Weekly Vulnerabilities Reports > April 10 to 16, 2006

Overview

149 new vulnerabilities reported during this period, including 16 critical vulnerabilities and 44 high severity vulnerabilities. This weekly summary report vulnerabilities in 100 products from 78 vendors including Mozilla, Microsoft, Adobe, Debian, and Canonical. Vulnerabilities are notably categorized as "Resource Management Errors", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 138 reported vulnerabilities are remotely exploitables.
  • 13 reported vulnerabilities have public exploit available.
  • 8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 147 reported vulnerabilities are exploitable by an anonymous user.
  • Mozilla has the most reported vulnerabilities, with 26 reported vulnerabilities.
  • Mozilla has the most reported critical vulnerabilities, with 9 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

16 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-04-15 CVE-2006-1792 Mailenable Remote Security vulnerability in Mailenable products

Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits".

10.0
2006-04-14 CVE-2006-1790 Mozilla Resource Management Errors vulnerability in Mozilla Firefox 1.0.7

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.

10.0
2006-04-14 CVE-2006-0992 Novell Remote Buffer Overflow vulnerability in Novell Groupwise Messenger 2.0

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon.

10.0
2006-04-13 CVE-2006-1770 Azerbaijan Development Group Remote File Include vulnerability in Azerbaijan Development Group Azdgvote 1.0

Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php.

10.0
2006-04-12 CVE-2006-1523 Linux Unspecified vulnerability in Linux Kernel 2.6.16

The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.

10.0
2006-04-11 CVE-2006-1190 Microsoft Unspecified vulnerability in Microsoft IE

Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.

10.0
2006-04-11 CVE-2006-1189 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft IE

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." Customers should apply the update immediately.

10.0
2006-04-11 CVE-2006-1186 Microsoft Unspecified vulnerability in Microsoft IE

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.

10.0
2006-04-14 CVE-2006-1737 Mozilla Numeric Errors vulnerability in Mozilla products

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.

9.3
2006-04-14 CVE-2006-1739 Mozilla Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla products

The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow.

9.3
2006-04-14 CVE-2006-1735 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla products

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.

9.3
2006-04-14 CVE-2006-1730 Mozilla Numeric Errors vulnerability in Mozilla products

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.

9.3
2006-04-14 CVE-2006-1728 Mozilla
Canonical
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.
9.3
2006-04-14 CVE-2006-1726 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.

9.3
2006-04-14 CVE-2006-0749 Mozilla Resource Management Errors vulnerability in Mozilla products

nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.

9.3
2006-04-14 CVE-2006-0748 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.

9.3

44 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-04-13 CVE-2006-1764 Hosting Controller Information Disclosure vulnerability in Hosting Controller

Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials.

7.8
2006-04-14 CVE-2006-1727 Mozilla
Canonical
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".
7.6
2006-04-11 CVE-2006-1710 Design Nation SQL Injection vulnerability in Design Nation Dnguestbook 2.0

SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters.

7.6
2006-04-14 CVE-2006-1791 JL Webworks Cross-Site Scripting vulnerability in JL Webworks Quickblogger 1.4

Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter.

7.5
2006-04-14 CVE-2006-1724 Mozilla
Debian
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.
7.5
2006-04-14 CVE-2006-1723 Mozilla Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML.

7.5
2006-04-14 CVE-2006-1531 Mozilla
Debian
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML.
7.5
2006-04-14 CVE-2006-1530 Mozilla
Debian
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML.
7.5
2006-04-14 CVE-2006-1529 Mozilla Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML.

7.5
2006-04-13 CVE-2006-1551 Georges Auberger Arbitrary PHP Code Execution vulnerability in Georges Auberger Pajax 0.5.0/0.5.1

Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters.

7.5
2006-04-13 CVE-2006-1627 Adobe Remote vulnerability in Adobe Document Server for Reader Extensions

Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters.

7.5
2006-04-13 CVE-2006-1781 Circle R Code Injection vulnerability in Circle R Monster TOP List

PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.

