Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-12 | CVE-2006-1456 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | 7.5 |
| 2006-05-12 | CVE-2006-1455 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | 7.8 |
| 2006-05-12 | CVE-2006-1451 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. | 7.2 |
| 2006-05-12 | CVE-2006-1450 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | 7.5 |
| 2006-05-12 | CVE-2006-1449 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. | 7.5 |
| 2006-05-12 | CVE-2006-1442 | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle. | 7.5 |
| 2006-05-12 | CVE-2006-1441 | Multiple vulnerability in Apple mac OS X 10.4.6 Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding. | 7.5 |
| 2006-05-12 | CVE-2006-2346 | Authentication Bypass vulnerability in Inter7 Vpopmail vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP. | 7.5 |
| 2006-05-12 | CVE-2006-2342 | Unspecified vulnerability in IBM Websphere Application Server 6.0.2 IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote attackers to bypass authentication for the Welcome Page via a request to the default context root. | 7.5 |
| 2006-05-12 | CVE-2006-2338 | Remote Security vulnerability in Planet Concept Planetstat 20050127 PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the (1) admin.php or (2) settings.php page. | 7.5 |