Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-28 | CVE-2006-5469 | Protocol Dissectors Denial of Service vulnerability in Wireshark Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference. | 5.0 |
| 2006-10-28 | CVE-2006-4513 | Integer Overflow vulnerability in wvWare Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function. | 5.1 |
| 2006-10-27 | CVE-2006-5740 | Protocol Dissectors Denial of Service vulnerability in Wireshark 0.99.3 Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet. | 5.0 |
| 2006-10-27 | CVE-2006-5468 | Protocol Dissectors Denial of Service vulnerability in Wireshark 0.99.3 Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | 5.0 |
| 2006-10-27 | CVE-2006-4805 | Protocol Dissectors Denial of Service vulnerability in Wireshark epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded. | 5.0 |
| 2006-10-27 | CVE-2006-5593 | Remote Buffer Overflow vulnerability in Desknet's Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow remote authenticated users to execute arbitrary code via unspecified vectors. | 6.5 |
| 2006-10-27 | CVE-2006-5591 | SQL Injection vulnerability in PacPoll Check.ASP Multiple SQL injection vulnerabilities in Admin/check.asp in PacPoll 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. | 5.0 |
| 2006-10-27 | CVE-2006-5467 | Resource Management Errors vulnerability in Yukihiro Matsumoto Ruby 1.8 The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID. | 5.0 |
| 2006-10-27 | CVE-2006-5570 | Directory Traversal vulnerability in Kynoslogic Cruiseworks 1.09C/1.09D Directory traversal vulnerability in /scripts/cruise/cws.exe in CruiseWorks 1.09c and 1.09d allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2006-10-27 | CVE-2006-5569 | Remote vulnerability in Datawizard Ftpxq 3.0.1 FtpXQ Server 3.0.1 installs with two default testing accounts, which allows remote attackers to read or write arbitrary files via unknown vectors. | 6.4 |