7.5
2006-04-13 CVE-2006-1778 Simplog SQL Injection vulnerability in Simplog

Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) blogid parameter in (a) index.php and (b) archive.php, the (2) m and (3) y parameters in archive.php, and the (4) sql parameter in (c) server.php.

7.5
2006-04-13 CVE-2006-1777 Simplog Remote File Include vulnerability in Simplog

Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php.

7.5
2006-04-13 CVE-2006-1776 Simplog Remote File Include vulnerability in Simplog

PHP remote file inclusion vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the s parameter.

7.5
2006-04-13 CVE-2006-1774 HP Security Bypass vulnerability in HP Compaqhttpserver and System Management Homepage

HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL.

7.5
2006-04-13 CVE-2006-1771 Saxotech Directory Traversal vulnerability in Saxopress URL Parameter

Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a ..

7.5
2006-04-13 CVE-2006-1767 Nicecoder Remote File Include vulnerability in Indexu 5.0/5.0.1

Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the theme_path parameter in (1) index.php, (2) become_editor.php, (3) add.php, (4) bad_link.php, (5) browse.php, (6) detail.php, (7) fav.php, (8) get_rated.php, (9) login.php, (10) mailing_list.php, (11) new.php, (12) modify.php, (13) pick.php, (14) power_search.php, (15) rating.php, (16) register.php, (17) review.php, (18) rss.php, (19) search.php, (20) send_pwd.php, (21) sendmail.php, (22) tell_friend.php, (23) top_rated.php, (24) user_detail.php, and (25) user_search.php; and the (26) base_path parameter in invoice.php.

7.5
2006-04-13 CVE-2006-1762 Blursoft Input Validation vulnerability in Blursoft Blur6Ex 0.3.462

Directory traversal vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to include arbitrary files via the shard parameter.

7.5
2006-04-13 CVE-2006-1758 Bill Shupp Input Validation vulnerability in Bill Shupp Vegadns 0.99

SQL injection vulnerability in index.php in Vegadns 0.99 allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2006-04-13 CVE-2006-1756 Matthew Dingley SQL Injection vulnerability in Matthew Dingley MD News 1

MD News 1 allows remote attackers to bypass authentication via a direct request to a script in the Administration Area.

7.5
2006-04-13 CVE-2006-1755 Matthew Dingley SQL Injection vulnerability in Matthew Dingley MD News 1

SQL injection vulnerability in admin.php in MD News 1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2006-04-13 CVE-2006-1754 Swsoft SQL Injection vulnerability in Swsoft Confixx 3.0.6/3.0.8/3.1.2

SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter.

7.5
2006-04-12 CVE-2006-1751 Michiel VAN Baak SQL Injection vulnerability in Michiel VAN Baak Mvblog

Multiple SQL injection vulnerabilities in MvBlog before 1.6 allow remote attackers to execute arbitrary SQL commands via unknown vectors.

7.5
2006-04-12 CVE-2006-1749 Smartisoft Code Injection vulnerability in Smartisoft PHPlistpro 2.01

PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter.

7.5
2006-04-12 CVE-2006-1747 Vwar Remote File Include vulnerability in Vwar Virtual WAR 1.5.0

PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter to (1) admin/admin.php, (2) war.php, (3) stats.php, (4) news.php, (5) joinus.php, (6) challenge.php, (7) calendar.php, (8) member.php, (9) popup.php, and other unspecified scripts in the admin folder.

7.5
2006-04-12 CVE-2006-1743 Jbook SQL Injection vulnerability in Jbook 1.4

Multiple SQL injection vulnerabilities in form.php in JBook 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) nom or (2) mail parameters.

7.5
2006-04-11 CVE-2006-1714 Phpmyforum Cross-Site Scripting vulnerability in PHPmyforum 4.0

CRLF injection vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject HTTP headers via hex-encoded CRLF sequences in the type parameter.

