Weekly Vulnerabilities Reports > September 11 to 17, 2006
Overview
143 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 116 products from 91 vendors including Mozilla, Apple, Adobe, Microsoft, and IBM. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", "Cross-site Scripting", "Code Injection", and "Resource Management Errors".
- 129 reported vulnerabilities are remotely exploitables.
- 27 reported vulnerabilities have public exploit available.
- 8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 138 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 7 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
6 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-09-15 | CVE-2006-4831 | Iodine | Security vulnerability in Iodine 0.3/0.3.1 Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "potential security problems." This vulnerability is addressed in the following product release: Iodine, Iodine, 0.3.2 | 10.0 |
2006-09-15 | CVE-2006-4830 | Blojsom | Directory Traversal vulnerability in Blojsom 2.30 Directory traversal vulnerability in EditBlogTemplatesPlugin.java in David Czarnecki Blojsom 2.30 allows remote attackers to have an unknown impact by sending an HTTP request with a certain value of blogTemplate. | 10.0 |
2006-09-15 | CVE-2006-4571 | Mozilla | Remote vulnerability in Mozilla Seamonkey and Thunderbird Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and possibly large images or plugin data. | 10.0 |
2006-09-13 | CVE-2006-4732 | Microsoft | Remote Security vulnerability in Microsoft Visual Basic 6.0 Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certain Click event procedure, as demonstrated using the msgbox function and the VB.Label object. | 10.0 |
2006-09-15 | CVE-2006-4565 | Mozilla | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minimal quantifier." | 9.3 |
2006-09-12 | CVE-2006-0001 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Publisher Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted PUB file, which causes an overflow when parsing fonts. | 9.3 |
48 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-09-15 | CVE-2006-4833 | Verso Netperformer | Denial of Service vulnerability in Verso Netperformer Frame Relay Access Device ACT Sdm9200Series/Sdm9300Series/Sdm9500Series Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allow remote attackers to cause a denial of service (hang or reboot) via an ICMP packet with the same destination and source address and port, aka the "Land" vulnerability. | 7.8 |
2006-09-14 | CVE-2006-4775 | Cisco | Resource Management Errors vulnerability in Cisco Catos and IOS The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. | 7.8 |
2006-09-14 | CVE-2006-4774 | Cisco | Resource Management Errors vulnerability in Cisco IOS 12.1(19) The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | 7.8 |
2006-09-11 | CVE-2006-4623 | Linux | Remote Denial of Service vulnerability in Linux Kernel 2.6.17.8 The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet. | 7.8 |
2006-09-14 | CVE-2006-4777 | Microsoft | Buffer Errors vulnerability in Microsoft IE 6.0 Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446. | 7.6 |
2006-09-12 | CVE-2006-3442 | Microsoft | Code Injection vulnerability in Microsoft Windows XP Unspecified vulnerability in Pragmatic General Multicast (PGM) in Microsoft Windows XP SP2 and earlier allows remote attackers to execute arbitrary code via a crafted multicast message. | 7.6 |
2006-09-15 | CVE-2006-4837 | Codeworx Technologies | Input Validation vulnerability in Codeworx Technologies Dcp-Portal Se6.0 Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) library/lib.php and (2) library/editor/editor.php. | 7.5 |
2006-09-15 | CVE-2006-4832 | Verso Netperformer | Buffer Overflow vulnerability in Verso Netperformer Frame Relay Access Device ACT Sdm9200Series/Sdm9300Series/Sdm9500Series Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username. | 7.5 |
