Weekly Vulnerabilities Reports > October 16 to 22, 2006

Overview

156 new vulnerabilities reported during this period, including 40 critical vulnerabilities and 62 high severity vulnerabilities. This weekly summary report vulnerabilities in 121 products from 89 vendors including Oracle, Phpbb, Comdev, Tincan, and Phplibre. Vulnerabilities are notably categorized as "Code Injection", "Resource Management Errors", "Numeric Errors", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Cross-site Scripting".

  • 142 reported vulnerabilities are remotely exploitables.
  • 45 reported vulnerabilities have public exploit available.
  • 1 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 131 reported vulnerabilities are exploitable by an anonymous user.
  • Oracle has the most reported vulnerabilities, with 47 reported vulnerabilities.
  • Oracle has the most reported critical vulnerabilities, with 39 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

40 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-10-18 CVE-2006-5375 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.46 GA, 8.47 GA, 8.48 GA, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote attack vectors, aka Vuln# (1) PSE01, (2) PSE02, and (3) PSE03.

10.0
2006-10-18 CVE-2006-5374 Oracle Multiple vulnerability in Oracle Pharmaceutical 4.5.1

Unspecified vulnerability in Oracle Pharmaceutical Applications 4.5.1 has unknown impact and remote authenticated attack vectors, aka Vuln# PHAR01.

10.0
2006-10-18 CVE-2006-5370 Oracle Multiple vulnerability in Oracle E-Business Suite 11.5.10.2

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS06 for Oracle CRM Gateway for Mobile Devices and (2) APPS08 for Oracle iStore.

10.0
2006-10-18 CVE-2006-5369 Oracle Multiple vulnerability in Oracle E-Business Suite 11.5.10.2

Unspecified vulnerability in Oracle Application Object Library in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS02.

10.0
2006-10-18 CVE-2006-5368 Oracle Multiple vulnerability in Oracle E-Business Suite 6.2.4

Unspecified vulnerability in Oracle Exchange component in Oracle E-Business Suite 6.2.4 has unknown impact and remote attack vectors, aka Vuln# APPS01.

10.0
2006-10-18 CVE-2006-5366 Oracle Multiple vulnerability in Oracle Application Server 9.0.4.2

Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and remote attack vectors related to (1) Oracle Containers for J2EE, aka Vuln# OC4J01, and (2) Oracle Process Mgmt & Notification, aka OPMN01.

10.0
2006-10-18 CVE-2006-5365 Oracle Multiple vulnerability in Oracle Application Server and E-Business Suite

Unspecified vulnerability in Oracle Forms in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors, aka Vuln# FORM02.

10.0
2006-10-18 CVE-2006-5362 Oracle Multiple vulnerability in Oracle Application Server 10.1.3.0.0

Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 10.1.3.0.0 has unknown impact and remote attack vectors, aka Vuln# OC4J04.

10.0
2006-10-18 CVE-2006-5361 Oracle Multiple vulnerability in Oracle Application Server and Collaboration Suite

Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J03.

10.0
2006-10-18 CVE-2006-5360 Oracle Multiple vulnerability in Oracle Application Server 9.0.4.2

Unspecified vulnerability in Oracle Forms component in Oracle Application Server 9.0.4.2 has unknown impact and remote attack vectors, aka Vuln# FORM03.

10.0
2006-10-18 CVE-2006-5359 Oracle Multiple vulnerability in Oracle Application Server and E-Business Suite

Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle E-Business Suite and Applications 11.5.10CU2, have unknown impact and remote attack vectors, aka Vuln# (1) REP01 and (2) REP02.

10.0
2006-10-18 CVE-2006-5358 Oracle Multiple vulnerability in Oracle Application Server 10.1.2.0.2/9.0.4.3

Unspecified vulnerability in Oracle Forms component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 has unknown impact and remote attack vectors, aka Vuln# FORM01.

10.0
2006-10-18 CVE-2006-5357 Oracle Multiple vulnerability in Oracle Application Server 10.1.2.0.1/10.1.2.0.2/10.1.2.1.0

Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 10.1.2.0.1, 10.1.2.0.2, and 10.1.2.1.0 has unknown impact and remote attack vectors related to the PHP Module, aka Vuln# OHS03.

10.0
2006-10-18 CVE-2006-5356 Oracle Multiple vulnerability in Oracle Application Server and Collaboration Suite

Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J02.

10.0
2006-10-18 CVE-2006-5355 Oracle Multiple vulnerability in Oracle products

Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln# SSO01.

10.0
2006-10-18 CVE-2006-5354 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5, Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0, racle Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln# OHS06.

