Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-11 | CVE-2006-1189 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." | 10.0 |
| 2006-04-11 | CVE-2006-1188 | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. | 7.5 |
| 2006-04-11 | CVE-2006-1186 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | 10.0 |
| 2006-04-11 | CVE-2006-1185 | Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | 7.5 |
| 2006-04-11 | CVE-2006-0015 | Cross-Site Scripting vulnerability in Microsoft products Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters. network microsoft | 6.8 |
| 2006-04-11 | CVE-2006-1711 | Unspecified vulnerability in Plone 2.0.5/2.1.2/2.5Beta1 Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits. | 5.0 |
| 2006-04-11 | CVE-2006-1710 | SQL Injection vulnerability in Design Nation Dnguestbook 2.0 SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters. | 7.6 |
| 2006-04-11 | CVE-2006-1709 | Cross-Site Scripting vulnerability in Interaktiv.shop Cross-site scripting (XSS) vulnerability in shop_main.cgi in interaktiv.shop 5 allows remote attackers to inject arbitrary web script or HTML via the (1) pn and (2) sbeg parameters. network interaktiv | 6.8 |
| 2006-04-11 | CVE-2006-1708 | SQL Injection vulnerability in Clansys 1.1 SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php. | 7.5 |
| 2006-04-11 | CVE-2006-1707 | Remote Security vulnerability in Shopweezle index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter. | 5.0 |