2006-09-15 | CVE-2006-4828 | Photopost | Remote File Include vulnerability in PhotoPost Pro PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 through 4.6 allows remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter. | 7.5 |
2006-09-15 | CVE-2006-4826 | Shadowed Portal | Remote File Include vulnerability in Shadowed Portal Bottom.PHP PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | 7.5 |
2006-09-15 | CVE-2006-4824 | Quicksilver Forums | Remote File Include vulnerability in Quicksilver Forums Activeutil.PHP PHP remote file inclusion vulnerability in lib/activeutil.php in Quicksilver Forums (QSF) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the set[include_path] parameter. | 7.5 |
2006-09-15 | CVE-2006-4823 | Reamday Enterprises | Remote File Include vulnerability in Reamday Enterprises Magic News Pro News_page.PHP PHP remote file inclusion vulnerability in scripts/news_page.php in Reamday Enterprises Magic News Pro 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. | 7.5 |
2006-09-14 | CVE-2006-4800 | Ffmpeg | Buffer Overflow vulnerability in FFmpeg Image File Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. | 7.5 |
2006-09-14 | CVE-2006-4437 | Venture Nine | PHP Code Injection vulnerability in Tagger LE Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via the query string in (1) tags.php, (2) sign.php, and (3) admin/index.php. | 7.5 |
2006-09-14 | CVE-2006-4799 | Xine | Unspecified vulnerability in Xine Xine-Lib 1.0.1/1.0.2/1.1.0 Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802. | 7.5 |
2006-09-14 | CVE-2006-4793 | Tualblog | SQL Injection vulnerability in Tualblog 1.0 Multiple SQL injection vulnerabilities in icerik.asp in TualBLOG 1.0 allow remote attackers to execute arbitrary SQL commands, as demonstrated by the icerikno parameter. | 7.5 |
2006-09-14 | CVE-2006-4785 | Moodle | SQL Injection vulnerability in Moodle SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insert_record function, which calls _adodb_column_sql in the adodb layer (lib/adodb/adodb-lib.inc.php), which does not convert the data type to an int. | 7.5 |
2006-09-14 | CVE-2006-4781 | Futuresoft | Remote Denial Of Service vulnerability in Futuresoft Tftp Server Multithreaded 1.1 Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by sending a crafted packet to port 69/UDP, which triggers the overflow when constructing an absolute path name. | 7.5 |
2006-09-14 | CVE-2006-4780 | Phpbbxs | Remote File Include vulnerability in PhpBB XS Functions.PHP PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2006-09-14 | CVE-2006-4779 | Phpbb Group | Remote File Include vulnerability in Vitrax Premodded Functions_Portal.PHP PHP remote file inclusion vulnerability in includes/functions_portal.php in Vitrax Premodded phpBB 1.0.6-R3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2006-09-14 | CVE-2006-4778 | Cchost | SQL Injection vulnerability in CCHost SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URL, which is used to populate the file ID. | 7.5 |
2006-09-14 | CVE-2006-4776 | Cisco | Buffer Errors vulnerability in Cisco IOS 12.1(19) Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement. | 7.5 |
2006-09-13 | CVE-2006-4770 | Miniportal | Remote File Include vulnerability in MiniPortal Menu.PHP PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skiny parameter. | 7.5 |
2006-09-13 | CVE-2006-4769 | Gtasoft | Remote File Include vulnerability in Gtasoft P4Cms 1.05 PHP remote file inclusion vulnerability in abf_js.php in p4CMS 1.05 allows remote attackers to execute arbitrary PHP code via a URL in the abs_pfad parameter. | 7.5 |
2006-09-13 | CVE-2006-4764 | Wtools | Remote File Include vulnerability in Wtools 0.0.1Alpha PHP remote file inclusion vulnerability in common.php in Thomas LETE WTools 0.0.1-ALPH allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | 7.5 |
2006-09-13 | CVE-2006-4763 | IBM | Unspecified vulnerability in IBM Lotus Domino web Access 7.0.1 IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie. | 7.5 |