7.5
2006-04-11 CVE-2006-1188 Microsoft
Canon
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
7.5
2006-04-11 CVE-2006-1185 Microsoft
Canon
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.
7.5
2006-04-11 CVE-2006-1708 Clansys SQL Injection vulnerability in Clansys 1.1

SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php.

7.5
2006-04-11 CVE-2006-1706 Kansok Communications SQL Injection vulnerability in ShopWeezle

Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) login.php and (b) memo.php; and the (2) itemgr, (3) brandID, and (4) album parameters to (c) index.php.

7.5
2006-04-11 CVE-2006-1703 Hubert Plisson Remote File Include vulnerability in Hubert Plisson Sire 2.0

PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter.

7.5
2006-04-11 CVE-2006-1702 Spip Remote File Include vulnerability in Spip 1.8.3

PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.

7.5
2006-04-11 CVE-2006-1700 Aweb Unspecified vulnerability in Aweb Scripts Seller

Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, which allows remote attackers to bypass authentication.

7.5
2006-04-11 CVE-2006-1694 Xbrite SQL Injection vulnerability in XBrite Members.PHP

SQL injection vulnerability in members.php in XBrite Members 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2006-04-11 CVE-2006-1692 Manic WEB SQL-Injection vulnerability in Manic web Mwnewsletter 1.0.0B

Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands via the (1) user_email parameter to (a) unsubscribe.php or (b) subscribe.php; or the (2) user_name parameter to subscribe.php.

7.5
2006-04-11 CVE-2006-1691 Manic WEB Input Validation vulnerability in Manic web Mwnewsletter 1.0.0B

SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the user_name parameter to unsubscribe.php.

7.5
2006-04-11 CVE-2006-1060 Xzgv Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xzgv

Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required.

7.5
2006-04-11 CVE-2006-1688 Squery Code Injection vulnerability in Squery

Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php.

7.5
2006-04-11 CVE-2006-1685 APT SQL Injection vulnerability in APT-webshop Modules.PHP

Multiple SQL injection vulnerabilities in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allow remote attackers to execute arbitrary SQL commands via the (1) group, (2) seite, and (3) id parameter, possibly involving the artikel functionality.

7.5
2006-04-11 CVE-2006-1683 Chipmunk Scripts SQL Injection vulnerability in Chipmunk Guestbook

SQL injection vulnerability in admin/login.php in Chipmunk Guestbook allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the User name.

7.5
2006-04-13 CVE-2006-1772 Debian Local Database Administrator Password Disclosure vulnerability in Debian Linux 3.1

debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password.

7.2
2006-04-11 CVE-2006-1689 HP Local Unauthorized Access vulnerability in HP Hp-Ux 11.11

Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access.

7.2

58 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-04-14 CVE-2006-1734 Mozilla Unspecified vulnerability in Mozilla products

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function.

6.8
2006-04-14 CVE-2006-1733 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla products

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain." This vulnerability also affects Mozilla, SeaMonkey, 1.0 and Mozilla, Suite, 1.7.13 This vulnerabiloity is addressed in the following product releases: Mozilla, Firefox, 1.5 Mozilla, Firefox, 1.0.8 Mozilla, Thunderbird, 1.5 Mozilla, Thunderbird, 1.0.8 Mozilla, SeaMonkey, 1.0 Mozilla, Suite, 1.7.13

6.8
2006-04-13 CVE-2006-1779 Simplog Cross-Site Scripting vulnerability in Simplog

Cross-site scripting (XSS) vulnerability in login.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the btag parameter.

6.8
2006-04-13 CVE-2006-1769 Userland Cross-Site Scripting vulnerability in Userland Manila 9.4

Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila 9.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the mode parameter in msgReader$1 and (2) the end of the URI in viewDepartment$.

6.8
2006-04-13 CVE-2006-1765 Jbook Cross-Site Scripting vulnerability in Jbook 1.3

Cross-site scripting (XSS) vulnerability in index.php in JBook 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

6.8
2006-04-11 CVE-2006-1722 Suche Cross-Site Scripting vulnerability in Suche Shopxs 4.0

Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 allows remote attackers to inject arbitrary web script or HTML via the Suchstring1 (aka search) parameter.

