
            "id": "26770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-514"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2007-12-07T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          },
          {
            "date": "2007-12-07T00:00:00",
            "db": "BID",
            "id": "26770"
          },
          {
            "date": "2007-12-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201503-514"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-01-24T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          },
          {
            "date": "2015-03-19T08:52:00",
            "db": "BID",
            "id": "26770"
          },
          {
            "date": "2015-03-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201503-514"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201503-514"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Firefly Multiple Information Disclosure and Denial of Service Vulnerabilities",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2007-6919"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Failure to Handle Exceptional Conditions",
        "sources": [
          {
            "db": "BID",
            "id": "26770"
          }
        ],
        "trust": 0.3
      }
    }

    CVE-2007-5824 (GCVE-0-2007-5824)

    Vulnerability from nvd – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47
    VLAI
    Summary
    webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2008/dsa-1597 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/archive/1/483211/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/26309 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/483215/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/28269 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/4600 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/archive/1/483210/100… mailing-listx_refsource_BUGTRAQ
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://bugs.gentoo.org/show_bug.cgi?id=200110 x_refsource_MISC
    http://secunia.com/advisories/30661 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20071… vendor-advisoryx_refsource_GENTOO
    Date Public
    2007-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:47:00.548Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "firefly-decodepassword-dos(38242)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
              },
              {
                "name": "DSA-1597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1597"
              },
              {
                "name": "20071102 [UPH-07-02] Firefly Media Server DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
              },
              {
                "name": "26309",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26309"
              },
              {
                "name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
              },
              {
                "name": "firefly-getheaders-dos(38241)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
              },
              {
                "name": "28269",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28269"
              },
              {
                "name": "4600",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4600"
              },
              {
                "name": "20071102 [UPH-07-01] Firefly Media Server DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
              },
              {
                "name": "30661",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30661"
              },
              {
                "name": "GLSA-200712-18",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "firefly-decodepassword-dos(38242)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
            },
            {
              "name": "DSA-1597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1597"
            },
            {
              "name": "20071102 [UPH-07-02] Firefly Media Server DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
            },
            {
              "name": "26309",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26309"
            },
            {
              "name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
            },
            {
              "name": "firefly-getheaders-dos(38241)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
            },
            {
              "name": "28269",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28269"
            },
            {
              "name": "4600",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4600"
            },
            {
              "name": "20071102 [UPH-07-01] Firefly Media Server DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
            },
            {
              "name": "30661",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30661"
            },
            {
              "name": "GLSA-200712-18",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5824",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "firefly-decodepassword-dos(38242)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
                },
                {
                  "name": "DSA-1597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1597"
                },
                {
                  "name": "20071102 [UPH-07-02] Firefly Media Server DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
                },
                {
                  "name": "26309",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26309"
                },
                {
                  "name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
                },
                {
                  "name": "firefly-getheaders-dos(38241)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
                },
                {
                  "name": "28269",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28269"
                },
                {
                  "name": "4600",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4600"
                },
                {
                  "name": "20071102 [UPH-07-01] Firefly Media Server DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
                  "refsource": "MISC",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
                },
                {
                  "name": "30661",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30661"
                },
                {
                  "name": "GLSA-200712-18",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5824",
        "datePublished": "2007-11-05T19:00:00.000Z",
        "dateReserved": "2007-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:47:00.548Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5825 (GCVE-0-2007-5825)

    Vulnerability from nvd – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47
    VLAI
    Summary
    Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2008/dsa-1597 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/bid/26310 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/483209/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/483214/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/28269 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://bugs.gentoo.org/show_bug.cgi?id=200110 x_refsource_MISC
    http://secunia.com/advisories/30661 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20071… vendor-advisoryx_refsource_GENTOO
    Date Public
    2007-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:47:00.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-1597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1597"
              },
              {
                "name": "26310",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26310"
              },
              {
                "name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
              },
              {
                "name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
              },
              {
                "name": "28269",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28269"
              },
              {
                "name": "firefly-addarg-format-string(38243)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
              },
              {
                "name": "30661",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30661"
              },
              {
                "name": "GLSA-200712-18",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-1597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1597"
            },
            {
              "name": "26310",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26310"
            },
            {
              "name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
            },
            {
              "name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
            },
            {
              "name": "28269",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28269"
            },
            {
              "name": "firefly-addarg-format-string(38243)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
            },
            {
              "name": "30661",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30661"
            },
            {
              "name": "GLSA-200712-18",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-1597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1597"
                },
                {
                  "name": "26310",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26310"
                },
                {
                  "name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
                },
                {
                  "name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
                },
                {
                  "name": "28269",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28269"
                },
                {
                  "name": "firefly-addarg-format-string(38243)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
                  "refsource": "MISC",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
                },
                {
                  "name": "30661",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30661"
                },
                {
                  "name": "GLSA-200712-18",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5825",
        "datePublished": "2007-11-05T19:00:00.000Z",
        "dateReserved": "2007-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:47:00.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2460 (GCVE-0-2007-2460)

