Weekly Vulnerabilities Reports > January 30 to February 5, 2006
Overview
91 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 35 high severity vulnerabilities. This weekly summary report vulnerabilities in 93 products from 61 vendors including Mozilla, Oracle, Mybulletinboard, Cisco, and Spip. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "SQL Injection", and "Improper Input Validation".
- 79 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 3 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 90 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 9 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
35 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-01-31 | CVE-2006-0483 | Cisco | Remote Denial of Service vulnerability in Cisco products Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet. | 7.8 |
2006-01-31 | CVE-2006-0476 | Nullsoft | Remote Buffer Overflow vulnerability in Nullsoft Winamp 5.12 Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field). | 7.6 |
2006-02-04 | CVE-2006-0552 | Oracle | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11. | 7.5 |
2006-02-04 | CVE-2006-0551 | Oracle | SQL-Injection vulnerability in Oracle10g Standard Edition SQL injection vulnerability in the Data Pump Metadata API in Oracle Database 10g and possibly earlier might allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2006-02-04 | CVE-2006-0550 | Oracle | Denial-Of-Service vulnerability in Oracle Client Buffer overflow in an unspecified Oracle Client utility might allow remote attackers to execute arbitrary code or cause a denial of service. | 7.5 |
2006-02-04 | CVE-2006-0549 | Oracle | SQL-Injection vulnerability in Oracle Database Server 10.1.0.5 SQL injection vulnerability in the SYS.DBMS_METADATA_UTIL package in Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2006-02-04 | CVE-2006-0548 | Oracle | SQL-Injection vulnerability in Oracle Database Server 10.1.0.4.2 SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2006-02-04 | CVE-2006-0547 | Oracle | SQL-Injection vulnerability in Oracle10g Personal Edition Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol. | 7.5 |
2006-02-04 | CVE-2006-0546 | Egeinternet | Remote Security vulnerability in Egeinternet Unspecified vulnerability in index.php in a certain application available from /v1/tr/portfoy.php on www.egeinternet.com allows remote attackers to execute arbitrary code via "evilcode" in the key parameter, possibly a PHP remote file include vulnerability in which the attack vector is a URL in the key parameter. | 7.5 |
2006-02-04 | CVE-2006-0545 | Ubbcentral | SQL Injection vulnerability in UBB.Threads Showflat.PHP SQL injection vulnerability in showflat.php in Groupee (formerly known as Infopop) UBB.threads 6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Number parameter. | 7.5 |
2006-02-04 | CVE-2006-0544 | Microsoft | Denial Of Service vulnerability in Microsoft IE 7.0 urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters. | 7.5 |
2006-02-04 | CVE-2006-0542 | Nukedweb | SQL Injection vulnerability in Nukedweb Guestbookhost 20050425 Multiple SQL injection vulnerabilities in config.php in NukedWeb GuestBookHost 2005.04.25 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters. | 7.5 |
2006-02-04 | CVE-2006-0540 | Tachyon | Input Validation vulnerability in Tachyon Vanilla Guestbook 1.0Beta Multiple SQL injection vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2006-02-04 | CVE-2006-0537 | Kinesphere Corporation | Remote RCPT TO Buffer Overflow vulnerability in Kinesphere Corporation Exchange Pop3 5.0Build050203 Buffer overflow in the POP3 server in Kinesphere Corporation eXchange before 5.0.060125 allows remote attackers to execute arbitrary code via a long RCPT TO argument. | 7.5 |
2006-02-02 | CVE-2006-0294 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory. | 7.5 |
2006-02-02 | CVE-2006-0293 | Mozilla | Unspecified vulnerability in Mozilla Firefox 1.5 The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects. | 7.5 |
2006-02-02 | CVE-2006-0292 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Mozilla The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection. | 7.5 |