2006-09-13 | CVE-2006-4756 | Accomplishtechnology | SQL Injection vulnerability in Accomplishtechnology PHPmydirectory SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to execute arbitrary SQL commands via the letter parameter. | 7.5 |
2006-09-13 | CVE-2006-4749 | Bugada Andrea | Remote Security vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.20 Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activate.php, (2) configure.php, (3) fileop.php, (4) getimg.php, (5) ipblocked.php, (6) register.php, (7) showrecent.php, (8) showtophits.php, (9) usrmanag.php, (10) viewer_bottom.php, (11) viewer_content.php, and (12) viewer_top.php. | 7.5 |
2006-09-13 | CVE-2006-4748 | F ART Agency | SQL Injection vulnerability in F-Art Agency Blog CMS 4.1 Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin/plugins/NP_Log.php, and the (5) pitem parameter in (b) admin/plugins/NP_Poll.php; and allow remote authenticated users to execute arbitrary SQL commands via the (6) pageRef parameter in (c) admin/plugins/NP_Referrer.php. | 7.5 |
2006-09-13 | CVE-2006-4746 | Comscripts | Remote Security vulnerability in Comscripts web Server Creator 0.1 PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. | 7.5 |
2006-09-13 | CVE-2006-4741 | Idevspot | Input Validation vulnerability in Idevspot PHPlinkexchange 1.0 PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter. | 7.5 |
2006-09-13 | CVE-2006-4738 | Jetbox | Remote Security vulnerability in Jetbox CMS 2.1Sr1 PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. | 7.5 |
2006-09-13 | CVE-2006-4737 | Jetbox | Input Validation vulnerability in Jetbox CMS 2.1Sr1 SQL injection vulnerability in index.php in Jetbox CMS allows remote attackers to inject arbitrary web script or HTML via the item parameter. | 7.5 |
2006-09-13 | CVE-2006-4736 | CMS R | SQL Injection vulnerability in Cms.R. 5.5 Multiple SQL injection vulnerabilities in index.php in CMS.R. | 7.5 |
2006-09-13 | CVE-2006-4734 | Tiki | SQL Injection vulnerability in Tiki Tikiwiki Cms/Groupware 1.9.4 Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php in Tikiwiki 1.9.4 allow remote attackers to execute arbitrary SQL commands via the (1) pid and (2) where parameters. | 7.5 |
2006-09-13 | CVE-2006-4733 | Sips | Remote File Include vulnerability in SIPS Box.Inc.PHP PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[sipssys] parameter. | 7.5 |
2006-09-12 | CVE-2006-4722 | Openbb | Remote File Include vulnerability in Devsyn Open Bulletin Board PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) index.php and possibly (2) collector.php. | 7.5 |
2006-09-12 | CVE-2006-4717 | Drupal | Authentication Bypass vulnerability in Drupal Pubcookie.Module 1.2.2.4/1.6.2.1 The login redirection mechanism in the Drupal 4.7 Pubcookie module before 1.2.2.4 2006/09/06 and the Drupal 4.6 Pubcookie module before 1.6.2.1 2006/09/07 allows remote attackers to bypass authentication requirements and spoof identities of arbitrary users via unspecified vectors. | 7.5 |
2006-09-12 | CVE-2006-4716 | Fire Soft Board | Remote File Include vulnerability in Fire Soft Board Demarrage.PHP PHP remote file inclusion vulnerability in demarrage.php in Fire Soft Board (FSB) RC3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | 7.5 |
2006-09-12 | CVE-2006-4715 | Spoonlabs | SQL Injection vulnerability in Spoonlabs Vivvo Article Management CMS 3.2 SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2006-09-11 | CVE-2006-4678 | Comscripts | Remote Security vulnerability in Comscripts News Evolution 3.0.3 PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php. | 7.5 |
2006-09-11 | CVE-2006-4675 | Andreas Gohr | File-Upload vulnerability in Dokuwiki Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors. | 7.5 |
2006-09-11 | CVE-2006-4674 | Andreas Gohr | Unspecified vulnerability in Andreas Gohr Dokuwiki Direct static code injection vulnerability in doku.php in DokuWiki before 2006-030-09c allows remote attackers to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php. | 7.5 |
