Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-03 | CVE-2006-2155 | Local Security vulnerability in Retrospect for Windows EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions. | 4.6 |
| 2006-05-03 | CVE-2006-2154 | Local Privilege Escalation vulnerability in EMC Dantz Retrospect Backup Server EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog. | 7.2 |
| 2006-05-03 | CVE-2006-2153 | Cross-Site Scripting vulnerability in DirectAdmin Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter. network jbmc-software | 4.3 |
| 2006-05-03 | CVE-2006-2152 | Remote File Include vulnerability in Advanced GuestBook Addentry.PHP PHP remote file inclusion vulnerability in admin/addentry.php in phpBB Advanced Guestbook 2.4.0 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter. | 7.5 |
| 2006-05-03 | CVE-2006-2151 | Remote Security vulnerability in Phpbb Toplist PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter. | 7.5 |
| 2006-05-03 | CVE-2006-2150 | Remote Security vulnerability in PHPbb Group PHPbb Toplist 1.3.8 PHP remote file inclusion vulnerability in top/list.php in phpBB TopList 1.3.8 and earlier allows remote attackers to include arbitrary files via the returnpath parameter. | 6.4 |
| 2006-05-03 | CVE-2006-2149 | Remote File Include vulnerability in Avatic Aardvark Topsites PHP 4.2.2 PHP remote file inclusion vulnerability in sources/lostpw.php in Aardvark Topsites PHP 4.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CONFIG[path] parameter, as demonstrated by including a GIF that contains PHP code. | 6.4 |
| 2006-05-02 | CVE-2006-2148 | Remote Buffer Overflow and Denial Of Service vulnerability in Cgiirc 0.5.4/0.5.7 Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers to execute arbitrary code via (1) cookies or (2) the query string. | 7.5 |
| 2006-05-02 | CVE-2006-1526 | Buffer Overflow vulnerability in X.Org XRender Extension Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory allocation due to a typo in an expression that uses a "&" instead of a "*" operator. | 2.1 |
| 2006-05-02 | CVE-2006-2147 | Unspecified vulnerability in Resmgr Resmgrd resmgrd in resmgr for SUSE Linux and other distributions does not properly handle when access to a USB device is granted by using "usb:<bus>,<dev>" notation, which grants access to all USB devices and allows local users to bypass intended restrictions. | 3.6 |