10.0
2006-10-18 CVE-2006-5353 Oracle Multiple vulnerability in Oracle Application Server and Collaboration Suite

Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors related to the Mod_rewrite Module, aka Vuln# OHS01.

10.0
2006-10-18 CVE-2006-5352 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Multiple unspecified vulnerabilities in Oracle Application Express 1.5 up to 1.6.1 have unknown impact and remote attack vectors, aka Vuln# (1) APEX04, (2) APEX20, and (3) APEX21.

10.0
2006-10-18 CVE-2006-5349 Oracle Multiple vulnerability in Oracle Http Server 9.2.0.7

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running on HP Tru64 UNIX, has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS07.

10.0
2006-10-18 CVE-2006-5348 Oracle Multiple vulnerability in Oracle Collaboration Suite, E-Business Suite and Http Server

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS05.

10.0
2006-10-18 CVE-2006-5347 Oracle Multiple vulnerability in Oracle Http Server 9.2.0.7

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle Collaboration Suite 9.0.4.2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS04.

10.0
2006-10-17 CVE-2006-5323 IBM Remote Security vulnerability in Websphere Application Server

Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360.

10.0
2006-10-18 CVE-2006-5378 Oracle Multiple vulnerability in Oracle Enterpriseone 8.95.P1/8.96.D1/Sp23O2

Unspecified vulnerability in JD Edwards HTML Server in JD Edwards EnterpriseOne SP23_O2, 8.95.P1, and 8.96.D1 has unknown impact and remote authenticated attack vectors, aka Vuln# JDE01.

9.0
2006-10-18 CVE-2006-5377 Oracle Multiple vulnerability in Oracle Peoplesoft Enterprise 8.8/8.9

Unspecified vulnerability in PeopleSoft component in Oracle PeopleSoft Enterprise 8.80 GA, 8.90 GA, 8.8 Bundle 11, and 8.9 Bundle 4 has unknown impact and remote authenticated attack vectors, aka Vuln# PSE05.

9.0
2006-10-18 CVE-2006-5376 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.22 GA, 8.46 GA, 8.47 GA, 8.48 GA, 8.22.11, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) PSE04, (2) PSE06, (3) PSE07, and (4) PSE08.

9.0
2006-10-18 CVE-2006-5373 Oracle Multiple vulnerability in Oracle E-Business Suite 11.5.10.1

Unspecified vulnerability in Oracle Install Base component in Oracle E-Business Suite 11.5.10CU1 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS13.

9.0
2006-10-18 CVE-2006-5372 Oracle Multiple vulnerability in Oracle E-Business Suite 11.5.10/11.5.10.1/11.5.10.2

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS11 for Oracle Universal Work Queue and (2) APPS12 for Oracle Application Object Library.

9.0
2006-10-18 CVE-2006-5371 Oracle Multiple vulnerability in Oracle E-Business Suite 11.5.9

Unspecified vulnerability in Oracle Email Center component in Oracle E-Business Suite 11.5.9 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS07.

9.0
2006-10-18 CVE-2006-5367 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS03 in Oracle Applications Framework, (2) APPS04 in Oracle Applications Technology Stack, and (3) APPS05 in Oracle Balanced Scorecard, (4) APPS09 in Oracle Scripting, and (5) APPS10 in Oracle Trading Community.

9.0
2006-10-18 CVE-2006-5351 Oracle Multiple vulnerability in Oracle Apex 1.5.0/2.0

Multiple unspecified vulnerabilities in Oracle Application Express (formerly Oracle HTML DB) 1.5 up to 2.0 have unknown impact and remote attack vectors, aka Vuln# (1) APEX01, (2) APEX02, (3) APEX03, (4) APEX05, (5) APEX06, (6) APEX07, (7) APEX08, (8) APEX09, (9) APEX10, (10) APEX11, (11) APEX12, (12) APEX13, (13) APEX14, (14) APEX15, (15) APEX16, (16) APEX17, (17) APEX18, (18) APEX19, (19) APEX22, (20) APEX23, (21) APEX24, (22) APEX25, (23) APEX26, (24) APEX27, (25) APEX28, (26) APEX29, (27) APEX30, (28) APEX31, (29) APEX32, (30) APEX33, (31) APEX34, and (32) APEX35.

9.0
2006-10-18 CVE-2006-5345 Oracle Multiple vulnerability in Oracle Database Server 10.1.0.4/9.0.1.5/9.2.0.7

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB22.

9.0
2006-10-18 CVE-2006-5344 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_3gl, aka Vuln# DB20, and (2) mdsys.sdo_cs, aka DB21.