2006-02-02 | CVE-2006-0523 | Mybulletinboard | SQL-Injection vulnerability in MyBulletinBoard SQL injection vulnerability in global.php in MyBB before 1.03 allows remote attackers to execute arbitrary SQL commands via the templatelist variable. | 7.5 |
2006-02-02 | CVE-2006-0522 | Symantec | SQL Injection vulnerability in Symantec Sygate Management Server SMS Authentication Servlet SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server (SMS) version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL. | 7.5 |
2006-02-02 | CVE-2006-0520 | Dragoran | SQL Injection vulnerability in Dragoran Portal Module 1.3 SQL injection vulnerability index.php in Dragoran Portal module 1.3 for Invision Power Board (IPB) allows remote attackers to execute arbitrary SQL commands via the site parameter. | 7.5 |
2006-02-02 | CVE-2006-0517 | Spip | SQL Injection vulnerability in SPIP Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_forum.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id_forum, (2) id_article, or (3) id_breve parameters to forum.php3; (4) unspecified vectors related to "session handling"; and (5) when posting "petitions". | 7.5 |
2006-02-01 | CVE-2006-0510 | Daffodil Software | SQL Injection vulnerability in Daffodil Software Daffodil CRM 1.5 SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified parameters in a login action. | 7.5 |
2006-02-01 | CVE-2006-0502 | Farsinews | Remote File Include vulnerability in FarsiNews Loginout.PHP PHP remote file inclusion vulnerability in loginout.php in FarsiNews 2.1 Beta 2 and earlier, with register_globals enabled, allows remote attackers to include arbitrary files via a URL in the cutepath parameter. | 7.5 |
2006-02-01 | CVE-2006-0500 | Punctweb | Remote Security vulnerability in Punctweb Myco Guestbook 1.0 MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessing files via a URL. | 7.5 |
2006-02-01 | CVE-2006-0497 | PHP GEN | Cross-Site Scripting vulnerability in PHP GEN Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors. | 7.5 |
2006-02-01 | CVE-2006-0492 | Vincent HOR | SQL Injection vulnerability in Vincent HOR Calendarix 0.6.20050830 Multiple SQL injection vulnerabilities in Calendarix allow remote attackers to execute arbitrary SQL commands via (1) the catview parameter in cal_functions.inc.php and (2) the login parameter in cal_login.php. | 7.5 |
2006-02-01 | CVE-2006-0491 | Subzane | SQL Injection vulnerability in Subzane Szusermgnt 1.4 SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2006-02-01 | CVE-2006-0490 | Aspthai NET | SQL Injection vulnerability in ASPThai Forums Login.ASP SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field. | 7.5 |
2006-01-31 | CVE-2006-0478 | CRE Loaded | Unspecified vulnerability in CRE Loaded CRE Loaded 6.15 CRE Loaded 6.15 allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to files.php. | 7.5 |
2006-01-31 | CVE-2006-0477 | GIT | Remote Buffer Overflow vulnerability in GIT Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link. | 7.5 |
2006-01-31 | CVE-2006-0474 | Shareaza | Remote Integer Overflow vulnerability in Shareaza 2.2.1.0 Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket.cpp and (b) EDPacket.cpp, or (2) a large packet, which causes a heap-based overflow in the Write function in (c) Packet.h. | 7.5 |
2006-01-30 | CVE-2006-0301 | Xpdf | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xpdf Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. | 7.5 |
2006-01-30 | CVE-2006-0468 | Stalker | Denial of Service vulnerability in Communigate Pro Server LDAP CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite. | 7.5 |
2006-02-04 | CVE-2006-0531 | SUN | Local Authentication Bypass vulnerability in SUN Java System Access Manager 7.0 Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool. | 7.2 |
2006-02-02 | CVE-2006-0526 | AOL | Local Privilege Escalation vulnerability in AOL Client Software 8.0/9.0 The default configuration of the America Online (AOL) client software allows all users to modify a certain registry value that specifies a DLL file name, which might allow local users to gain privileges via a Trojan horse program. | 7.2 |
