Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-10 | CVE-2006-6410 | Buffer Overflow vulnerability in VMWare Workstation 5.5.1 Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function. | 4.6 |
| 2006-12-10 | CVE-2006-6408 | Unspecified vulnerability in Kaspersky LAB Kaspersky Anti-Virus 5.5.10 Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | 5.0 |
| 2006-12-10 | CVE-2006-6407 | Unspecified vulnerability in F-Prot Antivirus 4.6.6 F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | 5.0 |
| 2006-12-10 | CVE-2006-6406 | Unspecified vulnerability in Clam Anti-Virus Clamav 0.88.6 Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | 5.0 |
| 2006-12-10 | CVE-2006-6405 | Unspecified vulnerability in Softwin Bitdefender Mail Protection 2.0 BitDefender Mail Protection for SMB 2.0 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | 5.0 |
| 2006-12-10 | CVE-2006-6403 | Remote Security vulnerability in Mystats mystats.php in MyStats 1.0.8 and earlier allows remote attackers to obtain the installation path via (1) details and (2) by array parameters, probably resulting in a path disclosure in an error message. | 5.0 |
| 2006-12-10 | CVE-2006-6401 | Cross-Site Scripting vulnerability in Mystats Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) connexion, (2) by, and (3) details parameter. | 6.8 |
| 2006-12-10 | CVE-2006-6400 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Justsystem products Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields. | 6.8 |
| 2006-12-10 | CVE-2006-5874 | Denial Of Service vulnerability in Clam Anti-Virus MIME Attachments Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. | 5.0 |
| 2006-12-08 | CVE-2006-6395 | Local Denial of Service vulnerability in Emdros Database Engine Multiple memory leaks in Ulrik Petersen Emdros Database Engine before 1.2.0.pre231 allow local users to cause a denial of service (memory consumption) via unspecified vectors, a different issue than CVE-2005-0415. | 5.0 |