Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-14 | CVE-2006-0396 | Remote Buffer Overflow vulnerability in Apple Mac OS X Mail Message Attachment Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment. | 5.1 |
| 2006-03-14 | CVE-2006-1220 | Local Heap Overflow vulnerability in Apple Mac OS X Kernel MACH_MSG_SEND Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow. | 4.6 |
| 2006-03-14 | CVE-2006-1219 | Local File Include vulnerability in Gallery Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php. | 5.0 |
| 2006-03-14 | CVE-2006-1218 | Remote Denial Of Service vulnerability in Novell Bordermanager 3.8 Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1". | 5.0 |
| 2006-03-14 | CVE-2006-1217 | SQL Injection vulnerability in Dsportal Dspoll 1.1 SQL injection vulnerability in DSPoll 1.1 allows remote attackers to execute arbitrary SQL commands via the pollid parameter to (1) results.php, (2) topolls.php, (3) pollit.php. | 7.5 |
| 2006-03-14 | CVE-2006-1216 | Cross-Site Scripting vulnerability in RunCMS Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x allows remote attackers to inject arbitrary web script or HTML via the id parameter. network runcms | 4.3 |
| 2006-03-14 | CVE-2006-1215 | Cross-Site Scripting vulnerability in Woltlab Burning Board 2.3.4 Cross-site scripting (XSS) vulnerability in misc.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the percent parameter. network woltlab | 4.3 |
| 2006-03-14 | CVE-2006-0457 | Local Copy_To_User Race vulnerability in Linux Kernel Security Key Functions Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. | 7.1 |
| 2006-03-14 | CVE-2006-1214 | Remote Denial Of Service vulnerability in Unreal Unrealircd 3.2.3 UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified denial of service by causing a linked server to send malformed TKL Q:Line commands, as demonstrated by "TKL - q\x08Q *\x08PoC." | 5.0 |
| 2006-03-14 | CVE-2006-1213 | Unspecified vulnerability in Jiro Banner System 1.0Experience/1.0Professional JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new administrator account. | 7.5 |