6.8
2006-04-11 CVE-2006-1713 Phpmyforum Cross-Site Scripting vulnerability in PHPmyforum 4.0

Cross-site scripting (XSS) vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

6.8
2006-04-11 CVE-2006-0015 Microsoft Cross-Site Scripting vulnerability in Microsoft products

Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.

6.8
2006-04-11 CVE-2006-1709 Interaktiv Cross-Site Scripting vulnerability in Interaktiv.shop

Cross-site scripting (XSS) vulnerability in shop_main.cgi in interaktiv.shop 5 allows remote attackers to inject arbitrary web script or HTML via the (1) pn and (2) sbeg parameters.

6.8
2006-04-11 CVE-2006-1690 Manic WEB Input Validation vulnerability in Manic Web MWNewsletter

Cross-site scripting (XSS) vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attackers to inject arbitrary web script or HTML via the user_name parameter.

6.8
2006-04-13 CVE-2006-1773 Phpkit SQL Injection vulnerability in PHPKIT Include.PHP

SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to execute arbitrary SQL commands via the contentid parameter, possibly involving content/news.php.

6.4
2006-04-13 CVE-2006-1766 Papoo SQL-Injection vulnerability in Papoo 2.1.2/2.1.4/2.1.5

Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php, (3) menuid parameter in (b) plugin.php and (c) forumthread.php, and (4) msgid parameter in forumthread.php.

6.4
2006-04-11 CVE-2006-1677 Maxdev Information Exposure vulnerability in Maxdev Md-Pro 1.0.72/1.0.73

MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of the server via a direct request to includes/legacy.php.

6.4
2006-04-11 CVE-2006-1676 Maxdev SQL Injection vulnerability in Maxdev Md-Pro 1.0.72/1.0.73

SQL injection vulnerability in the display function in the Topics module for MAXdev MDPro (MD-Pro) 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a display action, which is not properly handled in PNuserapi.PHP.

6.4
2006-04-13 CVE-2006-1784 Sphider Remote File Include vulnerability in Sphider 1.3/1.3Rc1/1.3Rc2

PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings_dir parameter.

5.1
2006-04-13 CVE-2006-1768 Tritanium Scripts Cross-Site Scripting vulnerability in Tritanium Scripts Tritanium Bulletin Board 1.2.3

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php.

5.1
2006-04-12 CVE-2006-0014 Microsoft Buffer Overflow vulnerability in Microsoft Outlook Express Windows Address Book File Parsing

Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.

5.1
2006-04-12 CVE-2006-0012 Microsoft Remote Code Execution vulnerability in Microsoft Windows Shell COM Object

Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."

5.1
2006-04-12 CVE-2006-0003 Microsoft Remote Code Execution vulnerability in Microsoft MDAC RDS.Dataspace ActiveX Control

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.

5.1
2006-04-11 CVE-2006-1717 Mybulletinboard HTML Injection vulnerability in Mybulletinboard 1.10

Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username.

5.1
2006-04-11 CVE-2006-1716 Mybulletinboard HTML Injection vulnerability in Mybulletinboard 1.10

Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag.

5.1
2006-04-15 CVE-2006-1437 Upoint Information Disclosure vulnerability in Upoint AT1 Event Publisher 20031218

UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eventpublisher.txt.

5.0
2006-04-14 CVE-2006-1738 Mozilla Unspecified vulnerability in Mozilla products

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.

5.0
2006-04-14 CVE-2006-1742 Mozilla Unspecified vulnerability in Mozilla products

The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.

5.0
2006-04-13 CVE-2006-1789 Georges Auberger Arbitrary PHP Code Execution vulnerability in PAJAX

Directory traversal vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to read arbitrary files via the $className variable.

5.0
2006-04-13 CVE-2006-1763 Blursoft Input Validation vulnerability in Blursoft Blur6Ex 0.3.462

Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a (1) g_reply or (2) g_permaPost action to the blog shard (engine/shards/blog.php), or a (3) g_viewContent action to the content shard (engine/shards/content.php).