2006-09-11 | CVE-2006-4672 | Profitcode | Code Injection vulnerability in Profitcode Ppalcart 2.5Ee PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, possibly a component of PayProCart, allows remote attackers to execute arbitrary PHP code via a URL in the (1) proMod parameter to (a) index.php, or the (2) docroot parameter to (b) index.php or (c) mainpage.php. | 7.5 |
2006-09-14 | CVE-2006-4803 | Netiq | Unspecified vulnerability in Netiq Identity Manager 3.0.1 The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | 7.2 |
2006-09-14 | CVE-2006-3454 | Symantec | Local Format String vulnerability in Symantec Client Security and Norton Antivirus Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages. | 7.2 |
2006-09-13 | CVE-2006-3740 | X ORG Xfree86 Project | Integer Overflow vulnerability in X.Org LibXfont CID Font File Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections. | 7.2 |
2006-09-13 | CVE-2006-3739 | X ORG Xfree86 Project | Integer Overflow vulnerability in X.Org LibXfont CID Font File Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. | 7.2 |
77 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-09-15 | CVE-2006-4829 | Blojsom | Cross-Site Scripting vulnerability in Blojsom 2.31 Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote attackers to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi, or (5) blog-category-name parameter in a blog post. | 6.8 |
2006-09-13 | CVE-2006-4751 | Laurentiu Matei | Cross-Site Scripting vulnerability in Laurentiu Matei Expandable Home Page CMS 0.5.1 Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the errcode parameter. | 6.8 |
2006-09-12 | CVE-2006-4640 | Adobe | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors. | 6.8 |
2006-09-12 | CVE-2006-4718 | Korviblog | HTML Injection vulnerability in Korviblog 1.3 Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in KorviBlog 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) prenom, (2) emailFrom, or (3) body parameters. | 6.8 |
2006-09-12 | CVE-2006-4712 | Sage | Cross-Site Scripting vulnerability in Sage 1.3.6 Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read arbitrary local files, aka "Cross Context Scripting." | 6.8 |
2006-09-12 | CVE-2006-4708 | Vikingboard | Cross-Site Scripting vulnerability in Vikingboard 0.1B Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php. | 6.8 |
2006-09-12 | CVE-2006-4707 | Mybulletinboard | Cross-Site Scripting vulnerability in Mybulletinboard 1.1.7 Cross-site scripting (XSS) vulnerability in admin/global.php (aka the Admin CP login form) in MyBB (aka MyBulletinBoard) 1.1.7 allows remote attackers to inject arbitrary web script or HTML via the query string ($_SERVER[PHP_SELF]). | 6.8 |
2006-09-12 | CVE-2006-4706 | Mybulletinboard | Cross-Site Scripting vulnerability in Mybulletinboard 1.1.7 Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1.7 allows remote attackers to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded space, as demonstrated using "java& #115;cript," a different vulnerability than CVE-2006-3761. | 6.8 |
2006-09-11 | CVE-2006-4671 | Fscripts | Code Injection vulnerability in Fscripts Fantastic News 2.1.1/2.1.2/2.1.3 PHP remote file inclusion vulnerability in headlines.php in Fantastic News 2.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter, a different vector than CVE-2006-1154. | 6.8 |
2006-09-13 | CVE-2006-4767 | Stefan Ernst | Directory Traversal vulnerability in Stefan Ernst Newsscript 0.5Beta Multiple directory traversal vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5beta allow remote attackers to (1) read arbitrary local files via a .. | 6.4 |
2006-09-14 | CVE-2006-4801 | Roxio | Race Condition vulnerability in Roxio Toast 7 Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows local users to execute arbitrary code via temporary files, including dejavu_manual.rb, which are executed with raised privileges. | 6.2 |
2006-09-14 | CVE-2006-4782 | Webspell | Authentication Bypass vulnerability in Webspell 4.0/4.1/4.1.1 src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php. | 5.4 |
