Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-27 | CVE-2006-5013 | Denial of Service vulnerability in SUN Solaris 10.0 Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets. | 7.8 |
| 2006-09-27 | CVE-2006-5011 | Local Arbitrary Command Execution vulnerability in IBM AIX 5.2.0/5.3.0 Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine". | 7.2 |
| 2006-09-27 | CVE-2006-5010 | Unspecified vulnerability in IBM AIX 5.3.0 Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to point to a malicious mkdir program. | 7.2 |
| 2006-09-27 | CVE-2006-5009 | Local Buffer Overflow vulnerability in IBM AIX 5.2.0/5.3.0 Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow. | 7.2 |
| 2006-09-27 | CVE-2006-5006 | Local Privilege Escalation and Arbitrary File Overwrite vulnerability in IBM AIX 5.2.0/5.3.0 Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument. | 7.2 |
| 2006-09-27 | CVE-2006-5005 | Local Privilege Escalation vulnerability in IBM AIX 5.2.0/5.3.0 Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login. | 7.2 |
| 2006-09-27 | CVE-2006-5003 | Local Privilege Escalation vulnerability in IBM AIX 5.2.0/5.3.0 Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors. | 7.2 |
| 2006-09-27 | CVE-2006-4924 | Resource Management Errors vulnerability in Openbsd Openssh sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. | 7.8 |
| 2006-09-26 | CVE-2006-4990 | Unspecified vulnerability in Photopost PHP PRO 4.5/4.6 Multiple PHP remote file inclusion vulnerabilities in PhotoPost allow remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter in (1) addfav.php, (2) adm-admlog.php, (3) adm-approve.php, (4) adm-backup.php, (5) adm-cats.php, (6) adm-cinc.php, (7) adm-db.php, (8) adm-editcfg.php, (9) adm-inc.php, (10) adm-index.php, (11) adm-modcom.php, (12) adm-move.php, (13) adm-options.php, (14) adm-order.php, (15) adm-pa.php, (16) adm-photo.php, (17) adm-purge.php, (18) adm-style.php, (19) adm-templ.php, (20) adm-userg.php, (21) adm-users.php, (22) bulkupload.php, (23) cookies.php, (24) comments.php, (25) ecard.php, (26) editphoto.php, (27) register.php, (28) showgallery.php, (29) showmembers.php, (30) useralbums.php, (31) uploadphoto.php, (32) search.php, or (33) adm-menu.php, different vectors than CVE-2006-4828. | 7.5 |
| 2006-09-26 | CVE-2006-4987 | Input Validation vulnerability in Patrick Michaelis Wili-Cms 0.1.1 Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/root.php, and (3) example-view/templates/dates_list.php. | 7.5 |