5.0
2006-04-12 CVE-2006-1746 Tincan Path Traversal vulnerability in Tincan PHPlist

Directory traversal vulnerability in PHPList 2.10.2 and earlier allows remote attackers to include arbitrary local files via the (1) GLOBALS[database_module] or (2) GLOBALS[language_module] parameters, which overwrite the underlying $GLOBALS variable.

5.0
2006-04-11 CVE-2006-1719 Microsoft Denial-Of-Service vulnerability in Microsoft IE 6

Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any scrollbar Cascading Style Sheets (CSS) property.

5.0
2006-04-11 CVE-2006-1718 Clever Copy Information Disclosure vulnerability in Clever Copy Connect.INC

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc.

5.0
2006-04-11 CVE-2006-1715 Tugzip Remote Directory Traversal vulnerability in Tugzip 3.1.0.2/3.3/3.4

Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0.2 allow user-assisted attackers to create files in arbitrary directories via a ..

5.0
2006-04-11 CVE-2006-1711 Plone Unspecified vulnerability in Plone 2.0.5/2.1.2/2.5Beta1

Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.

5.0
2006-04-11 CVE-2006-1707 Kansok Communications Remote Security vulnerability in Shopweezle

index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter.

5.0
2006-04-11 CVE-2006-1704 Hubert Plisson Unspecified vulnerability in Hubert Plisson Sire 2.0

Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php.

5.0
2006-04-11 CVE-2006-1693 Globalscape Remote Denial of Service vulnerability in GlobalSCAPE Secure FTP Server

Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a "custom command" with a long argument.

5.0
2006-04-11 CVE-2006-1686 APT Remote Security vulnerability in Apt-Webshop-System 3.0/4.0

Unspecified vulnerability in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to access unspecified files via a modified warp parameter.

5.0
2006-04-11 CVE-2006-1684 Ecotwo Remote Security vulnerability in Ecotwo Shopsystem 1.0192

Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.

5.0
2006-04-14 CVE-2006-0558 Linux Local Denial of Service vulnerability in Linux Kernel Perfmon.c

perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function.

4.9
2006-04-10 CVE-2006-1522 Linux Improper Input Validation vulnerability in Linux Kernel 2.6.16.1/2.6.17

The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.

4.9
2006-04-13 CVE-2006-1628 Adobe Unspecified vulnerability in Adobe Livecycle Form Manager 7.01

Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system.

4.6
2006-04-12 CVE-2006-1744 Joey Hess Local Buffer Overflow vulnerability in BSD-Games

Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.

4.6
2006-04-15 CVE-2006-1436 Upoint HTML Injection vulnerability in Upoint AT1 Event Publisher 20031218

Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) eventpublisher_admin.htm and (b) eventpublisher_usersubmit.htm.

4.3
2006-04-14 CVE-2006-1741 Mozilla
Canonical
Cross-Site Scripting vulnerability in multiple products

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".

4.3
2006-04-14 CVE-2006-1732 Mozilla Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.

4.3
2006-04-14 CVE-2006-1731 Mozilla Cross-Site Scripting vulnerability in Mozilla products

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks.

4.3
2006-04-14 CVE-2006-1729 Mozilla
Canonical
Improper Input Validation vulnerability in multiple products

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.

4.3
2006-04-13 CVE-2006-1775 Phpbb Group Cross-Site Scripting vulnerability in PHPbb Group PHPbb 2.0.19

Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) groupcp.php, the (4) Theme Name field in (d) admin_styles.php, and the (5) Rank Title field in (e) admin_ranks.php.

4.3
2006-04-13 CVE-2006-1760 Jetphotosoft COM Cross-Site Scripting vulnerability in Jetphotosoft.Com Jetphoto 1.0/2.0/2.1

Multiple cross-site scripting (XSS) vulnerabilities in JetPhoto allow remote attackers to inject arbitrary web script or HTML via the page parameter in (1) Classic.view/thumbnail.php, (2) Classic.view/gallery.php, (3) Classic.view/detail.php, or (4) Orange.view/detail.php; or (5) the name parameter in Orange.view/slideshow.php.