2006-09-15 | CVE-2006-4836 | Codeworx Technologies | Input Validation vulnerability in Codeworx Technologies Dcp-Portal Se6.0 SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 5.1 |
2006-09-15 | CVE-2006-4827 | Vmist | Remote File Include vulnerability in Vmist Downstat Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat 1.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the art parameter to (1) admin.php, (2) chart.php, (3) modes.php, or (4) stats.php. | 5.1 |
2006-09-14 | CVE-2006-4783 | Webspell | SQL-Injection vulnerability in Webspell 4.0 SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the squadID parameter. | 5.1 |
2006-09-13 | CVE-2006-4750 | Openi CMS Group | Remote File Include vulnerability in OPENi-CMS Fileloader.PHP PHP remote file inclusion vulnerability in openi-admin/base/fileloader.php in OPENi-CMS 1.0.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the config[openi_dir] parameter. | 5.1 |
2006-09-12 | CVE-2006-4389 | Apple | Overflow and Exception vulnerability in Apple QuickTime Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object. | 5.1 |
2006-09-12 | CVE-2006-4388 | Apple | Overflow and Exception vulnerability in Apple QuickTime Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file. | 5.1 |
2006-09-12 | CVE-2006-4386 | Apple | Overflow and Exception vulnerability in Apple QuickTime Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381. | 5.1 |
2006-09-12 | CVE-2006-4385 | Apple | Overflow and Exception vulnerability in Apple QuickTime Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image. | 5.1 |
2006-09-12 | CVE-2006-4384 | Apple | Overflow and Exception vulnerability in Apple QuickTime Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. | 5.1 |
2006-09-12 | CVE-2006-4382 | Apple | Overflow and Exception vulnerability in Apple QuickTime Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie. | 5.1 |
2006-09-12 | CVE-2006-4381 | Apple | Overflow and Exception vulnerability in Apple QuickTime Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie. | 5.1 |
2006-09-12 | CVE-2006-3311 | Adobe | Remote Code Execution vulnerability in Adobe Flash Player Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. | 5.1 |
2006-09-12 | CVE-2006-4723 | Raidenhttpd | Remote File Include vulnerability in Raidenhttpd 1.1.32/1.1.47 PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, when register_globals and WebAdmin is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SoftParserFileXml parameter. | 5.1 |
2006-09-12 | CVE-2006-4721 | Ccleague | Directory Traversal vulnerability in Ccleague PRO Sports CMS 1.0.1Rc1 Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote attackers to read and execute arbitrary local files via a .. | 5.1 |
2006-09-12 | CVE-2006-4719 | Myabracadaweb | Remote File Include vulnerability in Myabracadaweb 1.0.3 Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php. | 5.1 |
2006-09-12 | CVE-2006-4714 | Spoonlabs | Remote Security vulnerability in Spoonlabs Vivvo Article Management CMS 3.2 PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter. | 5.1 |
2006-09-15 | CVE-2006-4835 | Bluview | Information Disclosure vulnerability in Bluview Blue Magic Board 5.5 Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages. | 5.0 |
2006-09-15 | CVE-2006-4566 | Mozilla | Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set ("[\\"), which leads to a buffer over-read. | 5.0 |
2006-09-14 | CVE-2006-4798 | DWS Systems INC | Remote Security vulnerability in Sql-Ledger SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history. | 5.0 |
2006-09-14 | CVE-2006-4790 | GNU | Unspecified vulnerability in GNU Gnutls verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339. | 5.0 |
2006-09-14 | CVE-2006-4786 | Moodle | Input Validation and Information Disclosure vulnerability in Moodle Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups. | 5.0 |
