Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-19 | CVE-2006-1834 | Numeric Errors vulnerability in Opera Browser Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. | 5.1 |
| 2006-04-19 | CVE-2006-1833 | Unspecified vulnerability in Netbsd Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface. | 2.6 |
| 2006-04-19 | CVE-2006-1832 | Input Validation vulnerability in Coder-World Sysinfo 1.21 sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action. | 5.0 |
| 2006-04-19 | CVE-2006-1831 | Input Validation vulnerability in Coder-World Sysinfo 1.21 Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other versions before 2.25 allows remote attackers to execute arbitrary commands via a leading ; (semicolon) in the name parameter in a systemdoc action, which is injected into phpinfo.php. | 7.5 |
| 2006-04-19 | CVE-2006-1830 | Local Privilege Escalation vulnerability in SUN Java Studio Enterprise 8 Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors. | 3.7 |
| 2006-04-19 | CVE-2006-1829 | Unspecified vulnerability in Sybase Easerver 5.2/5.3 EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom connection profiles. | 4.0 |
| 2006-04-19 | CVE-2006-1828 | SQL Injection vulnerability in PHP121 PHP121LOGIN.PHP SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute arbitrary SQL commands and execute arbitrary code via the sess_username variable, as set by the php121un HTTP COOKIE parameter, which is used in multiple files including php121login.php. | 5.1 |
| 2006-04-19 | CVE-2006-1247 | Link Following vulnerability in IBM AIX rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 3.3 |
| 2006-04-18 | CVE-2006-1827 | Integer Overflow vulnerability in Asterisk JPEG File Handling Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length. | 6.4 |
| 2006-04-18 | CVE-2006-1753 | Unspecified vulnerability in Debian Linux 3.1 A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | 3.6 |