Weekly Vulnerabilities Reports > June 12 to 18, 2006

Overview

135 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 43 high severity vulnerabilities. This weekly summary report vulnerabilities in 115 products from 88 vendors including Microsoft, Vbzoom, Cescripts, Myscrapbook, and Okscripts. Vulnerabilities are notably categorized as "Cross-site Scripting", "Code Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Numeric Errors".

  • 130 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities have public exploit available.
  • 8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 131 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 18 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 7 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

9 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-06-13 CVE-2006-2382 Microsoft Buffer Errors vulnerability in Microsoft IE 5.01/6

Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability."

10.0
2006-06-13 CVE-2006-2373 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 2000, Windows Server 2003 and Windows XP

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

10.0
2006-06-17 CVE-2006-3059 Microsoft Remote Code Execution vulnerability in Microsoft Excel

Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors.

9.3
2006-06-14 CVE-2006-3017 PHP Multiple Unspecified vulnerability in PHP

zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations.

9.3
2006-06-14 CVE-2006-3016 PHP Group Multiple Unspecified vulnerability in PHP

Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities.

9.3
2006-06-13 CVE-2006-2383 Microsoft Remote Code Execution vulnerability in Microsoft IE 5.01/6

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.

9.3
2006-06-13 CVE-2006-2379 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.

9.3
2006-06-13 CVE-2006-1303 Microsoft Code Injection vulnerability in Microsoft IE 5.0.1/6.0

Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImageTransform.Microsoft.MMSpecialEffect2Inputs, (4) DXImageTransform.Microsoft.MMSpecialEffect2Inputs.1, (5) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input, and (6) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input.1, which causes memory corruption during garbage collection.

9.3
2006-06-13 CVE-2006-0025 Microsoft Buffer Errors vulnerability in Microsoft Windows Media Player 10/9

Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size.

9.3

43 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-06-13 CVE-2006-2385 Microsoft Code Injection vulnerability in Microsoft IE 5.01/6.0

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file.

7.6
2006-06-13 CVE-2006-0022 Microsoft Remote Code Execution vulnerability in Microsoft PowerPoint Malformed Record

Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, Office 2004 for Mac, and v.

7.6
2006-06-16 CVE-2006-3056 Vbzoom SQL Injection vulnerability in Vbzoom 1.01

SQL injection vulnerability in language.php in VBZooM 1.01 allows remote attackers to execute arbitrary SQL commands via the Action parameter.

7.5
2006-06-16 CVE-2006-3055 Vbzoom SQL Injection vulnerability in Vbzoom 1.02

Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote attackers to execute arbitrary SQL commands via the (1) QuranID, (2) ShowByQuranID, or (3) Action parameters to meaning.php.

7.5
2006-06-16 CVE-2006-3054 Vbzoom SQL Injection vulnerability in Vbzoom 1.11

Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote attackers to execute arbitrary SQL commands via the (1) sobjectID or (2) MAINID parameters to (a) show.php or (3) MainID parameter to (b) subject.php.

7.5
2006-06-16 CVE-2006-3053 Phorum Remote File Include vulnerability in Retired: PHORUM Common.PHP

** DISPUTED ** PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter.

7.5
2006-06-16 CVE-2006-3048 Tiki SQL Injection vulnerability in Tiki Tikiwiki Cms/Groupware

SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.

7.5
2006-06-16 CVE-2006-3045 Teake Nutma File Include vulnerability in Foing Remote

PHP remote file inclusion vulnerability in manage_songs.php in Foing 0.7.0e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter.

7.5
2006-06-16 CVE-2006-2909 Picozip Buffer Overflow vulnerability in Picozip 4.01

Stack-based buffer overflow in the info tip shell extension (zipinfo.dll) in PicoZip 4.01 allows remote attackers to execute arbitrary code via a long filename in an (1) ACE, (2) RAR, or (3) ZIP archive, which is triggered when the user moves the mouse over the archive.