    Vulnerability from nvd – Published: 2007-05-02 18:00 – Updated: 2024-08-07 13:42
    VLAI
    Summary
    PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-04-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:42:32.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
              },
              {
                "name": "ADV-2007-1554",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1554"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
            },
            {
              "name": "ADV-2007-1554",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1554"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2460",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
                },
                {
                  "name": "ADV-2007-1554",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1554"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2460",
        "datePublished": "2007-05-02T18:00:00.000Z",
        "dateReserved": "2007-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:42:32.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2456 (GCVE-0-2007-2456)

    Vulnerability from nvd – Published: 2007-05-02 17:00 – Updated: 2024-08-07 13:42
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.attrition.org/pipermail/vim/2007-May/0… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/1554 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23683 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/3805 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/35702 vdb-entryx_refsource_OSVDB
    http://osvdb.org/35701 vdb-entryx_refsource_OSVDB
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:42:33.424Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
              },
              {
                "name": "ADV-2007-1554",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1554"
              },
              {
                "name": "23683",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23683"
              },
              {
                "name": "3805",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3805"
              },
              {
                "name": "35702",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35702"
              },
              {
                "name": "35701",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35701"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
            },
            {
              "name": "ADV-2007-1554",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1554"
            },
            {
              "name": "23683",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23683"
            },
            {
              "name": "3805",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3805"
            },
            {
              "name": "35702",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35702"
            },
            {
              "name": "35701",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35701"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2456",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
                },
                {
                  "name": "ADV-2007-1554",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1554"
                },
                {
                  "name": "23683",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23683"
                },
                {
                  "name": "3805",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3805"
                },
                {
                  "name": "35702",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35702"
                },
                {
                  "name": "35701",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35701"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2456",
        "datePublished": "2007-05-02T17:00:00.000Z",
        "dateReserved": "2007-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:42:33.424Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5824 (GCVE-0-2007-5824)

    Vulnerability from cvelistv5 – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47
    VLAI
    Summary
    webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2008/dsa-1597 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/archive/1/483211/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/26309 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/483215/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/28269 third-party-advisoryx_refsource_SECUNIA
    https://www.exploit-db.com/exploits/4600 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/archive/1/483210/100… mailing-listx_refsource_BUGTRAQ
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://bugs.gentoo.org/show_bug.cgi?id=200110 x_refsource_MISC
    http://secunia.com/advisories/30661 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20071… vendor-advisoryx_refsource_GENTOO
    Date Public
    2007-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:47:00.548Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "firefly-decodepassword-dos(38242)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
              },
              {
                "name": "DSA-1597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1597"
              },
              {
                "name": "20071102 [UPH-07-02] Firefly Media Server DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
              },
              {
                "name": "26309",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26309"
              },
              {
                "name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
              },
              {
                "name": "firefly-getheaders-dos(38241)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
              },
              {
                "name": "28269",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28269"
              },
              {
                "name": "4600",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4600"
              },
              {
                "name": "20071102 [UPH-07-01] Firefly Media Server DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
              },
              {
                "name": "30661",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30661"
              },
              {
                "name": "GLSA-200712-18",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "firefly-decodepassword-dos(38242)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
            },
            {
              "name": "DSA-1597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1597"
            },
            {
              "name": "20071102 [UPH-07-02] Firefly Media Server DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
            },
            {
              "name": "26309",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26309"
            },
            {
              "name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
            },
            {
              "name": "firefly-getheaders-dos(38241)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
            },
            {
              "name": "28269",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28269"
            },
            {
              "name": "4600",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4600"
            },
            {
              "name": "20071102 [UPH-07-01] Firefly Media Server DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
            },
            {
              "name": "30661",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30661"
            },
            {
              "name": "GLSA-200712-18",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5824",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "firefly-decodepassword-dos(38242)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
                },
                {
                  "name": "DSA-1597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1597"
                },
                {
                  "name": "20071102 [UPH-07-02] Firefly Media Server DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
                },
                {
                  "name": "26309",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26309"
                },
                {
                  "name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
                },
                {
                  "name": "firefly-getheaders-dos(38241)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
                },
                {
                  "name": "28269",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28269"
                },
                {
                  "name": "4600",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4600"
                },
                {
                  "name": "20071102 [UPH-07-01] Firefly Media Server DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
                  "refsource": "MISC",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
                },
                {
                  "name": "30661",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30661"
                },
                {
                  "name": "GLSA-200712-18",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5824",
        "datePublished": "2007-11-05T19:00:00.000Z",
        "dateReserved": "2007-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:47:00.548Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5825 (GCVE-0-2007-5825)