51 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-02-02 | CVE-2006-0299 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions. | 6.4 |
2006-02-02 | CVE-2006-0298 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read. | 5.8 |
2006-02-02 | CVE-2006-0297 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas. | 5.1 |
2006-02-02 | CVE-2006-0295 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption. | 5.1 |
2006-02-04 | CVE-2006-0543 | Cerulean Studios | Denial-Of-Service vulnerability in Cerulean Studios Trillian 3.1.0.120 Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \'d1, (2) \'d2, (3) \'d3, (4) \'d4, and (5) \'d5. | 5.0 |
2006-02-02 | CVE-2006-0530 | CA | Message Queuing Denial Of Service vulnerability in Computer Associates Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via spoofed CAM control messages. | 5.0 |
2006-02-02 | CVE-2006-0529 | CA | Message Queuing Denial Of Service vulnerability in Computer Associates Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via a crafted message to TCP port 4105. | 5.0 |
2006-02-02 | CVE-2006-0296 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Seamonkey The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file. | 5.0 |
2006-02-02 | CVE-2006-0528 | Gnome | Buffer Overflow vulnerability in GNOME Evolution Inline XML File Attachment The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment. | 5.0 |
2006-02-02 | CVE-2006-0519 | Spip | Information Disclosure vulnerability in SPIP SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to obtain sensitive information via a direct request to inc-messforum.php3, which reveals the path in an error message. | 5.0 |
2006-02-02 | CVE-2006-0433 | Freebsd | Remote Denial Of Service vulnerability in FreeBSD TCP SACK Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). | 5.0 |
2006-02-01 | CVE-2006-0508 | Easy CMS | Remote Security vulnerability in Easy Cms Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored in that directory. | 5.0 |
2006-02-01 | CVE-2006-0505 | Zbattle NET | Denial-Of-Service vulnerability in Zbattle.Net Zbattle Client 1.09Sr1Beta zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to cause an unspecified denial of service by rapidly creating and closing a game. | 5.0 |
2006-02-01 | CVE-2006-0504 | Mailenable | Unspecified vulnerability in Mailenable Enterprise Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 allows remote attackers to cause a denial of service (CPU utilization) by viewing "formatted quoted-printable emails" via webmail. | 5.0 |
2006-02-01 | CVE-2006-0503 | Mailenable | Remote Denial of Service vulnerability in MailEnable Professional EXAMINE Command IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command. | 5.0 |
2006-02-01 | CVE-2006-0487 | Tumbleweed | Remote Security vulnerability in Tumbleweed Mailgate Email Firewall 6.0/6.1/6.2 Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under "extremely heavy loads" and (2) cause an "increased number of missed spam" during "spam outbreaks." | 5.0 |
2006-01-31 | CVE-2006-0484 | Elido | Directory Traversal vulnerability in Elido Face Control Directory traversal vulnerability in Vis.pl, as part of the FACE CONTROL product, allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-01-31 | CVE-2006-0481 | Greg Roelofs | Buffer Errors vulnerability in Greg Roelofs Libpng 1.2.7 Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image. | 5.0 |
2006-01-31 | CVE-2006-0475 | Theworldsend NET | Denial-Of-Service vulnerability in Theworldsend.Net PHP-Ping 1.3 PHP-Ping 1.3 does not properly validate ping counts, which allows remote attackers to cause a denial of service (ping flood) via a negative count parameter. | 5.0 |
2006-01-31 | CVE-2006-0467 | Pioneers | Buffer Denial Of Service vulnerability in Pioneers 0.9.49 Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to cause a denial of service (application crash) via long chat messages. | 5.0 |
2006-02-04 | CVE-2006-0539 | Thibault Godouet | Local Buffer Overflow vulnerability in Thibault Godouet Fcron 3.0.0 The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data." | 4.6 |
