Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-11 | CVE-2006-0177 | Local Command Line Argument Buffer Overflow vulnerability in Cray Unicos 9.0.2.2 Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by (1) invoking /usr/bin/script with a long command line argument or (2) setting the -c option of /etc/nu to the name of a file containing a long line. | 7.2 |
| 2006-01-11 | CVE-2006-0176 | Local Command Line Argument Buffer Overflow vulnerability in Xmame 0.102 Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating systems, and via a long (5) -jdev argument on Ubuntu Linux. | 7.2 |
| 2006-01-11 | CVE-2006-0171 | Remote File Include vulnerability in Orjinweb PHP remote file include vulnerability in index.php in OrjinWeb E-commerce allows remote attackers to execute arbitrary code via a URL in the page parameter. | 7.5 |
| 2006-01-11 | CVE-2006-0169 | Unspecified vulnerability in Myphpim 01.05 addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory. | 7.5 |
| 2006-01-11 | CVE-2006-0167 | Input Validation vulnerability in Myphpim 01.05 SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter in calendar.php3 and the (2) password field on the login page. | 7.5 |
| 2006-01-11 | CVE-2006-0166 | Remote Security vulnerability in Norton SystemWorks 2006 Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect directory, which is hidden from the FindFirst and FindNext Windows APIs and allows remote attackers to hide arbitrary files from virus scanners and other products. | 7.5 |
| 2006-01-11 | CVE-2006-0164 | Remote File Include vulnerability in Phgstats Phgstats.Inc.PHP phgstats.inc.php in phgstats before 0.5.1, if register_globals is enabled, allows remote attackers to include arbitrary files and execute arbitrary PHP code by modifying the PHGDIR variable. | 7.5 |
| 2006-01-11 | CVE-2006-0163 | SQL Injection vulnerability in Francisco Burzi PHP-Nuke EV 7.7R1 SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. | 7.5 |
| 2006-01-10 | CVE-2006-0002 | Remote Code Execution vulnerability in Microsoft Outlook / Microsoft Exchange TNEF Decoding Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. | 7.5 |
| 2006-01-10 | CVE-2006-0162 | Buffer Overflow vulnerability in Clam Anti-Virus ClamAV UPX Compressed File Heap Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files. | 7.5 |