Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-14 | CVE-2006-4688 | Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability." | 7.5 |
| 2006-11-14 | CVE-2006-5884 | Unspecified vulnerability in Microsoft IE and Internet Explorer Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to (1) Danim.dll and (2) Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and CVE-2006-4777. | 7.5 |
| 2006-11-14 | CVE-2006-3445 | Numeric Errors vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow. | 7.5 |
| 2006-11-14 | CVE-2006-5882 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field. | 8.3 |
| 2006-11-14 | CVE-2006-5881 | SQL Injection vulnerability in Dynamic Dataworx Nucommunity 1.0 SQL injection vulnerability in cl_CatListing.asp in Dynamic Dataworx NuCommunity 1.0 allows remote attackers to execute arbitrary SQL commands via the cl_cat_ID parameter. | 7.5 |
| 2006-11-14 | CVE-2006-5880 | SQL Injection vulnerability in Isystems Munch PRO 1.0 SQL injection vulnerability on the subMenu page in switch.asp in Munch Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2006-11-14 | CVE-2006-5879 | SQL Injection vulnerability in Aspportal 3.0.0/3.1.0/3.1.1 SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353. | 7.5 |
| 2006-11-14 | CVE-2006-5878 | Cross-Site Request Forgery vulnerability in Trac Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors. | 7.5 |
| 2006-11-14 | CVE-2006-4251 | Remote Denial of Service and Buffer Overflow vulnerability in PowerDNS Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length. | 7.5 |
| 2006-11-11 | CVE-2006-5865 | Code Injection vulnerability in Damien Benier Myalbum PHP remote file inclusion vulnerability in language.inc.php in MyAlbum 3.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the langs_dir parameter. | 7.5 |