2006-09-14 | CVE-2006-4773 | SUN | Denial-Of-Service vulnerability in SUN Storedge 6130 Arrays 06.12.10.11 Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and earlier allow remote attackers to cause a denial of service (controller reboot) via a flood of traffic on the LAN. | 5.0 |
2006-09-14 | CVE-2006-4772 | Hotplug CMS | Information Disclosure vulnerability in Hotplug Cms HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc. | 5.0 |
2006-09-14 | CVE-2006-4724 | Adobe | Denial of Service vulnerability in Adobe ColdFusion Flash Remoting Gateway Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors involving a crafted command. | 5.0 |
2006-09-13 | CVE-2006-4768 | Stefan Ernst | Remote Security vulnerability in Stefan Ernst Newsscript 0.5Beta Multiple direct static code injection vulnerabilities in add_go.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote attackers to execute arbitrary PHP code via the (1) description, (2) issue, (3) title, (4) var, (5) name, (6) keywords, and (7) note parameters, which are stored in an article file. | 5.0 |
2006-09-13 | CVE-2006-4766 | Stefan Ernst | Directory Traversal vulnerability in Stefan Ernst Newsscript 0.5Beta Directory traversal vulnerability in print.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-09-13 | CVE-2006-4765 | Netgear | Denial Of Service vulnerability in Netgear Dg834Gt 1.01.28 NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of service (device hang) via a long string in the username field in the login window. | 5.0 |
2006-09-13 | CVE-2006-4752 | Laurentiu Matei | Remote Security vulnerability in Laurentiu Matei Expandable Home Page CMS 0.5.1 Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to obtain the installation path via a query to the engine module, probably with an invalid action parameter. | 5.0 |
2006-09-13 | CVE-2006-4744 | Abidia | Information Disclosure vulnerability in O-Anywhere Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing. | 5.0 |
2006-09-13 | CVE-2006-4743 | Wordpress | Information Disclosure vulnerability in WordPress WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6) blogger.php, (7) comments.php, (8) comments-popup.php, (9) dotclear.php, (10) footer.php, (11) functions.php, (12) header.php, (13) hello.php, (14) wp-content/themes/default/index.php, (15) links.php, (16) livejournal.php, (17) mt.php, (18) page.php, (19) rss.php, (20) searchform.php, (21) search.php, (22) sidebar.php, (23) single.php, (24) textpattern.php, (25) upgrade-functions.php, (26) upgrade-schema.php, or (27) wp-db-backup.php, which reveal the path in various error messages. | 5.0 |
2006-09-13 | CVE-2006-4740 | Jetbox | Information Disclosure vulnerability in Jetbox CMS 2.1Sr1 Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message. | 5.0 |
2006-09-13 | CVE-2006-4735 | Kellan Elliott Mccrea | Information Disclosure vulnerability in Magpierss Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain sensitive information via a direct request for (1) rss_fetch.inc.php or (2) rss_parse.inc.php, which reveals the path in various error messages. | 5.0 |
2006-09-12 | CVE-2006-4709 | Vikingboard | SQL Injection vulnerability in Vikingboard 0.1B SQL injection vulnerability in topic.php in Vikingboard 0.1b allows remote attackers to execute arbitrary SQL commands via the s parameter. | 5.0 |
2006-09-12 | CVE-2006-4705 | Dominic Gamble | SQL Injection vulnerability in Dominic Gamble Timesheet.PHP 1.2.1 SQL injection vulnerability in login.php in dwayner79 and Dominic Gamble Timesheet (aka Timesheet.php) 1.2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 5.0 |
2006-09-12 | CVE-2006-2658 | Mono Suse | Directory Traversal vulnerability in Mono XSP Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-09-11 | CVE-2006-4683 | IBM | Remote Input Validation vulnerability in IBM Director 3.1 IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE. | 5.0 |
2006-09-11 | CVE-2006-4682 | IBM | Remote Input Validation vulnerability in IBM Director 3.1 Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets. | 5.0 |
