Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-14 | CVE-2006-0008 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Office, Windows 2003 Server and Windows XP The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. | 7.2 |
| 2006-02-14 | CVE-2006-0005 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute. | 9.3 |
| 2006-02-14 | CVE-2006-0677 | Denial Of Service vulnerability in Heimdal TelnetD telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference. | 7.8 |
| 2006-02-13 | CVE-2006-0676 | Cross-Site Scripting vulnerability in PHPNuke Cross-site scripting (XSS) vulnerability in header.php in PHP-Nuke 6.0 to 7.8 allows remote attackers to inject arbitrary web script or HTML via the pagetitle parameter. network francisco-burzi | 4.3 |
| 2006-02-13 | CVE-2006-0675 | Cross-Site Scripting vulnerability in Glen Campbell Siteframe 5.0.1 Cross-site scripting (XSS) vulnerability in search.php in Siteframe 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter. network glen-campbell | 4.3 |
| 2006-02-13 | CVE-2006-0674 | Local Buffer Overflow vulnerability in IBM AIX ARP Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument. | 4.6 |
| 2006-02-13 | CVE-2006-0673 | SQL Injection vulnerability in Reamday Enterprises Magic Calendar Lite 1.02 Multiple SQL injection vulnerabilities in cms/index.php in Magic Calendar Lite 1.02, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) $total_login and (2) $total_password parameter. | 7.5 |
| 2006-02-13 | CVE-2006-0672 | Unspecified vulnerability in HP PSC 1210 All-in-One Driver Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors. | 10.0 |
| 2006-02-13 | CVE-2006-0671 | Phones Remote Denial of Service vulnerability in Sony Ericsson Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet. | 7.8 |
| 2006-02-13 | CVE-2006-0670 | Unspecified vulnerability in Bluez Project Hcidump 1.29 Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet. | 5.0 |