| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
501 |
CVE-2006-0820 |
|
|
XSS |
2006-03-13 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified error messages. |
|
502 |
CVE-2006-0819 |
|
|
|
2006-03-13 |
2018-10-18 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request. |
|
503 |
CVE-2006-0816 |
|
|
|
2006-03-24 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Orion Application Server before 2.0.7, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot) and (2) space characters in the extension of a URL. |
|
504 |
CVE-2006-0815 |
|
|
|
2006-03-06 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" (forward slash) after the file extension. |
|
505 |
CVE-2006-0814 |
|
|
|
2006-03-06 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files. |
|
506 |
CVE-2006-0746 |
|
|
|
2006-03-09 |
2018-10-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627. |
|
507 |
CVE-2006-0745 |
|
|
Exec Code Bypass |
2006-03-21 |
2018-10-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. |
|
508 |
CVE-2006-0743 |
134 |
|
DoS Mem. Corr. |
2006-03-09 |
2017-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors. |
|
509 |
CVE-2006-0742 |
|
|
DoS |
2006-03-09 |
2018-10-03 |
4.6 |
None |
Local |
Low |
??? |
None |
None |
Complete |
|
The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems. |
|
510 |
CVE-2006-0741 |
|
|
DoS |
2006-03-07 |
2018-10-03 |
1.2 |
None |
Local |
High |
Not required |
None |
None |
Partial |
|
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." |
|
511 |
CVE-2006-0667 |
|
|
|
2006-03-10 |
2011-03-08 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack. |
|
512 |
CVE-2006-0557 |
|
|
|
2006-03-12 |
2018-10-03 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors. |
|
513 |
CVE-2006-0555 |
|
|
DoS |
2006-03-07 |
2018-10-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O). |
|
514 |
CVE-2006-0554 |
|
|
+Info |
2006-03-07 |
2018-10-03 |
1.7 |
None |
Local |
Low |
??? |
None |
Partial |
None |
|
Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. |
|
515 |
CVE-2006-0459 |
119 |
|
Exec Code Overflow |
2006-03-29 |
2018-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. |
|
516 |
CVE-2006-0458 |
|
|
DoS |
2006-03-06 |
2018-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command. |
|
517 |
CVE-2006-0457 |
|
|
DoS |
2006-03-14 |
2018-10-03 |
7.1 |
None |
Remote |
High |
Not required |
Complete |
None |
Complete |
|
Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. |
|
518 |
CVE-2006-0400 |
|
|
Bypass |
2006-03-14 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." |
|
519 |
CVE-2006-0399 |
94 |
|
|
2006-03-14 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. |
|
520 |
CVE-2006-0398 |
94 |
|
|
2006-03-14 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. |
|
521 |
CVE-2006-0397 |
94 |
|
|
2006-03-14 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. |
|
522 |
CVE-2006-0396 |
|
|
Exec Code Overflow |
2006-03-14 |
2018-10-19 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment. |
|
523 |
CVE-2006-0391 |
|
|
Dir. Trav. |
2006-03-03 |
2017-07-20 |
1.7 |
None |
Local |
Low |
??? |
None |
Partial |
None |
|
Directory traversal vulnerability in the BOM framework in Mac OS X 10.x before 10.3.9 and 10.4 before 10.4.5 allows user-assisted attackers to overwrite or create arbitrary files via an archive that is handled by BOMArchiveHelper. |
|
524 |
CVE-2006-0389 |
|
|
XSS |
2006-03-03 |
2017-07-20 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. |
|
525 |
CVE-2006-0388 |
94 |
|
|
2006-03-03 |
2017-07-20 |
2.6 |
None |
Local |
High |
Not required |
None |
Partial |
Partial |
|
Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. |
|
526 |
CVE-2006-0387 |
|
|
Exec Code Overflow |
2006-03-06 |
2017-07-20 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. |
|
527 |
CVE-2006-0386 |
|
|
|
2006-03-03 |
2017-07-20 |
1.7 |
None |
Local |
Low |
??? |
Partial |
None |
None |
|
FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. |
|
528 |
CVE-2006-0384 |
|
|
DoS Exec Code |
2006-03-02 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
automount in Mac OS X 10.4.5 and earlier allows remote file servers to cause a denial of service (unresponsiveness) or execute arbitrary code via unspecified vectors that cause automount to "mount file systems with reserved names". |
|
529 |
CVE-2006-0383 |
|
|
DoS |
2006-03-02 |
2017-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". |
|
530 |
CVE-2006-0323 |
119 |
|
Exec Code Overflow |
2006-03-23 |
2018-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations. |
|
531 |
CVE-2006-0058 |
|
|
Exec Code |
2006-03-22 |
2018-10-19 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations. |
|
532 |
CVE-2006-0052 |
|
|
DoS |
2006-03-31 |
2018-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary. |
|
533 |
CVE-2006-0050 |
|
|
|
2006-03-23 |
2017-07-20 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
|
snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. |
|
534 |
CVE-2006-0049 |
|
|
|
2006-03-13 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455. |
|
535 |
CVE-2006-0047 |
20 |
|
DoS |
2006-03-07 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. |
|
536 |
CVE-2006-0040 |
|
|
DoS |
2006-03-10 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml. |
|
537 |
CVE-2006-0038 |
189 |
|
Overflow |
2006-03-22 |
2017-10-11 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. |
|
538 |
CVE-2006-0031 |
119 |
|
Exec Code Overflow Mem. Corr. |
2006-03-14 |
2018-10-19 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. |
|
539 |
CVE-2006-0030 |
|
|
Exec Code Mem. Corr. |
2006-03-14 |
2018-10-12 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. |
|
540 |
CVE-2006-0029 |
|
|
Exec Code Mem. Corr. |
2006-03-14 |
2018-10-12 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. |
|
541 |
CVE-2006-0028 |
|
|
Exec Code Mem. Corr. |
2006-03-14 |
2018-10-19 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers. |
|
542 |
CVE-2006-0024 |
|
|
Exec Code |
2006-03-15 |
2018-10-12 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. |
|
543 |
CVE-2006-0009 |
|
|
Exec Code Overflow |
2006-03-14 |
2018-10-19 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint. |