4.3
2006-04-11 CVE-2006-1720 Arabless Cross-Site Scripting vulnerability in Arabless Saphplesson 2.0/3.0

Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter.

4.3
2006-04-11 CVE-2006-1698 Matt Wright Cross-Site Scripting vulnerability in Matt Wright Guestbook

Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) url, (2) city, (3) state, or (4) country parameters.

4.3
2006-04-11 CVE-2006-1697 Matt Wright HTML Injection vulnerability in Matt Wright Guestbook Guestbook.PL

Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) Your Name, (2) E-Mail, or (3) Comments fields when posting a message.

4.3
2006-04-11 CVE-2006-1696 Gallery Project Cross-Site Scripting vulnerability in Gallery

Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

4.3
2006-04-11 CVE-2006-1687 APT Cross-Site Scripting vulnerability in Apt-Webshop-System 3.0/4.0

Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to inject arbitrary web script or HTML via the message parameter, probably involving the basket functionality.

4.3
2006-04-11 CVE-2006-1682 Talentsoft Cross-Site Scripting vulnerability in Talentsoft Web+ Shop 5.0

Cross-site scripting (XSS) vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script.

4.3
2006-04-11 CVE-2006-1681 Cherokee Unspecified vulnerability in Cherokee Httpd

Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.

4.3
2006-04-11 CVE-2006-1679 Jupiter CMS Cross-Site Scripting vulnerability in Jupiter CMS Jupiter CMS 1.1.5

Cross-site scripting (XSS) vulnerability in modules/online.php in Jupiter CMS 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the layout parameter to index.php.

4.3
2006-04-11 CVE-2006-1678 Phpmyadmin Cross-Site Scripting vulnerability in PHPMyAdmin

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory.

4.3
2006-04-10 CVE-2006-0996 PHP Cross-Site Scripting vulnerability in PHP 4.4.2/5.1.2

Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including (1) a large number of dimensions or (2) long values, which prevents HTML tags from being removed.

4.3
2006-04-11 CVE-2006-1191 Microsoft Information Disclosure vulnerability in Microsoft Internet Explorer Popup Cross-Domain

Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site.

4.0

31 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-04-14 CVE-2006-1740 Mozilla Unspecified vulnerability in Mozilla products

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.

2.6
2006-04-14 CVE-2006-1736 Mozilla Unspecified vulnerability in Mozilla products

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option.

2.6
2006-04-14 CVE-2006-1725 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Seamonkey

Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.

2.6
2006-04-13 CVE-2006-1788 Adobe Remote vulnerability in Adobe Document Server 6.0

Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks.

2.6
2006-04-13 CVE-2006-1787 Adobe Remote vulnerability in Adobe Document Server 6.0

Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session.

2.6
2006-04-13 CVE-2006-1786 Adobe Remote vulnerability in Adobe Document Server 6.0

Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via (1) the actionID parameter in ads-readerext and (2) the op parameter in AlterCast.

2.6
2006-04-13 CVE-2006-1783 Patronet Cross-Site Scripting vulnerability in PatroNet CMS

Cross-site scripting (XSS) vulnerability in PatroNet CMS allows remote attackers to inject arbitrary web script or HTML via the URI.

2.6
2006-04-13 CVE-2006-1761 Blursoft Input Validation vulnerability in Blursoft Blur6Ex 0.3.462

Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter, which is not sanitized in the error message.

2.6
2006-04-13 CVE-2006-1759 Swsoft Cross-Site Scripting vulnerability in Swsoft Confixx 3.1.2

Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the jahr parameter.

2.6
2006-04-13 CVE-2006-1757 Bill Shupp Input Validation vulnerability in Bill Shupp Vegadns 0.99

Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 allows remote attackers to inject arbitrary web script or HTML via the message parameter.

2.6
2006-04-12 CVE-2006-1752 Michiel VAN Baak Input Validation vulnerability in MvBlog

Multiple cross-site scripting (XSS) vulnerabilities in the backend in MvBlog before 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) body fields in a comment.

2.6
2006-04-12 CVE-2006-1750 JMB Software Cross-Site Scripting vulnerability in JMB Software Autogallery 0.41

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Autogallery 0.41 allow remote attackers to inject arbitrary web script or HTML via the (1) pic or (2) show parameters.

2.6
2006-04-12 CVE-2006-1748 XMB Software Cross-Site Scripting vulnerability in XMB Software XMB Forum 1.9.5

Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows remote attackers to inject arbitrary web script or HTML by uploading a Flash (.SWF) video that contains a getURL function call, which causes the video to be rendered without disabling ActionScript.

2.6
2006-04-12 CVE-2006-1745 Bitweaver Cross-Site Scripting vulnerability in Bitweaver 1.3

Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the error parameter.

2.6
2006-04-11 CVE-2006-1721 Cyrus Improper Input Validation vulnerability in Cyrus Sasl

digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.

2.6
2006-04-11 CVE-2006-1192 Microsoft
Canon
Improper Input Validation vulnerability in multiple products

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626.

2.6
2006-04-11 CVE-2006-1712 GNU Cross-Site Scripting vulnerability in GNU Mailman 2.1.7

Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.

2.6
2006-04-11 CVE-2006-1701 Shadowed Portal Cross-Site Scripting vulnerability in Shadowed Portal

Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php.

2.6
2006-04-11 CVE-2006-1699 Aweb Cross-Site Scripting vulnerability in AWeb's Banner Generator

Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the banner parameter in view mode.

2.6
2006-04-11 CVE-2006-1680 Jupiter CMS Remote Security vulnerability in Jupiter CMS Jupiter CMS 1.1.5

Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php.

2.6
2006-04-10 CVE-2006-1675 Phpwebgallery Cross-Site Scripting vulnerability in PHPwebgallery 1.4.1

Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) num, and (3) search parameters to (a) category.php, and the (4) slideshow, (5) show_metadata, and (6) start parameters to (b) picture.php, a different vulnerability than CVE-2006-1674.

2.6
2006-04-10 CVE-2006-1674 Phpwebgallery Cross-Site Scripting vulnerability in PHPwebgallery 1.4.1

Cross-site scripting (XSS) vulnerability in search.php in PHPWebGallery 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2006-1675.

2.6
2006-04-10 CVE-2006-1494 PHP Safe_Mode and Open_Basedir Restriction Bypass vulnerability in PHP

Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

2.6
2006-04-10 CVE-2006-0053 Tony Cook Resource Management Errors vulnerability in Tony Cook Imager

Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, which triggers a NULL pointer dereference.

2.6
2006-04-13 CVE-2006-1785 Adobe Remote vulnerability in Adobe Document Server 6.0

Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext.

2.1
2006-04-13 CVE-2006-1782 SUN Unspecified vulnerability in SUN Solaris and Sunos

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including (2) ldapadd, (3) ldapdelete, (4) ldapmodify, (5) ldapmodrdn, and (6) ldapsearch.

2.1
2006-04-13 CVE-2006-1780 SUN Local Denial of Service vulnerability in Sun Solaris SH(1)

The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh crash) via an unspecified attack vector that causes sh processes to crash during creation of temporary files.

2.1
2006-04-11 CVE-2006-1705 Oracle Unspecified vulnerability in Oracle Oracle10G and Oracle9I

Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.

2.1
2006-04-10 CVE-2006-1549 PHP Resource Management Errors vulnerability in PHP 4.4.2/5.1.2

PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function.

2.1
2006-04-10 CVE-2006-1608 PHP Safe_Mode and Open_Basedir Restriction Bypass vulnerability in PHP

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

2.1
2006-04-11 CVE-2006-1695 Fbida Unspecified vulnerability in Fbida 2.01/2.02/2.03

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].

1.2