9.0
2006-10-18 CVE-2006-5343 Oracle Multiple vulnerability in Oracle Database Server 10.1.0.3

Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbms_scheduler, aka Vuln# DB19.

9.0
2006-10-18 CVE-2006-5341 Oracle Multiple vulnerability in Oracle Database Server 10.1.0.5/10.2.0.2/9.2.0.7

Multiple unspecified vulnerabilities in XMLDB component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors, aka (1) Vuln# DB14 and (2) DB15 related to xdb.dbms_xdbz.

9.0
2006-10-18 CVE-2006-5339 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB11.

9.0
2006-10-18 CVE-2006-5338 Oracle Multiple vulnerability in Oracle Database Server 10.1.0.5/10.2.0.0

Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5 has unknown impact and remote authenticated attack vectors related to sys.dbms_sqltune, aka Vuln# DB10.

9.0
2006-10-18 CVE-2006-5337 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 has unknown impact and remote authenticated attack vectors, aka Vuln# DB09.

9.0
2006-10-18 CVE-2006-5336 Oracle Multiple vulnerability in Oracle Database Server 10.1.0.5/10.2.0.2/9.2.0.7

Multiple unspecified vulnerabilities in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and have unknown impact and remote authenticated attack vectors related to (1) sys.dbms_cdc_ipublish (Vuln# DB05) and (2) sys.dbms_cdc_isubscribe (DB06).

9.0
2006-10-18 CVE-2006-5335 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to (1) Vuln# DB04 and sys.dbms_cdc_impdp in the (a) Change Data Capture (CDC) component; (2) Vuln# DB07, (3) DB08, and (4) DB16 in sys.dbms_cdc_isubscribe in CDC; and (5) mdsys.sdo_geor_int in the (b) Oracle Spatial component, aka DB12.

9.0
2006-10-18 CVE-2006-5332 Oracle Multiple vulnerability in Oracle Database Server 10.1.0.4/9.2.0.6

Unspecified vulnerability in xdb.dbms_xdbz in the XMLDB component for Oracle Database 9.2.0.6 and 10.1.0.4 has unknown impact and remote authenticated attack vectors, aka Vuln# DB01.

9.0

62 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-10-17 CVE-2006-5316 Phplibre Information Disclosure vulnerability in PHPlibre Registrotl 0.1B/0.5B

registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat.

7.8
2006-10-18 CVE-2006-5346 Oracle Multiple vulnerability in Oracle Collaboration Suite, E-Business Suite and Http Server

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in Oracle Collaboration Suite 9.0.4.2 and Oracle E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors related to htdigest, aka Vuln# OHS02.

7.6
2006-10-20 CVE-2006-5441 Comdev Remote Security vulnerability in Comdev web Blogger 4.1

PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web Blogger 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.

7.5
2006-10-20 CVE-2006-5440 Comdev Remote Security vulnerability in Comdev Form Designer 4.1

PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.

7.5
2006-10-20 CVE-2006-5439 Comdev Code Injection vulnerability in Comdev Misc Tools 4.1

PHP remote file inclusion vulnerability in adminfoot.php in Comdev Misc Tools 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.

7.5
2006-10-20 CVE-2006-5438 Comdev Remote Security vulnerability in Comdev Forum 4.1

PHP remote file inclusion vulnerability in adminfoot.php in Comdev Forum 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.

7.5
2006-10-20 CVE-2006-5436 Freefaq Remote File Include vulnerability in Freefaq 1.0.E

PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote attackers to execute arbitrary PHP code via a URL in the faqpath parameter.

7.5
2006-10-20 CVE-2006-5435 Phpbb Group Unspecified vulnerability in PHPbb Group PHPbb

** DISPUTED ** PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-20 CVE-2006-5434 P News Remote File Include vulnerability in P-News 1.16/1.17

PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 and 1.17 allows remote attackers to execute arbitrary PHP code via a URL in the pn_lang parameter.

7.5
2006-10-20 CVE-2006-5433 Timm Maass Remote File Include vulnerability in Timm Maass Alice CMS 0.1

PHP remote file inclusion vulnerability in modules/guestbook/index.php in ALiCE-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[local_root] parameter.

7.5
2006-10-20 CVE-2006-5431 Phpoutsourcing Remote File Include vulnerability in Zorum DBProperty.PHP

PHP remote file inclusion vulnerability in gorum/dbproperty.php in PHPOutsourcing Zorum 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appDirName parameter.