2006-02-02 | CVE-2006-0525 | Adobe | Permissions, Privileges, and Access Controls vulnerability in Adobe products Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. | 4.6 |
2006-02-01 | CVE-2006-0486 | Cisco | Local Security vulnerability in Cisco IOS 12.2(25)S/12.3T/12.4 Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. | 4.6 |
2006-02-01 | CVE-2006-0485 | Cisco | Unspecified vulnerability in Cisco IOS The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. | 4.6 |
2006-01-31 | CVE-2006-0043 | Suse | Remote Buffer Overflow vulnerability in NFS-SERVER Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks. | 4.6 |
2006-02-04 | CVE-2006-0541 | Tachyon | Input Validation vulnerability in Tachyon Vanilla Guestbook 1.0Beta Multiple cross-site scripting (XSS) vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "posting new messages." | 4.3 |
2006-02-04 | CVE-2006-0536 | Neomail | Cross-Site Scripting vulnerability in Neomail 1.27 Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.27 allows remote attackers to inject arbitrary web script or HTML via the sort parameter. | 4.3 |
2006-02-04 | CVE-2006-0535 | Communityserver ORG | Cross-Site Scripting vulnerability in Communityserver.Org Community Server Multiple cross-site scripting (XSS) vulnerabilities in Community Server allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2006-02-04 | CVE-2006-0534 | Cybershop | Cross-Site Scripting vulnerability in CyberShop Ultimate E-commerce Multiple cross-site scripting (XSS) vulnerabilities in default.asp in CyberShop Ultimate E-commerce allow remote attackers to inject arbitrary web script or HTML via the (1) ortak or (2) kat parameter. | 4.3 |
2006-02-04 | CVE-2006-0533 | Cpanel | Cross-Site Scripting vulnerability in Cpanel Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter. | 4.3 |
2006-02-04 | CVE-2006-0532 | Media2 CMS | Cross-Site Scripting vulnerability in SoftMaker Shop Cross-site scripting (XSS) vulnerability in resultat.asp in SoftMaker Shop allows remote attackers to inject arbitrary web script or HTML via a strSok parameter containing a javascript: URI in an IMG SRC attribute. | 4.3 |
2006-02-02 | CVE-2006-0524 | Ashwebstudio | Cross-Site Scripting vulnerability in Ashwebstudio Ashnews 0.83 Cross-site scripting (XSS) vulnerability in ashnews.php in Derek Ashauer ashNews 0.83 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
2006-02-02 | CVE-2006-0521 | Browsercrm | Cross-Site Scripting vulnerability in BrowserCRM Results.PHP Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM allows remote attackers to inject arbitrary web script or HTML via certain manipulations of the query parameter, as demonstrated using an IMG SRC tag. | 4.3 |
2006-02-02 | CVE-2006-0518 | Spip | Cross-Site Scripting vulnerability in SPIP Index.PHP3 Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 4.3 |
2006-02-01 | CVE-2006-0509 | Cerberus | Cross-Site Scripting vulnerability in Cerberus Helpdesk 2.7/2.7.1Developmentrelease Multiple cross-site scripting (XSS) vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via (1) the contact_search parameter and (2) unspecified url fields. | 4.3 |
2006-02-01 | CVE-2006-0507 | Easy CMS | Cross-Site Scripting vulnerability in EasyCMS Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow remote attackers to inject arbitrary web script or HTML via (1) unknown attack vectors in the administrative interface and (2) input fields of the contact form. | 4.3 |
2006-02-01 | CVE-2006-0506 | Nuked Klan | Cross-Site Scripting vulnerability in Nuked-Klan 1.7 Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN 1.7 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. | 4.3 |
2006-02-01 | CVE-2006-0501 | Punctweb | HTML Injection vulnerability in Punctweb Myco Guestbook 1.0 Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user. | 4.3 |
2006-02-01 | CVE-2006-0499 | Yourboard | Cross-Site Scripting vulnerability in Yourboard Rlink 1.0 Cross-site scripting (XSS) vulnerability in rlink.php in Rlink 1.0.0 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 4.3 |
