CVE-2007-0159
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-0159
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in the GeoIP_update_database_general function in libGeoIP/GeoIPUpdate.c in GeoIP 1.4.0 allows remote malicious update servers (possibly only update.maxmind.com) to overwrite arbitrary files via a .. (dot dot) in the database filename, which is returned by a request to app/update_getfilename.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
GeoIP 'GeoIPUpdate.C' 目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
GeoIP 1.4.0版本的libGeoIP/GeoIPUpdate.c中的GeoIP_update_database_general函数存在目录遍历漏洞。远程恶意更新服务商(可能仅仅是update.maxmind.com)可以借助数据库文件名中的..,重写任意文件。对app/update_getfilename的请求会返回该漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-0159
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-0159
Please Login to view more intelligence information
Same Patch Batch · n/a · 2007-01-10 · 14 CVEs total
| CVE-2006-5857 | Adobe Acrobat Reader堆溢出漏洞 | |
| CVE-2006-5858 | Adobe ColdFusion文件名信息泄露漏洞 | |
| CVE-2007-0167 | PPC Search Engine INC Parameter 多个远程文件包含漏洞 | |
| CVE-2006-6143 | MIT Kerberos RPC库xp_auth指针拒绝服务或任意代码执行漏洞 | |
| CVE-2006-6144 | MIT Kerberos kadmind释放初始化指针拒绝服务漏洞 | |
| CVE-2006-6914 | IBM AIX FTPD拒绝服务及信息泄露漏洞 | |
| CVE-2006-6915 | IBM AIX FTPD拒绝服务及信息泄露漏洞 | |
| CVE-2007-0160 | CenterICQ IJHook.CC远程溢出漏洞 | |
| CVE-2007-0161 | HP多个产品PML Driver HPZ12服务本地权限提升漏洞 | |
| CVE-2007-0162 | Application Enhancer 本地特权提升漏洞 | |
| CVE-2007-0163 | SecureKit Steganography 安全绕过漏洞 | |
| CVE-2007-0164 | Camouflage Security 安全绕过漏洞 | |
| CVE-2007-0165 | Sun Solaris RPC未明漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2007-0159
No comments yet