Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-23 | CVE-2006-4954 | Remote Security vulnerability in Neosys Neon Webmail 5.06/5.07 The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, which allows remote attackers to modify information of arbitrary users, as demonstrated by modifying (1) passwords and (2) permissions, (3) viewing profile settings, and (4) creating and (5) deleting users. | 7.5 |
| 2006-09-23 | CVE-2006-4953 | Input Validation vulnerability in Neosys Neon Webmail 5.06/5.07 Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary SQL commands via the (1) adr_sortkey and (2) adr_sortkey_desc parameters in the (a) addrlist servlet, and the (3) sortkey and (4) sortkey_desc parameters in the (b) maillist servlet. | 7.5 |
| 2006-09-23 | CVE-2006-4952 | Remote Security vulnerability in Neosys Neon Webmail 5.06/5.07 The updatemail servlet in Neon WebMail for Java before 5.08 allows remote attackers to move e-mail messages of arbitrary users between different mail folders, specified by the folderid and tofolderid parameters, via the ID parameter. | 7.5 |
| 2006-09-23 | CVE-2006-4951 | Remote Security vulnerability in Neosys Neon Webmail 5.06/5.07 Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename. | 7.5 |
| 2006-09-23 | CVE-2006-4948 | Remote Buffer Overflow vulnerability in ProSysInfo TFTPDWIN Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. | 7.5 |
| 2006-09-23 | CVE-2006-4944 | Code Injection vulnerability in Boesch It-Consulting Progsys PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter. | 7.5 |
| 2006-09-21 | CVE-2006-3509 | Buffer Overflow vulnerability in Apple Mac OS X AirPort Wireless Driver Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames. | 7.2 |
| 2006-09-21 | CVE-2006-3508 | Buffer Overflow vulnerability in Apple Mac OS X AirPort Wireless Driver Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates. | 7.2 |
| 2006-09-21 | CVE-2006-3507 | Buffer Overflow vulnerability in Apple Mac OS X AirPort Wireless Driver Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. | 7.2 |
| 2006-09-21 | CVE-2006-4921 | Remote Security vulnerability in Siteatschool 2.4.02 PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/include.php. | 7.5 |