Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-06 | CVE-2006-6329 | Remote Security vulnerability in Torrentflux 2.2 index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter. network torrentflux | 4.9 |
| 2006-12-06 | CVE-2006-6328 | Directory Traversal vulnerability in Torrentflux 2.2 Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter. network torrentflux | 4.9 |
| 2006-12-06 | CVE-2006-6311 | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900.2180 Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service via a style attribute in an HTML table tag with a width value that is dynamically calculated using JavaScript. | 5.0 |
| 2006-12-06 | CVE-2006-6310 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (crash) via an invalid src attribute value ("?") in an HTML frame tag that is in a frameset tag with a large rows attribute. | 5.0 |
| 2006-12-06 | CVE-2006-6303 | Resource Management Errors vulnerability in Yukihiro Matsumoto Ruby The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467. | 5.0 |
| 2006-12-06 | CVE-2006-6302 | Remote Denial of Service vulnerability in Fail2Ban fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address. | 5.0 |
| 2006-12-06 | CVE-2006-6301 | Remote Denial of Service vulnerability in Denyhosts 2.5 DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address, which is not properly handled by a regular expression. | 5.0 |
| 2006-12-06 | CVE-2006-5856 | Buffer Overflow vulnerability in Adobe Download Manager AOM Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file. network adobe | 6.8 |
| 2006-12-05 | CVE-2006-6307 | Remote Denial of Service vulnerability in Novell Client 4.91 srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary. | 5.0 |
| 2006-12-05 | CVE-2006-6300 | Cross-Site Scripting vulnerability in Cutephp Cutenews 1.3.6 Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the result parameter. network cutephp | 4.3 |