Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-21 | CVE-2006-6675 | Cross-Site Scripting vulnerability in Novell Apache Http Server and Netware Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app. network novell | 6.8 |
2006-12-21 | CVE-2006-6673 | Denial-Of-Service vulnerability in Winftp Server Winftp Server 2.0.2 WinFtp Server 2.0.2 allows remote attackers to cause a denial of service (crash) via long (1) PASV, (2) LIST, (3) USER, (4) PORT, and possibly other commands. | 5.0 |
2006-12-20 | CVE-2006-6669 | Unspecified vulnerability in Webcalendar 1.0.4 Cross-site scripting (XSS) vulnerability in export_handler.php in WebCalendar 1.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter. network webcalendar | 6.8 |
2006-12-20 | CVE-2006-6668 | Cross-Site Scripting vulnerability in VerliAdmin Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network verliadmin | 6.8 |
2006-12-20 | CVE-2006-6665 | Buffer Overflow vulnerability in AstonSoft DeepBurner DBR Compilation Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file. network astonsoft | 6.8 |
2006-12-20 | CVE-2006-6664 | Denial-Of-Service vulnerability in Marathon Aleph One Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the TopLevelLogger::logMessageV function in Misc/Logging.cpp. | 5.0 |
2006-12-20 | CVE-2006-6663 | Denial Of Service vulnerability in Marathon Aleph One The server component in Marathon Aleph One before 0.17.1 and 2006-12-17 allows remote attackers to cause a denial of service (application crash) via unspecified vectors related to "gathering net games." | 5.0 |
2006-12-20 | CVE-2006-6662 | Local Security vulnerability in Suse products Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password. local suse | 4.1 |
2006-12-20 | CVE-2006-6660 | Denial Of Service vulnerability in KDE LibkHTML NodeType Function The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other programs, allows remote attackers to cause a denial of service (crash) via malformed HTML tags, possibly involving a COL SPAN tag embedded in a RANGE tag. network kde | 4.3 |
2006-12-20 | CVE-2006-6659 | Remote Internet Explorer Denial of Service vulnerability in Microsoft IE, Outlook and Windows XP The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML. | 5.0 |