2006-02-01 | CVE-2006-0498 | PHP GEN | Cross-Site Scripting vulnerability in PHP GEN Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2006-02-01 | CVE-2006-0496 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Mozilla Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding (Cascading Style Sheets) CSS property, which does not require that the style sheet have the same origin as the web page, as demonstrated by the compromise of a large number of LiveJournal accounts. | 4.3 |
2006-02-01 | CVE-2006-0495 | Mybulletinboard | HTML Injection vulnerability in Mybulletinboard 1.0.2 Cross-site scripting (XSS) vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB (aka MyBulletinBoard) 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header ($url variable). | 4.3 |
2006-02-01 | CVE-2006-0494 | Mybulletinboard | Directory Traversal vulnerability in Mybulletinboard 1.0.2 Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter. | 4.3 |
2006-02-01 | CVE-2006-0493 | Thomas Rybak | HTML Injection vulnerability in Thomas Rybak MG2 0.5.1 Cross-site scripting (XSS) vulnerability in MG2 (formerly known as Minigal) 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field in a comment associated with a picture. | 4.3 |
2006-01-31 | CVE-2006-0480 | Spaiz | Cross-Site Scripting vulnerability in Spaiz Spaiz-Nuke CMS 0 Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote attackers to inject arbitrary web script or HTML via the query parameter in the search file. | 4.3 |
2006-01-31 | CVE-2006-0479 | Pmwiki | Input Validation vulnerability in Pmwiki 2.1Beta20 pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] variable but not the GPC variable, which creates resultant vulnerabilities such as remote file inclusion and cross-site scripting (XSS). | 4.3 |
2006-01-31 | CVE-2006-0473 | MY Little Homepage | Unspecified vulnerability in MY Little Homepage MY Little Weblog 20040420 Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags. | 4.3 |
2006-01-31 | CVE-2006-0472 | MY Little Homepage | Unspecified vulnerability in MY Little Homepage MY Little Guestbook 20040420 Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags. | 4.3 |
2006-01-31 | CVE-2006-0471 | MY Little Homepage | Unspecified vulnerability in MY Little Homepage MY Little Forum 20040420 Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags. | 4.3 |
2006-01-31 | CVE-2006-0470 | Mybulletinboard | Cross-Site Scripting vulnerability in MyBB Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBoard (MyBB) 1.02 allows remote attackers to inject arbitrary web script or HTML via the (1) sortby and (2) sortordr parameters, which are not properly handled in a redirection. | 4.3 |
2006-01-30 | CVE-2006-0469 | Uebimiau | HTML Injection vulnerability in Uebimiau 2.7.9 Cross-site scripting (XSS) vulnerability in UebiMiau 2.7.9, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG tag. | 4.3 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-02-04 | CVE-2006-0538 | Ciphertrust | Remote Denial Of Service vulnerability in CipherTrust IronMail CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections. | 2.6 |
2006-02-02 | CVE-2006-0516 | SUN | Denial Of Service vulnerability in SUN Solaris 10.0 Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors. | 2.1 |
2006-02-02 | CVE-2006-0512 | Padl Software | Local Security vulnerability in Padl Software Migrationtools 46 PADL MigrationTools 46 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the temporary files, which are not properly created by (1) migrate_all_online.sh, (2) migrate_all_offline.sh, (3) migrate_all_netinfo_online.sh, (4) migrate_all_netinfo_offline.sh, (5) migrate_all_nis_online.sh, (6) migrate_all_nis_offline.sh, (7) migrate_all_nisplus_online.sh, and (8) migrate_all_nisplus_offline.sh. | 2.1 |
2006-02-01 | CVE-2006-0488 | Microsoft | Denial-Of-Service vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm. | 2.1 |
2006-01-31 | CVE-2006-0482 | Linux | Local Denial Of Service vulnerability in Linux Kernel Get_Compat_Timespec and PTrace Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call. | 2.1 |