| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
501 |
CVE-2006-6988 |
|
|
|
2007-02-09 |
2011-03-08 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
Cross-domain vulnerability in Slim Browser 4.07 build 100 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280. |
|
502 |
CVE-2006-6987 |
|
|
|
2007-02-09 |
2011-03-08 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
Cross-domain vulnerability in FineBrowser Freeware 3.2.2 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280. |
|
503 |
CVE-2006-6986 |
|
|
|
2007-02-09 |
2011-03-08 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
Cross-domain vulnerability in PhaseOut 5.4.4 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280. |
|
504 |
CVE-2006-6985 |
|
|
|
2007-02-09 |
2011-03-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280. |
|
505 |
CVE-2006-6984 |
|
|
|
2007-02-09 |
2011-03-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cross-domain vulnerability in GreenBrowser 3.4.0622 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280. |
|
506 |
CVE-2006-6983 |
|
|
|
2007-02-09 |
2011-03-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cross-domain vulnerability in MYweb4net Browser 3.8.8.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280. |
|
507 |
CVE-2006-6982 |
|
|
|
2007-02-08 |
2017-07-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials. |
|
508 |
CVE-2006-6981 |
|
|
DoS |
2007-02-08 |
2017-07-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows remote attackers to cause a denial of service (blocked account) via unspecified vectors related to NTLM authentication, which causes a password hash to be overwritten. |
|
509 |
CVE-2006-6980 |
|
|
DoS |
2007-02-08 |
2008-11-13 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
The magnatune.com album browser in Amarok allows attackers to cause a denial of service (application crash) via unspecified vectors. |
|
510 |
CVE-2006-6979 |
20 |
|
Exec Code |
2007-02-08 |
2011-06-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain contexts, probably including construction of an unzip command line, which allows attackers to execute arbitrary commands via shell metacharacters. |
|
511 |
CVE-2006-6978 |
79 |
|
XSS |
2007-02-08 |
2018-10-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag. |
|
512 |
CVE-2006-6977 |
79 |
|
XSS |
2007-02-08 |
2018-10-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag. |
|
513 |
CVE-2006-6976 |
94 |
|
Exec Code File Inclusion |
2007-02-08 |
2017-10-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.2 and earlier allows remote attackers to execute arbitrary code via a URL in the absolute_path parameter. |
|
514 |
CVE-2006-6975 |
94 |
|
Exec Code File Inclusion |
2007-02-08 |
2008-09-05 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been disputed by CVE and multiple third parties, who state that $class_pwd is set to a static value before the relevant include statement. |
|
515 |
CVE-2006-6974 |
|
|
+Info |
2007-02-07 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) list files in the includes/ directory; obtain the SQL username and password via a direct request for (2) config.php and (3) config.php.bak in includes/; read files in (4) email/, (5) admin/graphs/, (6) includes/javascript/, and (7) certain other includes/ directories via direct requests; and download SQL database data via direct requests for (8) data.sql, (9) install.sql, (10) settings.sql, and possibly other files in install/v2data/. |
|
516 |
CVE-2006-6973 |
|
|
|
2007-02-07 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Headstart Solutions DeskPRO does not require authentication for certain files and directories associated with administrative activities, which allows remote attackers to (1) reinstall the application via a direct request for install/index.php; (2) delete the database via a do=delete_database QUERY_STRING to a renamed copy of install/index.php; or access the administration system, after guessing a filename, via a direct request for a file in (3) admin/ or (4) tech/. |
|
517 |
CVE-2006-6972 |
|
|
Exec Code Sql |
2007-02-07 |
2017-07-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable. |
|
518 |
CVE-2006-6971 |
20 |
|
Bypass |
2007-02-07 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter. |
|
519 |
CVE-2006-6970 |
264 |
|
Bypass |
2007-02-07 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Opera 9.10 Final allows remote attackers to bypass the Fraud Protection mechanism by adding certain characters to the end of a domain name, as demonstrated by the "." and "/" characters, which is not caught by the blacklist filter. |
|
520 |
CVE-2006-6969 |
|
|
Bypass CSRF |
2007-02-07 |
2018-10-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 before 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote attackers to guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks. |
|
521 |
CVE-2006-6968 |
|
|
XSS |
2007-02-06 |
2011-03-08 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum before 5.1.19 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
522 |
CVE-2006-6966 |
|
|
Exec Code |
2007-02-04 |
2017-07-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures[] parameter to index.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpGraphy. |
|
523 |
CVE-2006-6490 |
|
|
Exec Code Overflow |
2007-02-22 |
2018-10-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message. |
|
524 |
CVE-2006-5877 |
|
|
DoS |
2007-02-23 |
2008-11-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The enigmail extension before 0.94.2 does not properly handle large, encrypted file e-mail attachments, which allows remote attackers to cause a denial of service (crash), as demonstrated with Mozilla Thunderbird. |
|
525 |
CVE-2006-5860 |
79 |
|
XSS |
2007-02-14 |
2017-07-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |
|
526 |
CVE-2006-5859 |
79 |
|
XSS |
2007-02-14 |
2011-03-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote attackers to inject arbitrary HTML and web script via unknown vectors, possibly related to Linkdirect.cfm, Topnav.cfm, and Welcomedoc.cfm. |
|
527 |
CVE-2006-5276 |
|
|
Exec Code Overflow |
2007-02-20 |
2018-10-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. |
|
528 |
CVE-2006-5270 |
|
|
Exec Code Overflow |
2007-02-13 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file. |
|
529 |
CVE-2006-4697 |
|
|
Exec Code |
2007-02-13 |
2021-07-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193. |
|
530 |
CVE-2006-3448 |
119 |
|
Exec Code Overflow |
2007-02-13 |
2018-10-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, cbl, or .cbm), a different issue than CVE-2005-1212. |
|
531 |
CVE-2006-2220 |
20 |
|
+Info |
2007-02-08 |
2017-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the resulting error message. |
|
532 |
CVE-2006-2219 |
20 |
|
+Info |
2007-02-08 |
2017-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
phpBB 2.0.20 does not verify user-specified input variable types before being passed to type-dependent functions, which allows remote attackers to obtain sensitive information, as demonstrated by the (1) mode parameter to memberlist.php and the (2) highlight parameter to viewtopic.php that are used as an argument to the htmlspecialchars or urlencode functions, which displays the installation path in the resulting error message. |
|
533 |
CVE-2006-1311 |
|
|
Exec Code Mem. Corr. |
2007-02-13 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption. |
|
534 |
CVE-2006-1167 |
|
|
+Info |
2007-02-06 |
2008-09-05 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information. |
