Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-15 | CVE-2006-1241 | Local Inet_Server Buffer Overflow vulnerability in Firebirdsql Firebird 1.5.2.4731 Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb_inet_server with setuid firebird permissions, which might allow local users to gain privileges via a buffer overflow as identified by CVE-2006-1240, or possibly other vulnerabilities. | 4.6 |
| 2006-03-15 | CVE-2006-1240 | Local Inet_Server Buffer Overflow vulnerability in Firebirdsql Firebird 1.5/1.5.1/1.5.2 Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) fbserver in Firebird 1.5.2.4731 allows local users to gain privileges via a long value of the -p argument. | 4.6 |
| 2006-03-15 | CVE-2006-1239 | HTML Injection vulnerability in Countersoft Gemini 2.0 Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. network countersoft | 4.3 |
| 2006-03-15 | CVE-2006-1238 | SQL Injection vulnerability in Dsportal Dslogin 1.0 SQL injection vulnerability in DSLogin 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the $log_userid variable in (1) index.php and (2) admin/index.php. | 5.1 |
| 2006-03-15 | CVE-2006-1237 | SQL Injection vulnerability in Dsportal Dsnewsletter 1.0 Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to (1) include/sub.php, (2) include/confirm.php, or (3) include/unconfirm.php. | 7.5 |
| 2006-03-15 | CVE-2006-0024 | Security vulnerability in Macromedia Flash Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. | 5.1 |
| 2006-03-15 | CVE-2006-1236 | Unspecified vulnerability in Crossfire 1.9.0 Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010. | 7.5 |
| 2006-03-14 | CVE-2006-1235 | Directory Traversal vulnerability in David Ravenscroft Hithost 1.0.0 Directory traversal vulnerability in admin/deleteuser.php in HitHost 1.0.0 might allow remote attackers to delete directories (possibly only empty directories) via the $deleteuser variable. | 5.0 |
| 2006-03-14 | CVE-2006-0031 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. | 5.1 |
| 2006-03-14 | CVE-2006-0030 | Unspecified vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. | 5.1 |