7.5
2006-10-20 CVE-2006-5429 Barry Nauta Remote File Include vulnerability in Brim

Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter in template.tpl.php in (1) templates/barrel/, (2) templates/sidebar/, (3) templates/text-only, (4) templates/slashdot/, (5) templates/penguin/, (6) templates/pda/, (7) templates/oerdec/, (8) templates/nifty/, (9) templates/mylook, and (10) templates/barry/.

7.5
2006-10-20 CVE-2006-5426 Local Calendar System Remote File Include vulnerability in Local Calendar System Local Calendar System 1.1

PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter.

7.5
2006-10-20 CVE-2006-5423 LOU Portail Remote File Include vulnerability in LOU Portail LOU Portail 1.4.1

PHP remote file inclusion vulnerability in admin/admin_module.php in Lou Portail 1.4.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the g_admin_rep parameter.

7.5
2006-10-20 CVE-2006-5422 Lodel Remote File Include vulnerability in Lodel CMS 0.7.3

PHP remote file inclusion vulnerability in calcul-page.php in Lodel (patchlodel) 0.7.3 allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.

7.5
2006-10-20 CVE-2006-5421 WSN Forum Unspecified vulnerability in WSN Forum WSN Forum

WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php.

7.5
2006-10-20 CVE-2006-5419 University OF Glasgow Remote File Include vulnerability in Specimen Image Database

PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter.

7.5
2006-10-20 CVE-2006-5415 News Defilante Horizontale Remote File Include vulnerability in News Defilante Horizontale News Defilante Horizontale 4.1.1

PHP remote file inclusion vulnerability in includes/functions_newshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-20 CVE-2006-5413 Supermod Remote File Include vulnerability in Supermod 3.0.0

Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 for YABB (YaBBSM) allow remote attackers to execute arbitrary PHP code via a URL in the sourcedir parameter to (1) Offline.php, (2) Sources/Admin.php, (3) Sources/Offline.php, or (4) content/portalshow.php.

7.5
2006-10-20 CVE-2006-5411 Justin White Remote Command Execution vulnerability in FreeWPS Upload.PHP

Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs.

7.5
2006-10-20 CVE-2006-5409 Mobilesecure INC Products Management Interface Multiple Input Validation vulnerability in Highwall

Multiple SQL injection vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2006-10-19 CVE-2006-5407 Osticket Unspecified vulnerability in Osticket

PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.

7.5
2006-10-18 CVE-2006-5402 Phpmybibli Code Injection vulnerability in PHPmybibli

Multiple PHP remote file inclusion vulnerabilities in PHPmybibli 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) class_path, (2) javascript_path, and (3) include_path parameters in (a) cart.php; the (4) class_path parameter in (b) index.php; the (5) javascript_path parameter in (c) edit.php; the (6) include_path parameter in (d) circ.php; unspecified parameters in (e) select.php; and unspecified parameters in other files.

7.5
2006-10-18 CVE-2006-5401 Aroundme Remote File Include vulnerability in Aroundme 0.5.1

PHP remote file inclusion vulnerability in template/barnraiser_01/p_new_password.tpl.php in AROUNDMe 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter.

7.5
2006-10-18 CVE-2006-5399 Phprecipebook Code Injection vulnerability in PHPrecipebook 2.36

PHP remote file inclusion vulnerability in classes/Import_MM.class.php in PHPRecipeBook 2.36, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the g_rb_basedir parameter.

7.5
2006-10-18 CVE-2006-5398 Simplog SQL Injection vulnerability in Simplog 0.9.3.1

SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2006-10-18 CVE-2006-5395 Microsoft Local Buffer Overflow vulnerability in Microsoft Class Package Export Tool 5.0.2752

Buffer overflow in Microsoft Class Package Export Tool (aka clspack.exe) allows context-dependent attackers to execute arbitrary code via a long string.

7.5
2006-10-18 CVE-2006-5392 Opendoc Remote File Include vulnerability in OpenDock FullCore

Multiple PHP remote file inclusion vulnerabilities in OpenDock FullCore 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) sw/index_sw.php; (2) cart.php, (3) lib_cart.php, (4) lib_read_cart.php, (5) lib_sys_cart.php, and (6) txt_info_cart.php in sw/lib_cart/; (7) comment.php, (8) find_comment.php, and (9) lib_comment.php in sw/lib_comment/; (10) sw/lib_find/find.php; and other unspecified PHP scripts.

7.5
2006-10-18 CVE-2006-5388 Webspell SQL Injection vulnerability in WebSpell

SQL injection vulnerability in index.php in WebSPELL 4.01.01 and earlier allows remote attackers to execute arbitrary SQL commands via the getsquad parameter, a different vector than CVE-2006-4783.