7.5
2006-06-15 CVE-2006-3042 Ispconfig Remote File Include vulnerability in Ispconfig 2.2.3

** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php.

7.5
2006-06-15 CVE-2006-3041 Codewalkers Unspecified vulnerability in Codewalkers Ltwcalendar 4.1.3

** DISPUTED ** PHP remote file inclusion vulnerability in Ltwcalendar/calendar.php in Codewalkers Ltwcalendar 4.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the ltw_config[include_dir] parameter.

7.5
2006-06-15 CVE-2006-3040 AMR Talkbox Unspecified vulnerability in AMR Talkbox AMR Talkbox

** DISPUTED ** PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter.

7.5
2006-06-15 CVE-2006-3028 Minerva Remote File Inclusion vulnerability in Minerva 2.0.8Abuild237

PHP remote file inclusion vulnerability in stat_modules/users_age/module.php in Minerva 2.0.8a Build 237 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-06-15 CVE-2006-3027 Enthrallweb SQL Injection vulnerability in Enthrallweb ePhotos SubLevel2.ASP

Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) CAT_ID parameter in (a) subphotos.asp and (b) subLevel2.asp, the (2) AL_ID parameter in (c) photo.asp, and the (3) SUB_ID parameter in (d) subLevel2.asp.

7.5
2006-06-15 CVE-2006-3019 Phpcms Code Injection vulnerability in PHPcms 1.2.1P12

Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, and (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, and (10) parser/parser.php.

7.5
2006-06-14 CVE-2006-3018 PHP Group Multiple Unspecified vulnerability in PHP

Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption.

7.5
2006-06-13 CVE-2006-3010 Aliacom Cross-Site Scripting vulnerability in Aliacom Open Business Management 1.0.3Pl1

Multiple SQL injection vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote attackers to execute arbitrary SQL commands via the (1) new_order and (2) order_dir parameters to (a) index.php, (b) group/group_index.php, (c) user/user_index.php, (d) list/list_index.php, and (e) company/company_index.php, and the (3) entity and (4) tf_dateafter parameter to company/company_index.php.

7.5
2006-06-13 CVE-2006-2371 Microsoft Remote Access RASMAN Registry Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP

Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability."

7.5
2006-06-13 CVE-2006-2370 Microsoft Remote Access Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP

Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability."

7.5
2006-06-13 CVE-2006-2376 Microsoft Numeric Errors vulnerability in Microsoft Windows 98, Windows 98Se and Windows ME

Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow.

7.5
2006-06-13 CVE-2006-2998 Free Qboard Remote File Include vulnerability in Free Qboard Free Qboard 1.1

PHP remote file inclusion vulnerability in board/post.php in free QBoard 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter.

7.5
2006-06-13 CVE-2006-2996 Lovecompass Remote File Include vulnerability in Lovecompass Aepartner 0.8.3

PHP remote file inclusion vulnerability in inc/design.inc.php in LoveCompass aePartner 0.8.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dir[data] parameter.

7.5
2006-06-13 CVE-2006-2995 Webprojectdb Remote File Include vulnerability in Webprojectdb 0.1.3

Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter in (1) include/nav.php and (2) include/lang.php.

7.5
2006-06-13 CVE-2006-2993 MY Photo Scrapbook Input Validation vulnerability in My Photo Scrapbook

Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the key parameter in (1) Displayview.asp and (2) Details_Photo_bv.asp.

7.5
2006-06-13 CVE-2006-2987 Dominios Europa SQL-Injection vulnerability in Dominios Europa Picrate 1.0

Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka TAL RateMyPic) 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) voteid, and (3) vfiel parameters to (a) index.php, and via the (4) nick, (5) email, (6) city, (7) messen, and (8) message form field parameters to (b) add.php.

7.5
2006-06-13 CVE-2006-2985 Integramod SQL-Injection vulnerability in Integramod

SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLE_URL parameter.

7.5
2006-06-13 CVE-2006-2983 Enterprise Payroll Systems Remote File Include vulnerability in Enterprise Payroll Systems

PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in cal.php.

7.5
2006-06-13 CVE-2006-2982 Enterprise Payroll Systems Remote File Include vulnerability in Enterprise Payroll Systems AbsolutePath

Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in (1) footer.php and (2) admin/footer.php.