2006-09-11 | CVE-2006-4681 | IBM | Directory Traversal vulnerability in IBM Director 3.1 Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-09-11 | CVE-2006-4679 | Andreas Gohr | Information Disclosure vulnerability in Dokuwiki DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug". | 5.0 |
2006-09-14 | CVE-2006-4802 | Symantec | Local Format String vulnerability in Symantec Client Security and Norton Antivirus Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor. | 4.6 |
2006-09-14 | CVE-2006-4795 | HP | Local Denial of Service vulnerability in HP Hp-Ux 11.11/11.23 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors. | 4.6 |
2006-09-14 | CVE-2006-4789 | Open Movie Editor | Local Buffer Overflow vulnerability in Open Movie Editor Open Movie Editor 0.0.20060901 Buffer overflow in Open Movie Editor 0.0.20060901 allows local users to cause a denial of service (system crash) or execute arbitrary code via a long project name in an open_movie_editor_project XML tag. | 4.6 |
2006-09-14 | CVE-2006-4725 | Adobe | Unspecified vulnerability in Adobe Coldfusion 7.0/7.0.1 Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call components (CFC) within a sandbox from CFML templates that are located outside of the sandbox. | 4.6 |
2006-09-13 | CVE-2006-4758 | Phpbb Group | Unspecified vulnerability in PHPbb Group PHPbb 2.0.21 phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00. | 4.6 |
2006-09-13 | CVE-2006-4757 | E107 | SQL-Injection vulnerability in E107 Multiple SQL injection vulnerabilities in the admin section in e107 0.7.5 allow remote authenticated administrative users to execute arbitrary SQL commands via the (1) linkopentype, (2) linkrender, (3) link_class, and (4) link_id parameters in (a) links.php; the (5) searchquery parameter in (b) users.php; and the (6) download_category_class parameter in (c) download.php. | 4.6 |
2006-09-15 | CVE-2006-4838 | Codeworx Technologies | Input Validation vulnerability in Codeworx Technologies Dcp-Portal Se6.0 Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) root_url and (2) dcp_version parameters in (a) admin/inc/footer.inc.php, and the root_url, (3) page_top_name, (4) page_name, and (5) page_options parameters in (b) admin/inc/header.inc.php. | 4.3 |
2006-09-15 | CVE-2006-4825 | Softcomplex | Cross-Site Scripting vulnerability in PHP Event Calendar Multiple cross-site scripting (XSS) vulnerabilities in cl_files/index.php in SoftComplex PHP Event Calendar 1.5.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) ti, (2) bi, or (3) cbgi parameters. | 4.3 |
2006-09-15 | CVE-2006-4822 | Emusoft | Cross-Site Scripting vulnerability in Emusoft EmuCMS Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) page parameters. | 4.3 |
2006-09-15 | CVE-2006-4821 | Drupal | Cross-Site Scripting vulnerability in Drupal Userreview Module 4.7 Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Userreview module before 1.19 2006/09/12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2006-09-15 | CVE-2006-4568 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other attacks. | 4.3 |
2006-09-14 | CVE-2006-4797 | CJ Design | Cross-Site Scripting vulnerability in CJ Design CJ TAG Board 3.0 Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter. | 4.3 |
2006-09-14 | CVE-2006-4796 | Snitz Communications | Cross-Site Scripting vulnerability in Snitz Communications Snitz Forums 2000 3.4.06 Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter (strtopicsortord variable). | 4.3 |
2006-09-14 | CVE-2006-4794 | E107 | Cross-Site Scripting vulnerability in E107 0.7.5 Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php. | 4.3 |
2006-09-14 | CVE-2006-4784 | Moodle | Input Validation and Information Disclosure vulnerability in Moodle Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php. | 4.3 |
2006-09-14 | CVE-2006-4771 | JBC | Cross-Site Scripting vulnerability in JBC Forumjbc 4.0 Cross-site scripting (XSS) vulnerability in haut.php in ForumJBC 4 allows remote attackers to inject arbitrary web script or HTML via the nb_connecte parameter. | 4.3 |