7.5
2006-10-18 CVE-2006-5387 Phpbb Plusxl Remote File Include vulnerability in PHPbb Plusxl 20.272

PHP remote file inclusion vulnerability in mods/iai/includes/constants.php in the PlusXL 20_272 and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-18 CVE-2006-5386 Nuralstorm Remote Security vulnerability in Nuralstorm Webmail 0.98B

PHP remote file inclusion vulnerability in process.php in NuralStorm Webmail 0.98b and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DEFAULT_SKIN parameter.

7.5
2006-10-18 CVE-2006-5385 Spamoborona Remote File Include vulnerability in Spamoborona 1.0B

PHP remote file inclusion vulnerability in admin/admin_spam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-18 CVE-2006-5384 CDS Software Consortium Remote File Include vulnerability in CDSAgenda Sendalertemail.PHP

PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter.

7.5
2006-10-18 CVE-2006-5383 DEF Blog SQL Injection vulnerability in Def-Blog 1.0.1

SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter.

7.5
2006-10-18 CVE-2006-5380 Contenido Unspecified vulnerability in Contenido Contendio 4.6.15

** DISPUTED ** Remote file inclusion vulnerability in Contenido CMS allows remote attackers to execute arbitrary PHP code via a URL in the contenido_path parameter to (1) cms/dbfs.php or (2) cms/front_content.php.

7.5
2006-10-18 CVE-2006-5379 Nvidia Buffer Overflow vulnerability in Nvidia Binary Graphics Driver V8762/V8774

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.

7.5
2006-10-17 CVE-2006-5326 Phpbb Prillian Remote Security vulnerability in French Language Pack

PHP remote file inclusion vulnerability in language/lang/lang_contact_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-17 CVE-2006-5325 Dimitri Seitz Remote Security vulnerability in Security Suite Ip Logger

Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) mkb.php, (2) iplogger.php, (3) admin_board2.php, or (4) admin_logger.php in includes/, different vectors than CVE-2006-5224.

7.5
2006-10-17 CVE-2006-5324 IBM Remote Security vulnerability in Websphere Application Server

The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374.

7.5
2006-10-17 CVE-2006-5322 Tincan SQL-Injection vulnerability in PHPlist

Multiple SQL injection vulnerabilities in phplist before 2.10.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2006-10-17 CVE-2006-5318 Nayco Remote File Include vulnerability in Jasmine-Web

PHP remote file inclusion vulnerability in index.php in Nayco JASmine (aka Jasmine-Web) allows remote attackers to execute arbitrary PHP code via an FTP URL in the section parameter.

7.5
2006-10-17 CVE-2006-5317 Jhjgubbels Remote File Include vulnerability in Eboli

PHP remote file inclusion vulnerability in index.php in eboli allows remote attackers to execute arbitrary PHP code via a URL in the contentSpecial parameter.

7.5
2006-10-17 CVE-2006-5315 Phplibre Remote File Include vulnerability in PHPlibre Registrotl 0.1B/0.5B

PHP remote file inclusion vulnerability in main.php in registroTL allows remote attackers to execute arbitrary PHP code via an ftp:// URL in the page parameter.

7.5
2006-10-17 CVE-2006-5314 Phplibre Remote File Include vulnerability in PHPlibre Tribunalibre 3.12Beta

PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter.

7.5
2006-10-17 CVE-2006-5312 Phpbb Remote Security vulnerability in Ajax Shoutbox

PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Shoutbox 0.0.5 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-17 CVE-2006-5311 Buzlas Remote File Include vulnerability in Buzlas 20061Full

PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Buzlas 2006-1 Full allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-17 CVE-2006-5309 Phpbb Remote File Include vulnerability in PHPBB Prillian French Lang_Prillian_Faq.PHP

PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

7.5
2006-10-17 CVE-2006-5308 Open Conference Systems Remote File Include vulnerability in Open Conference Systsems Fullpath

Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.

7.5
2006-10-17 CVE-2006-5307 Afgb Remote File Include vulnerability in Afgb Guestbook 2.2

Multiple PHP remote file inclusion vulnerabilities in AFGB GUESTBOOK 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the Htmls parameter in (1) add.php, (2) admin.php, (3) look.php, or (4) re.php.

7.5
2006-10-17 CVE-2006-5304 Inccms Technology Remote File Include vulnerability in IncCMS Core Inc_Dir

PHP remote file inclusion vulnerability in inc/settings.php in IncCMS Core 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter.