7.5
2006-06-13 CVE-2006-2908 Mybulletinboard Remote PHP Script Code Injection vulnerability in Mybulletinboard 1.1.2

The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier.

7.5
2006-06-12 CVE-2006-2981 Arantius SQL-Injection vulnerability in Vice Stats

SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972.

7.5
2006-06-12 CVE-2006-2980 Viart LTD SQL-Injection vulnerability in Viart LTD Viart Shop Free 2.5.5Enterprise/2.5.5Light/2.5.5Standard

SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter.

7.5
2006-06-12 CVE-2006-2977 Mafia Moblog SQL Injection vulnerability in Mafia Moblog Mafia Moblog

SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earlier allows remote attackers to execute arbitrary SQL commands via the img parameter.

7.5
2006-06-12 CVE-2006-2976 Coppermine Remote Security vulnerability in Coppermine Photo Gallery

Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery before 1.4.7 has unknown impact and remote attack vectors, possibly related to authorization/authentication errors.

7.5
2006-06-12 CVE-2006-2973 PHP Lite SQL Injection vulnerability in PHP Lite Calendar Express 2.2

Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) catid and (2) cid parameter.

7.5
2006-06-12 CVE-2006-2972 Arantius SQL Injection vulnerability in Vice Stats VS_Resource.PHP

SQL injection vulnerability in vs_resource.php in Arantius Vice Stats 0.5b and 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.

7.5
2006-06-12 CVE-2006-2964 Xtreme Scripts File Include vulnerability in Xtreme Scripts Download Manager 1.0

Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php.

7.5
2006-06-12 CVE-2006-2962 Oxfam Australia Remote File Include vulnerability in Empris

PHP remote file inclusion vulnerability in sql_fcnsOLD.php in Emergenices Personnel Information System (Empris) 20020923 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phormationdir parameter.

7.5
2006-06-12 CVE-2006-2961 Aclogic Commands Remote Buffer Overflow vulnerability in ACLogic CesarFTP

Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command.

7.5
2006-06-12 CVE-2006-2960 Joomla Remote File Include vulnerability in Joomla 1.0

PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter.

7.5
2006-06-12 CVE-2006-2959 Snitz Communications SQL Injection vulnerability in Snitz Forums inc_header.ASP

SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie.

7.5
2006-06-12 CVE-2006-2954 Primoris Software Input Validation vulnerability in OfficeFlow

SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter.

7.5
2006-06-12 CVE-2006-2943 CGI Rescue Unspecified vulnerability in Cgi-Rescue Webform

Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages.

7.5
2006-06-14 CVE-2006-3015 Winscp Code Injection vulnerability in Winscp 3.8.1Build328

Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI.

7.1

68 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-06-16 CVE-2006-3052 Cescripts Cross-Site Scripting vulnerability in Event Registration 2Checkout

Cross-site scripting (XSS) vulnerability in Event Registration allows remote attackers to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_events parameter to event-registration.php.

6.8
2006-06-15 CVE-2006-3025 Lucid Designs Cross-Site Scripting vulnerability in Lucid Designs Lucid Calendar 0.22

Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea Lucid Calendar 0.22 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

6.8
2006-06-15 CVE-2006-3022 Fipsasp Cross-Site Scripting vulnerability in fipsGallery

Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter.

6.8
2006-06-15 CVE-2006-3021 Blue Collar Productions Cross-Site Scripting vulnerability in I-Gallery 3.3/3.4

Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) n and (2) d parameters in (a) login.asp and the d parameter in (b) igallery.asp.

6.8
2006-06-15 CVE-2006-3020 Planete Afrique Cross-Site Scripting vulnerability in Ws-Album

Multiple cross-site scripting (XSS) vulnerabilities in FullPhoto.asp in WS-Album 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) image and (2) PublisedDate parameters.

6.8
2006-06-15 CVE-2006-2195 Horde Cross-Site Scripting vulnerability in Horde Application Framework

Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.

