Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-02-18 | CVE-2006-0771 | USE of Externally-Controlled Format String vulnerability in Even Balance Punkbuster Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly handled when the server kicks the player and records the reason. | 6.4 |
2006-02-18 | CVE-2006-0770 | Cross-Site Scripting vulnerability in MyBulletinBoard Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". | 2.6 |
2006-02-18 | CVE-2006-0769 | Local Privilege Escalation vulnerability in SUN Solaris 10.0 Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | 7.2 |
2006-02-18 | CVE-2006-0768 | Denial-Of-Service vulnerability in Kadu 0.4.3 Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large number of image send requests. | 5.0 |
2006-02-18 | CVE-2006-0767 | Information Disclosure vulnerability in Nathan Neulinger CGIWrap CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information. | 5.0 |
2006-02-18 | CVE-2006-0042 | Denial of Service vulnerability in Apache Libapreq2 Quadratic Behavior Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity. | 5.0 |
2006-02-18 | CVE-2006-0766 | Unspecified vulnerability in Mirabilis ICQ and ICQ Lite ICQ Inc. | 5.1 |
2006-02-18 | CVE-2006-0765 | Unspecified vulnerability in Mirabilis ICQ and ICQ Lite GUI display truncation vulnerability in ICQ Inc. | 5.1 |
2006-02-18 | CVE-2006-0764 | Products TACACS+ Authentication Bypass vulnerability in Cisco products The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455. | 5.1 |
2006-02-18 | CVE-2006-0763 | Cross-Site Scripting vulnerability in cPanel Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via a URL encoded value in the fwd parameter. network cpanel | 4.3 |