7.5
2006-10-17 CVE-2006-5302 Redaction System Code Injection vulnerability in Redaction System Redaction System 1.0000

Multiple PHP remote file inclusion vulnerabilities in Redaction System 1.0000 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang_prefix parameter to (a) conn.php, (b) sesscheck.php, (c) wap/conn.php, or (d) wap/sesscheck.php, or the (2) lang parameter to (e) index.php.

7.5
2006-10-16 CVE-2006-4182 Clam Anti Virus Buffer Overflow vulnerability in Clam Anti-Virus PE Rebuilding Heap

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.

7.5
2006-10-16 CVE-2006-5292 Exhibit Engine Remote File Include vulnerability in Exhibit Engine Exhibit Engine 1.22/1.5Rc4

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.

7.5
2006-10-16 CVE-2006-5291 Alex Code Injection vulnerability in Alex Downloadengine 1.4.2

PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter.

7.5
2006-10-20 CVE-2006-4926 Kaspersky LAB Local Privilege Escalation vulnerability in Kaspersky Labs Anti-Virus NDIS-TDI Hooking Engine

The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.

7.2
2006-10-18 CVE-2006-5350 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and local attack vectors, aka Vuln# OHS08.

7.2
2006-10-17 CVE-2006-5328 Apple
Openbase International LTD
Privilege Escalation vulnerability in Apple Xcode OpenBase

OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.

7.2
2006-10-17 CVE-2006-5327 Apple
Openbase International LTD
Privilege Escalation vulnerability in Apple Xcode OpenBase

Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.

7.2
2006-10-18 CVE-2006-5342 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_tune, aka Vuln# DB18.

7.1
2006-10-18 CVE-2006-5340 Oracle Multiple vulnerability in Oracle October 2006 Security Update

Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_lrs, aka Vuln# DB13, and (2) Vuln# DB17.

7.1
2006-10-18 CVE-2006-5334 Oracle Multiple vulnerability in Oracle Database Server 10.1.0.5/9.0.1.5/9.2.0.7

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03.

7.1
2006-10-18 CVE-2006-5333 Oracle Multiple vulnerability in Oracle Database Server 10.2.0.2

Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln# DB02.

7.1

43 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-10-21 CVE-2006-5442 Viewvc HTML Injection vulnerability in ViewVC UTF-7 Charset

ViewVC 1.0.2 and earlier does not specify a charset in its HTTP headers or HTML documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks that inject arbitrary UTF-7 encoded JavaScript code via a view.

6.8
2006-10-20 CVE-2006-5430 DB Central Cross-Site Scripting vulnerability in DB-Central CMS Search

Cross-site scripting (XSS) vulnerability in the search functionality in db-central (dbc) Enterprise CMS and db-central CMS allows remote attackers to inject arbitrary web script or HTML via the needle parameter.

6.8
2006-10-20 CVE-2006-5418 Phpbb Code Injection vulnerability in PHPbb Searchindexer

PHP remote file inclusion vulnerability in archive/archive_topic.php in pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

6.8
2006-10-18 CVE-2006-5390 Phpbb Code Injection vulnerability in PHPbb ACP User Registration Module 1.00

PHP remote file inclusion vulnerability in includes/functions_mod_user.php in the ACP User Registration (MMW) 1.00 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

6.8
2006-10-18 CVE-2006-4811 Digia
Redhat
Numeric Errors vulnerability in multiple products

Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.

6.8
2006-10-17 CVE-2006-5310 J Pierre Dezelus
Phpmyconferences
Code Injection vulnerability in multiple products

PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter.

6.8
2006-10-17 CVE-2006-5306 Phpbb Code Injection vulnerability in PHPbb Journals System Module 1.0.2

Multiple PHP remote file inclusion vulnerabilities in the Journals System module 1.0.2 (RC2) and earlier for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/journals_delete.php, (2) includes/journals_post.php, or (3) includes/journals_edit.php.

6.8
2006-10-17 CVE-2006-5301 Phpbb Code Injection vulnerability in PHPbb Spamblockermod 1.0/1.0.1

PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

6.8
2006-10-16 CVE-2006-4154 Apache Remote Format String vulnerability in Apache Mod_TCL

Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.

6.8
2006-10-16 CVE-2006-5293 Phpoutsourcing Cross-Site Scripting vulnerability in Noah's Classifieds

Cross-site scripting (XSS) vulnerability in index.php in PhpOutsourcing Noah's Classifieds 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the frommethod parameter.

6.8
2006-10-17 CVE-2006-5313 Hastymail Improper Input Validation vulnerability in Hastymail

Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter.

