Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-05 | CVE-2006-6306 | Local Security vulnerability in Novell Client 4.91 Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window. | 1.2 |
| 2006-12-05 | CVE-2006-6300 | Cross-Site Scripting vulnerability in Cutephp Cutenews 1.3.6 Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the result parameter. network cutephp | 4.3 |
| 2006-12-05 | CVE-2006-6299 | Remote Integer Overflow vulnerability in Novell Zenworks Asset Management 7 Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow. | 10.0 |
| 2006-12-05 | CVE-2006-6298 | SQL Injection vulnerability in Maxiasp Yonetimi 1.0 SQL injection vulnerability in uye_giris_islem.asp in Metyus Okul Yonetim Sistemi 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) kullanici_ismi and (2) sifre parameters. | 7.5 |
| 2006-12-05 | CVE-2006-6297 | Resource Management Errors vulnerability in KDE Kdegraphics 3.2/3.4.3 Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion. | 5.0 |
| 2006-12-05 | CVE-2006-6296 | Resource Management Errors vulnerability in Microsoft Windows 2000 and Windows XP The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644. | 6.1 |
| 2006-12-05 | CVE-2006-6295 | Remote File Include vulnerability in Mxbb MX Tinies 1.3.0 PHP remote file inclusion vulnerability in includes/mx_common.php in the mx_tinies 1.3.0 Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. network mxbb | 6.8 |
| 2006-12-05 | CVE-2006-6294 | Unspecified vulnerability in Frisk Software F-Prot Antivirus 4.6.6 Multiple unspecified vulnerabilities in FRISK Software F-Prot Antivirus before 4.6.7 have unspecified impact and attack vectors. | 7.5 |
| 2006-12-05 | CVE-2006-6293 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in F-Prot Antivirus Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. | 7.5 |
| 2006-12-05 | CVE-2006-6292 | Denial Of Service vulnerability in Apple mac OS X 10.4.8 Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames. | 5.7 |