Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-29 | CVE-2006-2108 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in OCE North America 3121 Printer and 3122 Printer parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to cause a denial of service (crash or reboot) via a long request, possibly triggering a buffer overflow. | 7.8 |
| 2006-04-29 | CVE-2006-2107 | Buffer Overflow vulnerability in BL4 SMTP Server Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the (1) EHLO, (2) MAIL FROM, and (3) RCPT TO commands. | 7.5 |
| 2006-04-29 | CVE-2006-2102 | Directory Traversal vulnerability in Poweriso 2.9 Directory traversal vulnerability in PowerISO 2.9 allows remote attackers to write arbitrary files via a .. | 7.8 |
| 2006-04-29 | CVE-2006-2100 | Directory Traversal vulnerability in MagicISO Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows remote attackers to write arbitrary files via a .. | 7.8 |
| 2006-04-29 | CVE-2006-2098 | Remote Security vulnerability in Php Thumbnail Autoindex PHP remote file inclusion vulnerability in Thumbnail AutoIndex before 2.0 allows remote attackers to execute arbitrary PHP code via (1) README.html or (2) HEADER.html. | 7.5 |
| 2006-04-29 | CVE-2006-2097 | SQL Injection vulnerability in Invision Power Board Func_msg.PHP SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attackers to execute arbitrary SQL commands via the from_contact field in a private message (PM). | 7.5 |
| 2006-04-29 | CVE-2006-2090 | SQL Injection vulnerability in Mysmartbb 1.1.2/1.1.3 Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) username parameters. | 7.5 |
| 2006-04-29 | CVE-2006-2086 | Remote Buffer Overflow vulnerability in Juniper SSL-VPN Client ActiveX Control Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute arbitrary code via a long argument in the ProductName parameter. | 7.5 |
| 2006-04-28 | CVE-2006-2083 | Integer Overflow vulnerability in RSync Receive_XATTR Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow. | 7.5 |
| 2006-04-27 | CVE-2006-2078 | DNS Handling vulnerability in Multiple FITELnet Products Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in (1) ProxyDNS or (2) PKI-Resolver, as demonstrated by the OUSPG PROTOS DNS test suite. | 7.8 |