Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-09 | CVE-2006-1172 | Remote Buffer Overflow vulnerability in TDC Cryptomathic Cenroll Activex Control 1.1.0.0 Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1.0.0 allows remote attackers to execute arbitrary code via vectors related to the TDC Digital signature. | 5.0 |
| 2006-05-08 | CVE-2006-2237 | Remote Arbitrary Command Execution vulnerability in Awstats 6.4/6.5 The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter. | 5.1 |
| 2006-05-08 | CVE-2006-2236 | Remote Buffer Overflow vulnerability in Quake 3 Engine remapShader Command Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command. | 7.6 |
| 2006-05-05 | CVE-2006-2235 | Authentication Bypass vulnerability in Codemunkyx Simple Poll 1.0 CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is not required for the admin directory, allows remote attackers to gain administrative privileges by appending /admin/ to the top-level URI of the application. | 7.6 |
| 2006-05-05 | CVE-2006-2234 | Cross-Site Scripting vulnerability in Tyrocms Beta1.0 Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) a javascript URI in an img BBCode tag, or a JavaScript event in a (2) url BBCode tag or (3) color BBCode tag. network tyrocms | 6.8 |
| 2006-05-05 | CVE-2006-2233 | Remote Buffer Overflow vulnerability in Banktown Btcxctl20Com Activex Control 1.4.2.51817/1.5.2.50209 Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) 1.4.2.51817, and possibly 1.5.2.50209, allows remote attackers to execute arbitrary code via a long string in the first argument to SetBannerUrl. | 7.5 |
| 2006-05-05 | CVE-2006-2232 | HTML Injection vulnerability in Scriptsez Cute Guestbook 20060211 Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 20060211 allows remote attackers to inject arbitrary web script or HTML via the Comments field when signing the guestbook. network scriptsez | 4.3 |
| 2006-05-05 | CVE-2006-2231 | HTML Injection vulnerability in Bigwebmaster Guestbook Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi. network big-webmaster | 4.3 |
| 2006-05-05 | CVE-2006-2230 | Remote Format String vulnerability in Xine 0.99.4 Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. | 5.0 |
| 2006-05-05 | CVE-2006-2229 | Denial-Of-Service vulnerability in Openvpn and Openvpn Access Server OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. | 4.0 |