6.5
2006-10-17 CVE-2006-5300 HP Remote Unauthorized Access and Privilege Escalation vulnerability in HP Version Control Agent 2.0/2.1.4

Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain "unauthorized access" to a remote Repository Manager account and potentially gain privileges via unspecified vectors.

6.5
2006-10-19 CVE-2006-5405 Toshiba Denial-Of-Service vulnerability in Bluetooth Wireless Device Driver 3.X/4.X

Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth packets.

6.2
2006-10-20 CVE-2006-5427 PHP AMX Remote File Include vulnerability in PHP AMX PHP AMX 0.9.0

PHP remote file inclusion vulnerability in plugins/main.php in Php AMX 0.9.0, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plug_path parameter.

5.1
2006-10-20 CVE-2006-5424 Justsystem Resource Management Errors vulnerability in Justsystem Ichitaro 2006/2006Governmentedition/2006Trialedition

Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326.

5.1
2006-10-20 CVE-2006-5416 F5 Cross-Site Scripting vulnerability in F5 Firepass 1000 5.5

Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter.

5.1
2006-10-20 CVE-2006-5412 PHP Outburst Authentication Bypass vulnerability in PHP Outburst Easynews

admin.php in PHP Outburst Easynews 4.4.1 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.

5.1
2006-10-20 CVE-2006-5410 Boonex Local File Include vulnerability in Boonex Dolphin 5.2

PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter.

5.1
2006-10-20 CVE-2006-5408 Mobilesecure INC Products Management Interface Multiple Input Validation vulnerability in Highwall

Multiple cross-site scripting (XSS) vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to inject arbitrary HTML or web script via unspecified vectors.

5.1
2006-10-19 CVE-2006-5403 Symantec Buffer Overflow vulnerability in Symantec Automated Support Assistant ActiveX Control

Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

5.1
2006-10-18 CVE-2006-5400 Cyberbrau Remote File Include vulnerability in Cyberbrau 0.9.4

PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.

5.1
2006-10-17 CVE-2006-4819 Opera Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opera Browser 9.0/9.01

Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).

5.1
2006-10-17 CVE-2006-5305 Phpbb Remote File Include vulnerability in Lat2Cyr Lat2Cyr.PHP

PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

5.1
2006-10-20 CVE-2006-5437 Phpadsnew Unspecified vulnerability in PHPadsnew 2.0.8

** DISPUTED ** Directory traversal vulnerability in upgrade.php in phpAdsNew 2.0.8 allows remote attackers to read arbitrary files via a ..

5.0
2006-10-20 CVE-2006-5428 Cerberus Unspecified vulnerability in Cerberus Helpdesk 3.2.1

rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.

5.0
2006-10-20 CVE-2006-5425 Xorp Remote Denial of Service vulnerability in Extensible Open Router Platform OSPFv2

XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attackers to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field.

5.0
2006-10-20 CVE-2006-5420 Kerio Denial of Service vulnerability in Kerio WinRoute Firewall

Kerio WinRoute Firewall 6.2.2 and earlier allows remote attackers to cause a denial of service (crash) via malformed DNS responses.

5.0
2006-10-20 CVE-2006-5417 Mcafee Remote Denial of Service vulnerability in McAfee Network Agent

McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.

5.0
2006-10-20 CVE-2006-5414 Barry Nauta Remote Security vulnerability in Brim

Barry Nauta BRIM before 1.2.1 allows remote authenticated users to read information from other users via a modified URL.

5.0
2006-10-18 CVE-2006-5391 Xfire Denial Of Service vulnerability in XFire Packet Handling

Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777.

5.0
2006-10-18 CVE-2006-5389 Wyana Information Disclosure vulnerability in Php-Wyana

tools/tellhim.php in PHP-Wyana allows remote attackers to obtain sensitive information via an invalid lang parameter, which reveals the path in an error message.

5.0
2006-10-18 CVE-2006-5381 Contenido Remote Security vulnerability in Contenido Contendio 4.5.2Alpha/4.5.6Beta/4.6.0

Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.

5.0
2006-10-17 CVE-2006-5330 Adobe Cross-Site Scripting vulnerability in Adobe Flash Player

CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType.

5.0
2006-10-17 CVE-2006-5320 Morian Directory Traversal vulnerability in Morian Album Photo Sans NOM 1.6

Directory traversal vulnerability in getimg.php in Album Photo Sans Nom 1.6 allows remote attackers to read arbitrary files via the img parameter.