6.8
2006-06-13 CVE-2006-2378 Microsoft Remote Code Execution vulnerability in Microsoft IE, Windows 2003 Server and Windows XP

Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption.

6.8
2006-06-13 CVE-2006-1313 Microsoft Unspecified vulnerability in Microsoft products

Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code.

6.8
2006-06-12 CVE-2006-2951 Npds Cross-Site Scripting vulnerability in Npds 4.8/5.0

Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the (1) Titlesitename or (2) sitename parameter to (a) header.php, (3) nuke_url parameter to (b) meta/meta.php, (4) forum parameter to (c) viewforum.php, (5) post_id, (6) forum, (7) topic, or (8) arbre parameter to (d) editpost.php, or (9) uname or (10) email parameter to (e) user.php.

6.8
2006-06-12 CVE-2006-2949 Mybulletinboard Cross-Site Scripting vulnerability in Mybulletinboard 1.1.2

Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the do parameter.

6.8
2006-06-16 CVE-2006-3046 Subtext Remote Security vulnerability in Subtext 1.5

Unspecified vulnerability in the admin login feature in Subtext 1.5, in a multiblog setup, allows remote administrators of one blog to login to another blog.

6.5
2006-06-15 CVE-2006-2197 Wvware Numeric Errors vulnerability in Wvware WV2 0.2.2

Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.

6.5
2006-06-15 CVE-2006-2916 KDE Local Privilege Escalation vulnerability in KDE ArtsWrapper

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.

6.0
2006-06-15 CVE-2006-3036 Andy Mack Cross-Site Scripting vulnerability in Andy Mack 35Mmslidegallery 6.0

Multiple cross-site scripting (XSS) vulnerabilities in 35mmslidegallery 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) imgdir parameter in (a) index.php, and the (2) w, (3) h, and (4) t parameters in (b) popup.php.

5.8
2006-06-15 CVE-2006-3035 Myscrapbook Cross-Site Scripting vulnerability in Myscrapbook 3.1

Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in MyScrapbook 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) comment parameters.

5.8
2006-06-13 CVE-2006-3009 Aliacom Cross-Site Scripting vulnerability in Aliacom Open Business Management 1.0.3Pl1

Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote attackers to inject arbitrary HTML or web script via the (1) tf_lang, (2) tf_name, (3) tf_user, (4) tf_lastname, (5) tf_contact, (6) tf_datebefore, and (7) tf_dateafter parameters to files such as (a) publication/publication_index.php, (b) group/group_index.php, (c) user/user_index.php, (d) list/list_index.php, and (e) company/company_index.php.

5.8
2006-06-13 CVE-2006-3002 Easy AD Manager Cross-Site Scripting vulnerability in ScriptsEZ Easy Ad-Manager

Cross-site scripting (XSS) vulnerability in details.php in Easy Ad-Manager allows remote attackers to inject arbitrary web script or HTML via the mbid parameter, which is reflected in an error message.

5.8
2006-06-13 CVE-2006-3001 Okscripts Cross-Site Scripting vulnerability in Okscripts Okmall 1.0

Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkMall 1.0 allow remote attackers to inject arbitrary web script or HTML via the page parameter.

5.8
2006-06-13 CVE-2006-2994 Christian Becher Cross-Site Scripting vulnerability in Christian Becher Phazizguestbook 2.0

Multiple cross-site scripting (XSS) vulnerabilities in index.php in phazizGuestbook 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, (3) url fields, and (4) text field (content parameter).

5.8
2006-06-16 CVE-2006-3051 SIX Offene Systeme Gmbh Cross-Site Scripting vulnerability in SixCMS

Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter.

5.1
2006-06-16 CVE-2006-3057 Gnome Remote Denial of Service vulnerability in Dhcdbd 1.10/1.12

Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption.

5.0
2006-06-15 CVE-2006-3034 Myscrapbook Information Disclosure vulnerability in Myscrapbook 3.1

MyScrapbook 3.1 allows remote attackers to obtain sensitive information via a direct request to files in the txt-db-api directory such as txt-db-api/sql.php, which reveals the path in an error message.

5.0
2006-06-13 CVE-2006-3005 Gentoo Denial-Of-Service vulnerability in Gentoo Linux and Media-Libs Jpeg

The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.

5.0
2006-06-12 CVE-2006-2978 Mafia Moblog Remote Security vulnerability in Mafia Moblog

Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to (1) big.php and (2) upgrade.php.

5.0
2006-06-12 CVE-2006-2971 Overkill Remote Denial of Service vulnerability in Overkill 0.16

Integer overflow in the recv_packet function in 0verkill 0.16 allows remote attackers to cause a denial of service (daemon crash) via a UDP packet with fewer than 12 bytes, which results in a long length value to the crc32 function.

5.0
2006-06-12 CVE-2006-2970 L0J1K Information Disclosure vulnerability in L0J1K Tinymuw 0.1.0

videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message.

5.0
2006-06-12 CVE-2006-2952 NET Portal Dynamic System Input Validation vulnerability in NPDS

Directory traversal vulnerability in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to read arbitrary files via a ..

5.0
2006-06-12 CVE-2006-2950 Npds Information Exposure vulnerability in Npds 4.8

Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) header.php, (2) contact.php, or (3) forum_extender.php, which reveals the path in an error message.

5.0
2006-06-12 CVE-2006-2948 Alan Ward Unspecified vulnerability in Alan Ward A-Cart

A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information.

5.0
2006-06-12 CVE-2006-2947 DMX Forum Remote Security vulnerability in DMX Forum DMX Forum 2.1A

Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter.

5.0
2006-06-12 CVE-2006-2946 DMX Forum Remote Security vulnerability in Dmx Forum

Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.

5.0
2006-06-12 CVE-2006-2944 CGI Rescue Unspecified vulnerability in Cgi-Rescue Form2Mail

Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages.

5.0
2006-06-16 CVE-2006-3049 Mole Group Ticket Booking Script Cross-Site Scripting vulnerability in Mole Group Ticket Booking Script

Multiple cross-site scripting (XSS) vulnerabilities in booking3.php in Mole Group Ticket Booking Script allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) address1, (3) address2, (4) county, (5) postcode, (6) email, (7) phone, or (8) mobile parameters to booking2.php.

4.3
2006-06-16 CVE-2006-3047 Tiki Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware

Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

4.3
2006-06-15 CVE-2006-3033 Myscrapbook HTML Injection vulnerability in Myscrapbook 3.1

Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input box in singlepage.php when submitting scrapbook pages.

4.3
2006-06-15 CVE-2006-3032 Pensacola WEB Designs Cross-Site Scripting vulnerability in Pensacola web Designs Xtreme ASP Photo Gallery 1.05/2.0

Multiple cross-site scripting (XSS) vulnerabilities in Xtreme ASP Photo Gallery 1.05 and earlier, and possibly 2.0 (trial), allow remote attackers to inject arbitrary web script or HTML via the (1) catname and (2) total parameters in (a) displaypic.asp, and the (3) catname parameter in (b) displaythumbs.asp.

4.3
2006-06-15 CVE-2006-3031 Fipsasp Cross-Site Scripting vulnerability in fipsCMS

Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters.

4.3
2006-06-15 CVE-2006-3030 Dwzone Cross-Site Scripting vulnerability in Dwzone Shopping Cart

Multiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping Cart 1.1.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ToCategory and (2) FromCategory parameters to (a) ProductDetailsForm.asp and (3) UserName and (4) Password parameters to (b) LogIn/VerifyUserLog.asp.

4.3
2006-06-15 CVE-2006-3029 Clicktech Cross-Site Scripting vulnerability in Clicktech Clickcart 6.0

Cross-site scripting (XSS) vulnerability in default.asp in ClickTech Clickcart 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

4.3
2006-06-15 CVE-2006-3026 Clicktech Cross-Site Scripting vulnerability in ClickGallery

Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp.

4.3
2006-06-15 CVE-2006-3024 Evgenius Cross-Site Scripting vulnerability in Evgenius Counter

Multiple cross-site scripting (XSS) vulnerabilities in EvGenius Counter 3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the page parameter in (1) monthly.php and (2) daily.php.

4.3
2006-06-15 CVE-2006-3023 Uapplication Cross-Site Scripting vulnerability in uPhotoGallery

Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) block parameters.

4.3
2006-06-13 CVE-2006-2384 Microsoft Information Exposure vulnerability in Microsoft IE

Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."

4.3
2006-06-13 CVE-2006-2380 Microsoft Improper Authentication vulnerability in Microsoft Windows 2000

Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."

4.3
2006-06-13 CVE-2006-3007 Nullsoft HTML Injection vulnerability in Nullsoft SHOUTcast

Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields (1) Description, (2) URL, (3) Genre, (4) AIM, and (5) ICQ.

4.3
2006-06-13 CVE-2006-3006 Ifoto Cross-Site Scripting vulnerability in Ifoto 0.20

Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter.

4.3
2006-06-13 CVE-2006-3004 Scriptsez Cross-Site Scripting vulnerability in ScriptsEZ Ez Ringtone Manager

Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search.

4.3
2006-06-13 CVE-2006-3003 Easy AD Manager Cross-Site Scripting vulnerability in Easy Ad-Manager

details.php in Easy Ad-Manager allows remote attackers to obtain the full installation path via an invalid mbid parameter, which leaks the path in an error message.

4.3
2006-06-13 CVE-2006-3000 Okscripts Cross-Site Scripting vulnerability in Okscripts Okarticles 1.0

Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

4.3
2006-06-13 CVE-2006-2999 Okscripts Cross-Site Scripting vulnerability in Okscripts Quicklinks 1.1

Cross-site scripting (XSS) vulnerability in search.php in OkScripts QuickLinks 1.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

4.3
2006-06-13 CVE-2006-2992 MY Photo Scrapbook Input Validation vulnerability in My Photo Scrapbook

Cross-site scripting (XSS) vulnerability in display.asp in My Photo Scrapbook 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the key_m parameter.

4.3
2006-06-13 CVE-2006-2991 Ringlink Cross-Site Scripting vulnerability in Ringlink 3.2

Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 allow remote attackers to inject arbitrary web script or HTML via a JavaScript URI in the SRC attribute of an IMG element, and possibly other manipulations, in the ringid parameter in (1) next.cgi, (2) stats.cgi, or (3) list.cgi.

4.3
2006-06-13 CVE-2006-2990 Vanillasoft Cross-Site Scripting vulnerability in Vanillasoft Helpdesk 2005

Cross-site scripting (XSS) vulnerability in default.asp in VanillaSoft Helpdesk 2005 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.

4.3
2006-06-13 CVE-2006-2989 Iisworks Cross-Site Scripting vulnerability in ListPics

Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter.

4.3
2006-06-13 CVE-2006-2988 Chemical Dictionary Cross-Site Scripting vulnerability in ScriptsEZ Chemical Dictionary

Cross-site scripting (XSS) vulnerability in dictionary.php in Chemical Dictionary allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a browse action.

4.3
2006-06-13 CVE-2006-2986 Baby Katie Media Cross-Site Scripting vulnerability in Baby Katie Media Very Simple CAR Lister and Very Simple Realty Lister

Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) title parameter in myslideshow.php.

4.3
2006-06-13 CVE-2006-2984 Integramod Cross-Site Scripting vulnerability in Integramod 1.4.0

Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter.

4.3
2006-06-12 CVE-2006-2969 L0J1K Unspecified vulnerability in L0J1K Tinymuw 0.1.0

Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the input box in quickchat.php, and possibly other manipulations.

4.3
2006-06-12 CVE-2006-2968 PHP Labware Cross-Site Scripting vulnerability in PHP Labware Labwiki 1.0

Cross-site scripting (XSS) vulnerability in search.php in PHP Labware LabWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input box (query parameter).

4.3
2006-06-12 CVE-2006-2966 Particle Soft Cross-Site Scripting vulnerability in Particle Soft Particle Wiki 1.0.2

Cross-site scripting (XSS) vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attackers to inject arbitrary web script or HTML via a BR element with an extraneous IMG tag and a STYLE attribute that contains "/**/" comment sequences, which bypasses the XSS protection scheme.

4.3
2006-06-12 CVE-2006-2965 Particle Soft Cross-Site Scripting vulnerability in Particle Soft Particle Whois 1.0.3

Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the target parameter in index.php and (2) the "input box."

4.3
2006-06-12 CVE-2006-2963 IT Direkt Cross-Site Scripting vulnerability in Cabacos Web Cms

Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Cabacos Web CMS 3.8.498 and earlier allows remote attackers to inject arbitrary web script or HTML via the suchtext parameter.

4.3
2006-06-12 CVE-2006-2957 Skoom Cross-Site Scripting vulnerability in i.List

Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the banurl parameter to add.php.

4.3
2006-06-12 CVE-2006-2956 Skoom Input Validation vulnerability in i.List

Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchword parameter to search.php or (2) siteurl parameter to add.php.

4.3
2006-06-12 CVE-2006-2955 Kaphotoservice Cross-Site Scripting vulnerability in KAPhotoservice

Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice 7.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) New Category (newcategory) or (2) apage parameter to (a) edtalbum.asp, or the (3) cat or (4) albumid parameter to (b) album.asp.

4.3
2006-06-12 CVE-2006-2953 Primoris Software Input Validation vulnerability in OfficeFlow

Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow 2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the sqlType parameter.

4.3
2006-06-15 CVE-2006-2449 KDE Symbolic Link vulnerability in KDE KDM Session Type

KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login.

4.0
2006-06-12 CVE-2006-2945 Andreas Gohr Information Disclosure vulnerability in Dokuwiki

Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors.

4.0

15 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-06-16 CVE-2006-3050 SIX Offene Systeme Gmbh Directory Traversal vulnerability in SixCMS

Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to read arbitrary files via a ..

2.6
2006-06-16 CVE-2006-3044 Logisphere Cross-Site Scripting vulnerability in Logisphere 1.6.0

Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected in an error page.

2.6
2006-06-16 CVE-2006-3043 Cfxe CMS Cross-Site Scripting vulnerability in Cfxe-Cms

Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the voltext_suche parameter.

2.6
2006-06-15 CVE-2006-3039 Cescripts Cross-Site Scripting vulnerability in Realty Home Rent

Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Home Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter.

2.6
2006-06-15 CVE-2006-3038 Cescripts Cross-Site Scripting vulnerability in Realty Room Rent

Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Room Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter.

2.6
2006-06-15 CVE-2006-3037 Site Trade Cross-Site Scripting vulnerability in Site Trade ST Admanager Lite V1

Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ST AdManager Lite allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, (3) article, (4) bio, and (5) name parameters.

2.6
2006-06-13 CVE-2006-1193 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2000

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing."

2.6
2006-06-13 CVE-2006-2997 ZMS Publishing Cross-Site Scripting vulnerability in Zms

Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the raw parameter in the search field.

2.6
2006-06-12 CVE-2006-2979 Viart Cross-Site Scripting vulnerability in Viart Shop 2.5.5Free

Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter in forum.php, which is not properly handled in block_forum_topics.php, and (2) item_id parameter in reviews.php, which is not properly handled in block_reviews.php.

2.6
2006-06-12 CVE-2006-2975 PBL Guestbook Cross-Site Scripting vulnerability in PBL Guestbook PBL Guestbook 1.31

Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG.

2.6
2006-06-12 CVE-2006-2974 Emailarchitect Cross-Site Scripting vulnerability in Email Server

Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp.

2.6
2006-06-12 CVE-2006-2958 Filzip Remote Directory Traversal vulnerability in Filzip 3.05

Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files via a ..

2.6
2006-06-13 CVE-2006-2374 Microsoft Resource Management Errors vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."

2.1
2006-06-13 CVE-2006-2660 PHP Unspecified vulnerability in PHP

Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename.

2.1
2006-06-12 CVE-2006-2967 Syworks Security Bypass vulnerability in Safenet

Syworks SafeNET allows local users to bypass restrictions on network resource consumption by editing the policy.dat file.

2.1