2006-09-13 | CVE-2006-4762 | Rssreader | HTML Injection vulnerability in RSSReader RSS Feeds Atom Feed Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite. | 4.3 |
2006-09-13 | CVE-2006-4761 | Luke Hutteman | HTML Injection vulnerability in SharpReader Atom Feed Script Multiple cross-site scripting (XSS) vulnerabilities in Luke Hutteman SharpReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite. | 4.3 |
2006-09-13 | CVE-2006-4760 | Benjamin Pasero AND Tobias Eichert | HTML Injection vulnerability in RSSOwl Atom Feed Script Multiple cross-site scripting (XSS) vulnerabilities in Benjamin Pasero and Tobias Eichert RSSOwl allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite. | 4.3 |
2006-09-13 | CVE-2006-4755 | Accomplishtechnology | Cross-Site Scripting vulnerability in Accomplishtechnology PHPmydirectory Cross-site scripting (XSS) vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the letter parameter. | 4.3 |
2006-09-13 | CVE-2006-4747 | Idevspot | Cross-Site Scripting vulnerability in IDevSpot TextAds Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error parameter in error.php. | 4.3 |
2006-09-13 | CVE-2006-4742 | Idevspot | Input Validation vulnerability in Idevspot PHPlinkexchange 1.0 Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2006-09-12 | CVE-2006-0032 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an error message whose charset is set to UTF-7. | 4.3 |
2006-09-12 | CVE-2006-4711 | Sage | Unspecified vulnerability in Sage Multiple cross-site scripting (XSS) vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. | 4.3 |
2006-09-12 | CVE-2006-4710 | Newsgator | Unspecified vulnerability in Newsgator Feeddemon Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. | 4.3 |
2006-09-11 | CVE-2006-4680 | Canon | Information Disclosure vulnerability in Canon ImageRunner The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information. | 4.0 |
12 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-09-13 | CVE-2006-4759 | Punbb | File-Upload vulnerability in Punbb 1.2.12 PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to admin_options.php with an avatars_dir parameter ending in %00. | 3.6 |
2006-09-13 | CVE-2006-4745 | Scarybear | Local Security vulnerability in Scarybear Pocketexpense PRO 3.9.1 ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header. | 3.6 |
2006-09-12 | CVE-2006-4625 | PHP | Unspecified vulnerability in PHP PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults. | 3.6 |
2006-09-15 | CVE-2006-4570 | Mozilla | Remote vulnerability in Mozilla Seamonkey and Thunderbird Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message. | 2.6 |
2006-09-15 | CVE-2006-4569 | Mozilla | Remote vulnerability in Mozilla Firefox/Thunderbird/Seamonkey The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks. | 2.6 |
2006-09-15 | CVE-2006-4567 | Mozilla | Remote vulnerability in Mozilla Firefox and Thunderbird Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update. | 2.6 |
2006-09-14 | CVE-2006-4726 | Adobe | Cross-Site Scripting vulnerability in Adobe ColdFusion Error Page Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page. | 2.6 |
2006-09-13 | CVE-2006-4739 | Jetbox | Input Validation vulnerability in Jetbox CMS 2.1Sr1 Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php. | 2.6 |
2006-09-11 | CVE-2006-4673 | PHP Fusion | SQL Injection vulnerability in PHP-Fusion News.PHP Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks via the _SERVER[REMOTE_ADDR] parameter to news.php. | 2.6 |
2006-09-15 | CVE-2006-4820 | HP | Local Denial of Service vulnerability in HP Hp-Ux 11.00/11.11/11.23 Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | 2.1 |
2006-09-14 | CVE-2006-4787 | Alphamail | Information Disclosure vulnerability in AlphaMail Log File AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. | 2.1 |
2006-09-11 | CVE-2006-4676 | Tibco | Information Disclosure vulnerability in TIBCO Rendezvous Rvrd.DB TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file. | 1.2 |