5.0
2006-10-17 CVE-2006-5319 Toxi Remote File Include vulnerability in Toxi Foafgen 0.3

Directory traversal vulnerability in redir.php in Foafgen 0.3 allows remote attackers to read arbitrary files via a ..

5.0
2006-10-16 CVE-2006-5295 Clam Anti Virus Denial Of Service vulnerability in Clam Anti-Virus CHM Unpacker

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location." This vulnerability is addressed in the following product release: Clam Anti-Virus, ClamAV, 0.88.5

5.0
2006-10-16 CVE-2006-5210 Ciphertrust Directory Traversal Information Disclosure vulnerability in IronWebMail

Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/").

5.0
2006-10-18 CVE-2006-5396 SUN Local Denial of Service vulnerability in SUN Solaris 10.0

The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system.

4.9
2006-10-17 CVE-2006-5321 Tincan Unspecified vulnerability in Tincan PHPlist

Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2006-10-17 CVE-2006-5299 Gcontact Cross-Site Scripting vulnerability in Gcontact 0.6.5

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Gcontact 0.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2006-10-16 CVE-2006-5296 Microsoft Remote Denial of Service vulnerability in Microsoft Powerpoint 2003

PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted PowerPoint (.PPT) file, as demonstrated by Nanika.ppt, and a different vulnerability than CVE-2006-3435, CVE-2006-3876, CVE-2006-3877, and CVE-2006-4694.

4.3
2006-10-16 CVE-2006-5294 Tincan Unspecified vulnerability in Tincan PHPlist

Cross-site scripting (XSS) vulnerability in index.php in phplist before 2.10.3 allows remote attackers to inject arbitrary web script or HTML via the unsubscribeemail parameter.

4.3
2006-10-17 CVE-2006-4342 Redhat Denial-Of-Service vulnerability in Redhat Enterprise Linux 3.0

The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to cause a denial of service (deadlock) by running the shmat function on an shm at the same time that shmctl is removing that shm (IPC_RMID), which prevents a spinlock from being unlocked.

4.0

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2006-10-19 CVE-2006-5406 Passgo Local Insecure Default Directory Permissions vulnerability in Passgo Defender 5.2

Passgo Defender 5.2 creates the application directory with insecure permissions (Everyone/Full Control), which allows local users to read and modify sensitive files.

3.6
2006-10-20 CVE-2006-5432 Marc Giombetti Remote Code Execution vulnerability in Marc Giombetti PHPpowercards 2.10

Multiple direct static code injection vulnerabilities in db/txt.inc.php in phpPowerCards 2.10, when register_globals is enabled, allow remote attackers to create or overwrite arbitrary files via the (1) email[to], (2) email[from], (3) name[to], (4) name[from], (5) picture, (6) comment, or (7) sessionID parameter, as demonstrated by creating a new .php file that permits remote file inclusion, and then requesting this file.

2.6
2006-10-19 CVE-2006-5404 Symantec Buffer Overflow vulnerability in Symantec Automated Support Assistant ActiveX Control

Unspecified vulnerability in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to obtain sensitive information via unspecified vectors.

2.6
2006-10-18 CVE-2006-5363 Oracle Multiple vulnerability in Oracle Application Server and Collaboration Suite

Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 10.1.2.0.1 and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka Vuln# SSO02.

2.6
2006-10-18 CVE-2006-5394 Cisco Information Disclosure vulnerability in Cisco Secure Desktop SSL VPN Session

The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session.

2.1
2006-10-18 CVE-2006-5393 Cisco Information Disclosure vulnerability in Cisco Secure Desktop SSL VPN Session

Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session.

2.1
2006-10-18 CVE-2006-5364 Oracle Multiple vulnerability in Oracle Application Server and Collaboration Suite

Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.1 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote authenticated attack vectors, aka Vuln# OC4J05.

2.1
2006-10-17 CVE-2006-5173 Linux
Canonical
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access.
2.1
2006-10-17 CVE-2006-5303 Securecomputing RemoteAccess Local Information Disclosure vulnerability in Securecomputing Safeword Remoteaccess 2.1

Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtain the UserCenter webportal password, database encryption keys, and signing keys by reading (1) base-64 encoded data in SERVERS\Web\Tomcat\usercenter\WEB-INF\login.conf and (2) plaintext data in SERVERS\Shared\signers.cfg.

2.1
2006-10-16 CVE-2006-5298 Mutt Unspecified vulnerability in Mutt

The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and safe_fopen function calls.

1.2
2006-10-16 CVE-2006-5297 Mutt Multiple vulnerability in Mutt Insecure Temporary File Creation

Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

1.2