Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-12 | CVE-2006-1460 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. | 5.1 |
| 2006-05-12 | CVE-2006-1459 | Numeric Errors vulnerability in Apple Quicktime Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). | 5.1 |
| 2006-05-12 | CVE-2006-1458 | Numeric Errors vulnerability in Apple Quicktime 7.0.3/7.0.4 Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. | 5.1 |
| 2006-05-12 | CVE-2006-1454 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime 7.0.3/7.0.4 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | 5.1 |
| 2006-05-12 | CVE-2006-1453 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. | 5.1 |
| 2006-05-12 | CVE-2006-2349 | Input Validation vulnerability in E-Business Designer E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.upload.html, (2) common/html_editor/image_browser.html, or (3) common/html_editor/html_editor.html. network oasyssoft | 6.8 |
| 2006-05-12 | CVE-2006-2348 | Input Validation vulnerability in E-Business Designer Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 2.6 |
| 2006-05-12 | CVE-2006-2347 | Input Validation vulnerability in Oasyssoft E-Business Designer 2.3.3 E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to obtain the full path of the web server via "'" characters, and possibly other invalid values, in (1) the id parameter to form_grupo.html, or requests to the (2) archivos/ and (3) files/ directories. | 5.0 |
| 2006-05-12 | CVE-2006-2346 | Authentication Bypass vulnerability in Inter7 Vpopmail vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP. | 7.5 |
| 2006-05-12 | CVE-2006-2345 | Cross-Site Scripting vulnerability in Roostercode Ajax Softwares Alipager 1.5 Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers to inject arbitrary web script or HTML via the ubild parameter. network roostercode-ajax-softwares | 4.3 |