| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
501 |
CVE-2006-2936 |
399 |
|
DoS |
2006-07-10 |
2018-10-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. |
|
502 |
CVE-2006-2935 |
120 |
|
Exec Code Overflow |
2006-07-05 |
2020-08-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. |
|
503 |
CVE-2006-2933 |
|
|
|
2006-07-27 |
2017-10-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. |
|
504 |
CVE-2006-2917 |
|
|
Dir. Trav. |
2006-07-10 |
2011-03-08 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands. |
|
505 |
CVE-2006-2910 |
|
|
Exec Code Overflow |
2006-07-05 |
2017-07-20 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed. |
|
506 |
CVE-2006-2481 |
255 |
|
+Priv XSS |
2006-07-31 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 stores authentication credentials in base 64 encoded format in the vmware.mui.kid and vmware.mui.sid cookies, which allows attackers to gain privileges by obtaining the cookies using attacks such as cross-site scripting (CVE-2005-3619). |
|
507 |
CVE-2006-2451 |
399 |
|
DoS +Priv |
2006-07-07 |
2018-10-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions. |
|
508 |
CVE-2006-2450 |
|
|
Bypass |
2006-07-18 |
2022-05-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369. |
|
509 |
CVE-2006-2389 |
94 |
|
Exec Code Mem. Corr. |
2006-07-11 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316. |
|
510 |
CVE-2006-2388 |
94 |
|
Exec Code |
2006-07-13 |
2018-10-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process. |
|
511 |
CVE-2006-2372 |
119 |
|
Exec Code Overflow |
2006-07-11 |
2018-10-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP response. |
|
512 |
CVE-2006-2194 |
|
|
+Priv |
2006-07-05 |
2020-02-24 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges. |
|
513 |
CVE-2006-1316 |
94 |
|
Exec Code Mem. Corr. |
2006-07-11 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, aka "Microsoft Office Parsing Vulnerability," a different vulnerability than CVE-2006-2389. |
|
514 |
CVE-2006-1315 |
|
|
+Info |
2006-07-11 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability." |
|
515 |
CVE-2006-1314 |
|
|
Exec Code Overflow Mem. Corr. Bypass |
2006-07-11 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. |
|
516 |
CVE-2006-1309 |
94 |
|
Exec Code Mem. Corr. |
2006-07-13 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption. |
|
517 |
CVE-2006-1308 |
94 |
|
Exec Code |
2006-07-13 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value. |
|
518 |
CVE-2006-1306 |
94 |
|
Exec Code |
2006-07-13 |
2018-10-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability." |
|
519 |
CVE-2006-1304 |
94 |
|
Exec Code Overflow |
2006-07-13 |
2018-10-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation." |
|
520 |
CVE-2006-1302 |
119 |
|
Exec Code Overflow Mem. Corr. |
2006-07-13 |
2018-10-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability." |
|
521 |
CVE-2006-1301 |
94 |
|
Exec Code Mem. Corr. |
2006-07-13 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302. |
|
522 |
CVE-2006-1300 |
|
|
Bypass |
2006-07-11 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to bypass access restrictions via unspecified "URL paths" that can access Application Folder objects "explicitly by name." |
|
523 |
CVE-2006-1178 |
|
|
DoS |
2006-07-29 |
2017-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Tamarack MMSd before 7.992 allows remote attackers to cause a denial of service (crash) via malformed RFC1006 (OSI over TCP/IP) packets. |
|
524 |
CVE-2006-1176 |
|
|
Exec Code Overflow |
2006-07-08 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document. |
|
525 |
CVE-2006-0818 |
|
|
Dir. Trav. |
2006-07-21 |
2018-10-18 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (2) VisNetic MailServer before 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Windows or UNC pathname in the lang_settings parameter to mail/index.html, which is not properly sanitized by the validatefolder PHP function, possibly due to an incomplete fix for CVE-2005-4558. |
|
526 |
CVE-2006-0817 |
|
|
Dir. Trav. |
2006-07-21 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Absolute path directory traversal vulnerability in (a) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (b) VisNetic MailServer before 8.5.0.5 allows remote attackers to include arbitrary files via a full Windows path and drive letter in the (1) language parameter in accounts/inc/include.php and (2) lang_settings parameter in admin/inc/include.php, which is not properly sanitized by the securepath function, a related issue to CVE-2005-4556. |
|
527 |
CVE-2006-0033 |
|
|
Exec Code Mem. Corr. |
2006-07-11 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed. |
|
528 |
CVE-2006-0026 |
|
|
Exec Code Overflow |
2006-07-11 |
2020-11-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP). |
|
529 |
CVE-2006-0007 |
119 |
|
Exec Code Overflow Mem. Corr. |
2006-07-11 |
2018-10-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted GIF image that triggers memory corruption when it is parsed. |