    Vulnerability from cvelistv5 – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47
    VLAI
    Summary
    Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2008/dsa-1597 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/bid/26310 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/483209/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/483214/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/28269 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sourceforge.net/project/shownotes.php?grou… x_refsource_CONFIRM
    http://bugs.gentoo.org/show_bug.cgi?id=200110 x_refsource_MISC
    http://secunia.com/advisories/30661 third-party-advisoryx_refsource_SECUNIA
    http://www.gentoo.org/security/en/glsa/glsa-20071… vendor-advisoryx_refsource_GENTOO
    Date Public
    2007-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:47:00.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-1597",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2008/dsa-1597"
              },
              {
                "name": "26310",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26310"
              },
              {
                "name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
              },
              {
                "name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
              },
              {
                "name": "28269",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28269"
              },
              {
                "name": "firefly-addarg-format-string(38243)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
              },
              {
                "name": "30661",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/30661"
              },
              {
                "name": "GLSA-200712-18",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-1597",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1597"
            },
            {
              "name": "26310",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26310"
            },
            {
              "name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
            },
            {
              "name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
            },
            {
              "name": "28269",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28269"
            },
            {
              "name": "firefly-addarg-format-string(38243)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
            },
            {
              "name": "30661",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/30661"
            },
            {
              "name": "GLSA-200712-18",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-1597",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2008/dsa-1597"
                },
                {
                  "name": "26310",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26310"
                },
                {
                  "name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
                },
                {
                  "name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
                },
                {
                  "name": "28269",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28269"
                },
                {
                  "name": "firefly-addarg-format-string(38243)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
                  "refsource": "MISC",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
                },
                {
                  "name": "30661",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/30661"
                },
                {
                  "name": "GLSA-200712-18",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5825",
        "datePublished": "2007-11-05T19:00:00.000Z",
        "dateReserved": "2007-11-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:47:00.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2460 (GCVE-0-2007-2460)

    Vulnerability from cvelistv5 – Published: 2007-05-02 18:00 – Updated: 2024-08-07 13:42
    VLAI
    Summary
    PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-04-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:42:32.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
              },
              {
                "name": "ADV-2007-1554",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1554"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
            },
            {
              "name": "ADV-2007-1554",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1554"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2460",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
                },
                {
                  "name": "ADV-2007-1554",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1554"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2460",
        "datePublished": "2007-05-02T18:00:00.000Z",
        "dateReserved": "2007-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:42:32.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2456 (GCVE-0-2007-2456)

    Vulnerability from cvelistv5 – Published: 2007-05-02 17:00 – Updated: 2024-08-07 13:42
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.attrition.org/pipermail/vim/2007-May/0… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2007/1554 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23683 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/3805 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/35702 vdb-entryx_refsource_OSVDB
    http://osvdb.org/35701 vdb-entryx_refsource_OSVDB
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:42:33.424Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
              },
              {
                "name": "ADV-2007-1554",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1554"
              },
              {
                "name": "23683",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23683"
              },
              {
                "name": "3805",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3805"
              },
              {
                "name": "35702",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35702"
              },
              {
                "name": "35701",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35701"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
            },
            {
              "name": "ADV-2007-1554",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1554"
            },
            {
              "name": "23683",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23683"
            },
            {
              "name": "3805",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3805"
            },
            {
              "name": "35702",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35702"
            },
            {
              "name": "35701",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35701"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2456",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
                  "refsource": "VIM",
                  "url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
                },
                {
                  "name": "ADV-2007-1554",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1554"
                },
                {
                  "name": "23683",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23683"
                },
                {
                  "name": "3805",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3805"
                },
                {
                  "name": "35702",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35702"
                },
                {
                  "name": "35701",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35701"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2456",
        "datePublished": "2007-05-02T17:00:00.000Z",
        "dateReserved": "2007-05-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:42:33.424Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }