Weekly Vulnerabilities Reports > May 8 to 14, 2006
Overview
136 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 37 high severity vulnerabilities. This weekly summary report vulnerabilities in 108 products from 86 vendors including Apple, Microsoft, Ideal Science, Dokeos, and Oasyssoft. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Numeric Errors", "SQL Injection", "Code Injection", and "Information Exposure".
- 127 reported vulnerabilities are remotely exploitables.
- 8 reported vulnerabilities have public exploit available.
- 5 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 131 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 29 reported vulnerabilities.
- Novell has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
4 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-05-12 | CVE-2006-2324 | 180Solutions | Remote Security vulnerability in Zango 180solutions Zango downloads "required Adware components" without checking integrity or authenticity, which might allow context-dependent attackers to execute arbitrary code by subverting the DNS resolution of static.zangocash.com. | 10.0 |
2006-05-11 | CVE-2006-2304 | Novell | Buffer Overflow vulnerability in Novell Client 4.83/4.90/4.91 Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. | 10.0 |
2006-05-12 | CVE-2006-2273 | Verisign | Remote Buffer Overflow vulnerability in Verisign i-Nav ActiveX Control The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not verify Microsoft Cabinet (.CAB) files, which allows remote attackers to run an arbitrary executable file. | 9.3 |
2006-05-11 | CVE-2006-2306 | Keyvan Janghorbani | Cross-Site Scripting vulnerability in EPublisherPro Moreinfo.ASP Cross-site scripting (XSS) vulnerability in moreinfo.asp in EPublisherPro allows remote attackers to inject arbitrary web script or HTML via the title parameter. | 9.3 |
37 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-05-12 | CVE-2006-1455 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | 7.8 |
2006-05-08 | CVE-2006-2236 | ID Software | Remote Buffer Overflow vulnerability in Quake 3 Engine remapShader Command Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command. | 7.6 |
2006-05-12 | CVE-2006-2238 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. | 7.5 |
2006-05-12 | CVE-2006-1456 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | 7.5 |
2006-05-12 | CVE-2006-1450 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | 7.5 |
2006-05-12 | CVE-2006-1449 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. | 7.5 |
2006-05-12 | CVE-2006-1442 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle. | 7.5 |
2006-05-12 | CVE-2006-1441 | Apple | Multiple vulnerability in Apple mac OS X 10.4.6 Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding. | 7.5 |
2006-05-12 | CVE-2006-2346 | Inter7 | Authentication Bypass vulnerability in Inter7 Vpopmail vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP. | 7.5 |
2006-05-12 | CVE-2006-2342 | IBM | Unspecified vulnerability in IBM Websphere Application Server 6.0.2 IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote attackers to bypass authentication for the Welcome Page via a request to the default context root. | 7.5 |
2006-05-12 | CVE-2006-2338 | Planet Concept | Remote Security vulnerability in Planet Concept Planetstat 20050127 PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the (1) admin.php or (2) settings.php page. | 7.5 |
2006-05-12 | CVE-2006-2320 | Ideal Science | Input Validation vulnerability in IdealBB Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. | 7.5 |
2006-05-12 | CVE-2006-2318 | Ideal Science | Input Validation vulnerability in IdealBB Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server. | 7.5 |
2006-05-11 | CVE-2006-2302 | Duware | SQL Injection vulnerability in DUWare DUGallery Login SQL injection vulnerability in admin_default.asp in DUGallery 2.x allows remote attackers to execute arbitrary SQL commands via the (1) Login or (2) password field. | 7.5 |
2006-05-11 | CVE-2006-2301 | Ozzywork | SQL Injection vulnerability in Ozzywork Galeri 2.0 SQL injection vulnerability in admin_default.asp in OzzyWork Galeri allows remote attackers to execute arbitrary SQL commands via the (1) Login or (2) password fields. | 7.5 |
2006-05-11 | CVE-2006-2300 | Keyvan1 | SQL Injection vulnerability in EImagePro Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to subList.asp, (2) SubjectID parameter to imageList.asp, or (3) Pic parameter to view.asp. | 7.5 |
2006-05-10 | CVE-2006-0994 | Sophos | Remote Heap Overflow vulnerability in Sophos Anti-Virus CAB File Scanning Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption. | 7.5 |
2006-05-10 | CVE-2006-2082 | ID Software | Information Disclosure vulnerability in Quake 3 Engine Server Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when the sv_allowdownload cvar is enabled, allows remote attackers to read arbitrary files from the server via ".." sequences in a .pk3 file request. | 7.5 |
2006-05-10 | CVE-2006-2295 | Timobraun | Input Validation vulnerability in Timobraun Dynamic Galerie 1.0 Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php. | 7.5 |
2006-05-10 | CVE-2006-2283 | Spiffyjr | Remote File Include vulnerability in PHPRaid Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) auth.php and (2) auth_phpbb when the phpBB portal is enabled, and via a URL in the smf_root_path parameter in (3) auth.php and (4) auth_SMF when the SMF portal is enabled. | 7.5 |
2006-05-10 | CVE-2006-2281 | X Scripts | Code Injection vulnerability in X-Scripts X-Poll 2.30 X-Scripts X-Poll (xpoll) 2.30 allows remote attackers to execute arbitrary PHP code by using admin/images/add.php to upload a PHP file, then access it. | 7.5 |
2006-05-10 | CVE-2006-2279 | Arabless | SQL Injection vulnerability in Arabless Saphplesson 3.0 Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the Find parameter in (a) search.php, and the (2) LID and (3) Rate parameters in (b) misc.php. | 7.5 |
2006-05-10 | CVE-2006-0034 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. | 7.5 |
2006-05-10 | CVE-2006-0027 | Microsoft | Remote Code Execution vulnerability in Microsoft Exchange Server Calendar Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties. | 7.5 |
2006-05-09 | CVE-2006-2275 | Lksctp Canonical | Improper Locking vulnerability in multiple products Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer." | 7.5 |
2006-05-09 | CVE-2006-2042 | Adobe | SQL Injection vulnerability in Adobe Dreamweaver Generated Code Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models. | 7.5 |
2006-05-09 | CVE-2006-2270 | Jetbox | Remote File Include vulnerability in Jetbox CMS 2.1 PHP remote file inclusion vulnerability in includes/config.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary code via a URL in the relative_script_path parameter. | 7.5 |
2006-05-09 | CVE-2006-2268 | Flexcustomer | SQL Injection vulnerability in Flexcustomer 0.0.1/0.0.4 SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows remote attackers to bypass authentication and execute arbitrary SQL commands via the admin and ordinary user interface, probably involving the (1) checkuser and (2) checkpass parameters to (a) admin/index.php, and (3) username and (4) password parameters to (b) index.php. | 7.5 |
2006-05-09 | CVE-2006-2266 | Chirpy | SQL Injection vulnerability in Chirpy 0.1 SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
2006-05-09 | CVE-2006-2263 | Virtual Programming | SQL Injection vulnerability in Virtual Programming Vp-Asp 6.00 SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2006-05-09 | CVE-2006-2261 | Acal | Remote File Include vulnerability in Acal 2.2.4/2.2.5/2.2.6 PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 7.5 |
2006-05-09 | CVE-2006-2259 | Maxxcode | SQL Injection vulnerability in Maxxcode Maxxschedule 1.0 SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter. | 7.5 |
2006-05-09 | CVE-2006-2255 | Creative Software | SQL Injection vulnerability in Creative Software Community Portal 1.1 Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to (a) ArticleView.php, (2) forum_id parameter to (b) DiscView.php or (c) Discussions.php, (3) event_id parameter to (d) EventView.php, (4) AddVote and (5) answer_id parameter to (e) PollResults.php, or (7) mid parameter to (f) DiscReply.php. | 7.5 |
2006-05-09 | CVE-2006-2253 | Otterware | Remote File Include vulnerability in Otterware Statit 420060207 PHP remote file inclusion vulnerability in visible_count_inc.php in Statit 4 (060207) allows remote attackers to execute arbitrary PHP code via a URL in the statitpath parameter. | 7.5 |
2006-05-09 | CVE-2006-2239 | Tuomas Airaksinen | SQL Injection vulnerability in Tuomas Airaksinen Newsadmin 1.1 SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute arbitrary SQL commands via the nid parameter. | 7.5 |
2006-05-12 | CVE-2006-1451 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. | 7.2 |
2006-05-10 | CVE-2006-0561 | Cisco | Unspecified vulnerability in Cisco Secure Access Control Server Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key. | 7.2 |
86 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-05-12 | CVE-2006-2349 | Oasyssoft | Input Validation vulnerability in E-Business Designer E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.upload.html, (2) common/html_editor/image_browser.html, or (3) common/html_editor/html_editor.html. | 6.8 |
2006-05-12 | CVE-2006-2325 | Onlyscript Info | Input Validation vulnerability in Online Universal Payment System Script Cross-site scripting (XSS) vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to inject arbitrary web script or HTML via the read parameter. | 6.8 |
2006-05-10 | CVE-2006-2294 | Timobraun | Input Validation vulnerability in Timobraun Dynamic Galerie 1.0 Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. | 6.8 |
2006-05-10 | CVE-2006-2290 | WWW Goel CH | Cross-Site Scripting vulnerability in XN--Gol-kma 2005-Comments-Script Komentare.PHP Multiple cross-site scripting (XSS) vulnerabilities in kommentar.php in 2005-Comments-Script allow remote attackers to inject arbitrary web script or HTML via the (1) id, (2) email, and (3) url parameter. | 6.8 |
2006-05-10 | CVE-2006-2286 | Dokeos | Code Injection vulnerability in Dokeos and Dokeos Community Release Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and earlier, and Dokeos community release 2.0.3, allow remote attackers to execute arbitrary PHP code via a URL in the (1) rootSys and (2) clarolineRepositorySys parameters, and possibly the (3) lang_path, (4) extAuthSource, (5) thisAuthSource, (6) main_configuration_file_path, (7) phpDigIncCn, and (8) drs parameters to (a) testheaderpage.php and (b) resourcelinker.inc.php. | 6.8 |
2006-05-10 | CVE-2006-2284 | Claroline Dokeos | Remote File Include vulnerability in Claroline Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php. | 6.8 |
2006-05-09 | CVE-2006-2245 | Phpbb Group | Code Injection vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M/1.3M PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 6.8 |
2006-05-12 | CVE-2006-1448 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme. | 6.5 |
2006-05-12 | CVE-2006-1445 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling." This vulnerability is addressed in the following product release: Apple, Mac OS X, 10.4.6 (2006-003) | 6.5 |
2006-05-12 | CVE-2006-1443 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions. | 6.5 |
2006-05-12 | CVE-2006-2335 | Jelsoft | Remote Security vulnerability in Jelsoft Vbulletin 3.5.8 Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and processes them in a way that allows remote authenticated administrators to gain shell access by uploading a CSS file that contains PHP code, then selecting the file via the style chooser, which causes the PHP code to be executed. | 6.5 |
2006-05-09 | CVE-2006-2264 | Ocean12 Technologies | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. | 6.5 |
2006-05-12 | CVE-2006-2344 | Ajax Softwares | SQL Injection vulnerability in Alipager 1.00/1.12 SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the ubild parameter. | 6.4 |
2006-05-12 | CVE-2006-2339 | EVO DEV | SQL Injection vulnerability in Evo-Dev Evotopsites and Evotopsites PRO SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote attackers to execute arbitrary SQL commands via the (1) cat_id and (2) id parameters. | 6.4 |
2006-05-12 | CVE-2006-2336 | Mybulletinboard | SQL Injection vulnerability in Mybulletinboard 1.1.1 SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote attackers to execute arbitrary SQL commands via the comma parameter. | 6.4 |
2006-05-12 | CVE-2006-2333 | Mybulletinboard | SQL-Injection vulnerability in Mybulletinboard 1.1.1 Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote attackers to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e-mail verification, which is not properly handled in (1) usercp.php and (2) member.php. | 6.4 |
2006-05-12 | CVE-2006-2331 | PHP Fusion | Local File Include vulnerability in PHP-Fusion Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote attackers to include and execute arbitrary local files via (1) a .. | 6.4 |
2006-05-12 | CVE-2006-2330 | PHP Fusion | Local File Include vulnerability in PHP-Fusion PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata. | 6.4 |
2006-05-12 | CVE-2006-2328 | Angelinecms | SQL-Injection vulnerability in AngelineCMS SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string. | 6.4 |
2006-05-12 | CVE-2006-2327 | Novell | Numeric Errors vulnerability in Novell Netware 6.5 Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. | 6.4 |
2006-05-12 | CVE-2006-2322 | Cisco | Unspecified vulnerability in Cisco products The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143. | 6.4 |
2006-05-11 | CVE-2006-2303 | Mirabilis | Unspecified vulnerability in Mirabilis ICQ 5.04Build2321 Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object. | 6.4 |
2006-05-10 | CVE-2006-2296 | Keyvan1 COM | SQL Injection vulnerability in EDirectoryPro Search_result.ASP SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | 6.4 |
2006-05-10 | CVE-2006-2293 | Expinion NET | SQL Injection vulnerability in Expinion.Net Multicalendars 3.0 SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL commands via the calsids parameter. | 6.4 |
2006-05-10 | CVE-2006-2292 | Inhouse Associates | Input Validation vulnerability in IA-Calendar Multiple SQL injection vulnerabilities in IA-Calendar allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in (a) calendar_new.asp and (b) default.asp, and (2) ID parameter in (c) calendar_detail.asp. | 6.4 |
2006-05-09 | CVE-2006-2256 | Eqdkp | Remote File Include vulnerability in EQDKP DBal.PHP PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the eqdkp_root_path parameter. | 6.4 |
2006-05-09 | CVE-2006-2252 | Openfaq | HTML Injection vulnerability in Openfaq 0.4.0 Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 6.4 |
2006-05-09 | CVE-2006-2251 | Invision Power Services | SQL Injection vulnerability in Invision Community Blog Mod.PHP SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter. | 6.4 |
2006-05-09 | CVE-2006-2250 | Cutephp | Information Disclosure vulnerability in Cutephp Cutenews 1.4.1 CuteNews 1.4.1 allows remote attackers to obtain sensitive information via a direct request to (1) /inc/show.inc.php or (2) /inc/functions.inc.php, which reveal the path in an error message. | 6.4 |
2006-05-09 | CVE-2006-2244 | Web4Future | SQL-Injection vulnerability in News Portal Multiple SQL injection vulnerabilities in Web4Future News Portal allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) comentarii.php or (2) view.php. | 6.4 |
2006-05-09 | CVE-2006-2241 | Ftrainsoft | Remote File Include vulnerability in Ftrainsoft Fast Click Sqllite1.1.2/Sqllite1.1.3 PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 6.4 |
2006-05-12 | CVE-2006-2343 | Adventnet | Cross-Site Scripting vulnerability in Adventnet Manageengine Opmanager 6.0 Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. | 5.8 |
2006-05-12 | CVE-2006-2340 | Lethal Penguin | HTML Injection vulnerability in PassMasterFlex Cross-site scripting (XSS) vulnerability in PassMasterFlex and PassMasterFlexPlus (PassMasterFlex+) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password, or (3) User-Agent HTTP header in the Hack Log. | 5.8 |
2006-05-11 | CVE-2006-2305 | Jadu Limited | Cross-Site Scripting vulnerability in Jadu CMS Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow remote attackers to inject arbitrary web script or HTML via the (1) forename, (2) surname, (3) reg_email, (4) email_conf, (5) company, (6) city, (7) postcode, or (8) telephone parameters to site/scripts/register.php. | 5.8 |
2006-05-10 | CVE-2006-2291 | Inhouse Associates | Input Validation vulnerability in IA-Calendar Cross-site scripting (XSS) vulnerability in calendar_new.asp in IA-Calendar allows remote attackers to inject arbitrary web script or HTML via the TypeName1 parameter. | 5.8 |
2006-05-10 | CVE-2006-2287 | Vision Source | HTML Injection vulnerability in Vision Source CMS User Profile Multiple cross-site scripting (XSS) vulnerabilities in Vision Source 0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the fields in a user's profile. | 5.8 |
2006-05-09 | CVE-2006-2257 | Faktorystudios | Cross-Site Scripting vulnerability in Faktorystudios Easyevent 1.0/1.1/1.2 Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 allows remote attackers to inject arbitrary web script or HTML via the curr_year parameter. | 5.8 |
2006-05-09 | CVE-2006-2246 | Uapplication | HTML Injection vulnerability in Uapplication Ublog 1.6Accessedition Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition allows remote attackers to inject arbitrary web script or HTML via text fields when adding a blog entry. | 5.8 |
2006-05-09 | CVE-2006-2243 | Web4Future | Cross-Site Scripting vulnerability in News Portal Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News Portal allow remote attackers to inject arbitrary web script or HTML via the ID parameter to (1) comentarii.php or (2) view.php. | 5.8 |
2006-05-12 | CVE-2006-1465 | Apple | Integer and Buffer Overflow vulnerability in Apple Quicktime 7.0.3/7.0.4 Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file. | 5.1 |
2006-05-12 | CVE-2006-1464 | Apple | Integer and Buffer Overflow vulnerability in Apple Quicktime 7.0.3/7.0.4 Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime MPEG4 (M4P) video format file. | 5.1 |
2006-05-12 | CVE-2006-1463 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime 7.0.3/7.0.4 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value. | 5.1 |
2006-05-12 | CVE-2006-1462 | Apple | Numeric Errors vulnerability in Apple Quicktime Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file. | 5.1 |
2006-05-12 | CVE-2006-1461 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash (SWF) file. | 5.1 |
2006-05-12 | CVE-2006-1460 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. | 5.1 |
2006-05-12 | CVE-2006-1459 | Apple | Numeric Errors vulnerability in Apple Quicktime Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). | 5.1 |
2006-05-12 | CVE-2006-1458 | Apple | Numeric Errors vulnerability in Apple Quicktime 7.0.3/7.0.4 Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. | 5.1 |
2006-05-12 | CVE-2006-1454 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime 7.0.3/7.0.4 Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | 5.1 |
2006-05-12 | CVE-2006-1453 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. | 5.1 |
2006-05-12 | CVE-2006-2323 | Smartisoft | Remote Security vulnerability in Smartisoft PHPlistpro 2.0 Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. | 5.1 |
2006-05-10 | CVE-2006-2285 | Dokeos | Remote File Include vulnerability in Claroline PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter. | 5.1 |
2006-05-09 | CVE-2006-2161 | CAM Development Erik Dienske Roger Aelbrecht | Buffer Overflow vulnerability in TZipBuilder ZIP File Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 and 4.3, and possibly other products, allows user-assisted attackers to execute arbitrary code via a ZIP archive that contains a file with a long file name. | 5.1 |
2006-05-08 | CVE-2006-2237 | Awstats | Remote Arbitrary Command Execution vulnerability in Awstats 6.4/6.5 The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter. | 5.1 |
2006-05-12 | CVE-2006-1447 | Apple | Multiple vulnerability in Apple mac OS X 10.4.6 LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file. | 5.0 |
2006-05-12 | CVE-2006-1446 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked. | 5.0 |
2006-05-12 | CVE-2006-2347 | Oasyssoft | Input Validation vulnerability in Oasyssoft E-Business Designer 2.3.3 E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to obtain the full path of the web server via "'" characters, and possibly other invalid values, in (1) the id parameter to form_grupo.html, or requests to the (2) archivos/ and (3) files/ directories. | 5.0 |
2006-05-12 | CVE-2006-2341 | Symantec | Information Exposure vulnerability in Symantec Enterprise Firewall and Gateway Security The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI. | 5.0 |
2006-05-12 | CVE-2006-2337 | D Link | Path Traversal vulnerability in D-Link Dsl-G604T Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. | 5.0 |
2006-05-12 | CVE-2006-2329 | Angelinecms | Information Disclosure vulnerability in Angelinecms 0.6.5 AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages; and via a direct request for the (21) lib/system/ directory and (22) possibly other lib/ directories, which provide a directory listing and "architecture view." | 5.0 |
2006-05-12 | CVE-2006-2326 | Onlyscript Info | Input Validation vulnerability in Online Universal Payment System Script Directory traversal vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to read arbitrary files via directory traversal sequences in the read parameter. | 5.0 |
2006-05-12 | CVE-2006-2319 | Ideal Science | Input Validation vulnerability in IdealBB Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting an upload, which allows remote attackers to upload and execute an ASP script via a 0x00 character before the ".asp" portion of the filename. | 5.0 |
2006-05-12 | CVE-2006-2317 | Ideal Science | Input Validation vulnerability in IdealBB Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to read arbitrary files under the web root via unspecified attack vectors related to the OpenTextFile method in Scripting.FileSystemObject. | 5.0 |
2006-05-10 | CVE-2006-2298 | Internet KEY Exchange | Denial Of Service vulnerability in Internet KEY Exchange Internet KEY Exchange 1 The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | 5.0 |
2006-05-10 | CVE-2006-0993 | 3Com | Information Disclosure vulnerability in 3Com Tippingpoint SMS Server 2.2.1.4477 The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings. | 5.0 |
2006-05-10 | CVE-2006-2280 | Openengine | Unspecified vulnerability in Openengine 1.7.1/1.8Beta2 Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and earlier allows remote attackers to list arbitrary directories and read arbitrary files via a .. | 5.0 |
2006-05-10 | CVE-2006-2278 | Arabless | Remote Security vulnerability in Arabless Saphplesson 3.0 SaphpLesson 3.0 does not initialize array variables, which allows remote attackers to obtain the full path via an non-array (1) hrow parameter to (a) show.php or (b) index.php; the (2) Lsnrow parameter to (c) showcat.php; or the (3) rows parameter to index.php. | 5.0 |
2006-05-10 | CVE-2006-2277 | Apple | Remote Denial Of Service vulnerability in Apple Mac OS X ImageIO OpenEXR Image File Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file. | 5.0 |
2006-05-10 | CVE-2006-1184 | Microsoft | Buffer Overflow vulnerability in Microsoft Windows MSDTC Heap Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. | 5.0 |
2006-05-09 | CVE-2006-2267 | Kerio | Remote Denial of Service vulnerability in Kerio WinRoute Firewall Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors in the "email protocol inspectors," possibly (1) SMTP and (2) POP3. | 5.0 |
2006-05-09 | CVE-2006-2254 | Intervations | Remote Buffer Overflow vulnerability in Intervations Filecopa 1.01 Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attackers to cause a denial of service (application crash) via a username with a large number of newline characters. | 5.0 |
2006-05-09 | CVE-2006-2248 | Northern Solutions | Unspecified vulnerability in Northern Solutions Xeneo web Server 2.2.22.0 Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via crafted requests containing dot, space, and slash characters in the file extension. | 5.0 |
2006-05-09 | CVE-2006-2247 | Webcalendar | Unspecified vulnerability in Webcalendar 1.0.1/1.0.2/1.0.3 WebCalendar 1.0.1 to 1.0.3 generates different error messages depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames. | 5.0 |
2006-05-09 | CVE-2006-2242 | Acftp | Remote Denial of Service vulnerability in Acftp 1.4 acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with "{" (brace) characters to the USER command. | 5.0 |
2006-05-09 | CVE-2006-2240 | Fujitsu | DNS Denial Of Service vulnerability in Fujitsu NetShelter Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service (device unresponsiveness) via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. | 5.0 |
2006-05-09 | CVE-2006-1172 | TDC | Remote Buffer Overflow vulnerability in TDC Cryptomathic Cenroll Activex Control 1.1.0.0 Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1.0.0 allows remote attackers to execute arbitrary code via vectors related to the TDC Digital signature. | 5.0 |
2006-05-12 | CVE-2006-2316 | Intel | Local Information Disclosure vulnerability in Intel PROset/Wireless S24EvMon.exe in the Intel PROset/Wireless software, possibly 10.1.0.33, uses a S24EventManagerSharedMemory shared memory section with weak permissions, which allows local users to read or modify passwords or other data, or cause a denial of service. | 4.9 |
2006-05-10 | CVE-2006-2276 | Quagga | Resource Management Errors vulnerability in Quagga 0.98.5/0.99.3 bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface. | 4.9 |
2006-05-12 | CVE-2006-1452 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | 4.6 |
2006-05-12 | CVE-2006-2345 | Roostercode Ajax Softwares | Cross-Site Scripting vulnerability in Roostercode Ajax Softwares Alipager 1.5 Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers to inject arbitrary web script or HTML via the ubild parameter. | 4.3 |
2006-05-12 | CVE-2006-2321 | Ideal Science | Input Validation vulnerability in IdealBB Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2006-05-11 | CVE-2006-2307 | Website Baker | HTML Injection vulnerability in Website Baker Website Baker 2.5.2/2.6/2.6.1 Cross-site scripting (XSS) vulnerability in Website Baker CMS before 2.6.4 allows remote attackers to inject arbitrary web script or HTML via a user display name. | 4.3 |
2006-05-10 | CVE-2006-2282 | X7 Group | HTML Injection vulnerability in X7 Group X7 Chat 2.0.2 Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php. | 4.3 |
2006-05-09 | CVE-2006-2269 | Mywebland | HTML Injection vulnerability in Mywebland Mybloggie 2.1.2/2.1.3/2.1.3Beta Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. | 4.3 |
2006-05-09 | CVE-2006-2260 | Drupal | HTML Injection vulnerability in Drupal Project Module Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4.6 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2006-05-09 | CVE-2006-2249 | Cutephp | Cross-Site Scripting vulnerability in CuteNews Multiple cross-site scripting (XSS) vulnerabilities in search.php in CuteNews 1.4.1 and earlier, and possibly 1.4.5, allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) story, or (3) title parameters. | 4.3 |
2006-05-10 | CVE-2006-2297 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Infotech Storage System Library Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling. | 4.0 |
9 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-05-12 | CVE-2006-1457 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | 2.6 |
2006-05-12 | CVE-2006-2348 | Oasyssoft | Input Validation vulnerability in E-Business Designer Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 2.6 |
2006-05-09 | CVE-2006-2265 | Ocean12 Technologies | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. | 2.6 |
2006-05-09 | CVE-2006-2262 | Singapore | Cross-Site Scripting vulnerability in Singapore 0.9.7 Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.7 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 2.6 |
2006-05-09 | CVE-2006-2258 | Maxxcode | Input Validation vulnerability in Maxxcode Maxxschedule 1.0 Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter. | 2.6 |
2006-05-12 | CVE-2006-1444 | Apple | Multiple vulnerability in Apple mac OS X 10.4.6 CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services. | 2.1 |
2006-05-12 | CVE-2006-1440 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-003 BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links. | 2.1 |
2006-05-12 | CVE-2006-1439 | Apple | Information Exposure vulnerability in Apple mac OS X 10.4.6 NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events. | 2.1 |
2006-05-12 | CVE-2006-2334 | Microsoft | Unspecified vulnerability in Microsoft Windows 2000 and Windows XP The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software. | 2.1 |