Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-28 | CVE-2006-3350 | Remote Buffer Overflow vulnerability in Cimmetry Systems Autovue Solidmodel Professional Desktopedition19.1Build5993 Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) ARJ, (2) RAR, or (3) ZIP archive. | 5.1 |
2006-07-27 | CVE-2006-3909 | Cross-Site Scripting vulnerability in Wired Community Software Wwwthreads 5.4/Rc3 Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads allows remote attackers to inject arbitrary web script or HTML via the week parameter. network wired-community-software | 6.8 |
2006-07-27 | CVE-2006-3904 | SQL Injection vulnerability in Etomite 0.6 SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2006-07-27 | CVE-2006-3903 | Cross-Site Scripting vulnerability in Mywebland Mybloggie 2.1.3/2.1.3Beta CRLF injection vulnerability in (1) index.php and (2) admin.php in myWebland MyBloggie 2.1.3 allows remote attackers to hijack sessions and conduct cross-site scripting (XSS) attacks via a cookie. network mywebland | 5.8 |
2006-07-27 | CVE-2006-3902 | Cross-Site Scripting vulnerability in PHPfaber Topsites 2.0.9 Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attackers to inject arbitrary web script or HTML via the i_cat parameter. network phpfaber | 4.3 |
2006-07-27 | CVE-2006-2933 | kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. | 4.6 |
2006-07-27 | CVE-2006-3810 | Products Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct. network mozilla | 6.8 |
2006-07-27 | CVE-2006-3802 | Products Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object. network mozilla | 5.8 |
2006-07-27 | CVE-2006-3804 | Products Remote vulnerability in Mozilla Seamonkey and Thunderbird Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow. | 5.0 |
2006-07-27 | CVE-2006-3803 | Products Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object. | 5.1 |