CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2006

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
601 CVE-2006-6293 119 Exec Code Overflow 2006-12-05 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. NOTE: this issue has at least a partial overlap with CVE-2006-6294.
602 CVE-2006-6292 DoS 2006-12-05 2017-07-28
5.7
None Local Network Medium Not required None None Complete
Apple Airport Extreme firmware 0.1.27 in Mac OS X 10.4.8 on Mac mini, MacBook, and MacBook Pro with Core Duo hardware allows remote attackers to cause a denial of service (out-of-bounds memory access and kernel panic) and have possibly other security-related impact via certain beacon frames.
603 CVE-2006-6291 119 DoS Overflow 2006-12-05 2019-10-03
6.8
None Remote Low Single system None None Complete
Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix.
604 CVE-2006-6290 DoS Exec Code Overflow 2006-12-05 2018-10-17
6.5
User Remote Low Single system Partial Partial Partial
Multiple stack-based buffer overflows in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.82 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.30 and 2.0 through 2.33 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) EXAMINE or (2) SELECT command.
605 CVE-2006-6289 Exec Code 2006-12-05 2018-10-17
6.8
User Remote Medium Not required Partial Partial Partial
Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the wbb_userid parameter to the top-level URI. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in wBB Lite.
606 CVE-2006-6288 119 Exec Code Overflow 2006-12-04 2018-10-17
4.6
None Local Low Not required Partial Partial Partial
Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c.
607 CVE-2006-6287 Exec Code Overflow 2006-12-04 2017-10-18
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in AtomixMP3 2.3 and earlier allows remote attackers to execute arbitrary code via a long pathname in an M3U file.
608 CVE-2006-6286 +Info 2006-12-04 2017-07-28
1.7
None Local Low Single system Partial None None
Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
609 CVE-2006-6285 Exec Code File Inclusion 2006-12-04 2017-10-18
7.5
User Remote Low Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the externalConfig parameter. NOTE: CVE and other third parties dispute this vulnerability because $externalConfig is defined before use.
610 CVE-2006-6284 Dir. Trav. 2006-12-04 2018-10-17
9.0
Admin Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 allows remote authenticated administrators to include arbitrary files via a .. (dot dot) sequence in the act parameter.
611 CVE-2006-6283 XSS 2006-12-04 2018-10-17
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1.2 allow remote attackers to inject arbitrary web script or HTML via the subject field of (1) a private message (PM) or (2) a bulletin board post.
612 CVE-2006-6282 2006-12-04 2018-10-17
9.3
Admin Remote Medium Not required Complete Complete Complete
members.php in Vikingboard 0.1.2 allows remote attackers to trigger a forced SQL error via an invalid s parameter, a different vector than CVE-2006-4709. NOTE: might only be an exposure if display_errors is enabled, but due to lack of details, even this is not clear.
613 CVE-2006-6281 Exec Code File Inclusion 2006-12-04 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in check_status.php in dicshunary 0.1 alpha allows remote attackers to execute arbitrary PHP code via a URL in the dicshunary_root_path parameter.
614 CVE-2006-6280 Exec Code Sql 2006-12-04 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572.
615 CVE-2006-6279 +Info 2006-12-04 2018-10-17
5.0
None Remote Low Not required Partial None None
index.php in @lex Guestbook 4.0.1 allows remote attackers to obtain sensitive information via a skin parameter referencing a nonexistent skin, which reveals the installation path in an error message.
616 CVE-2006-6278 XSS 2006-12-04 2018-10-17
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in index.php in @lex Guestbook 4.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter.
617 CVE-2006-6277 Dir. Trav. 2006-12-04 2018-10-17
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in admin/FileServer.php in ContentServ 4.x allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter, a different vector than CVE-2005-3086.
618 CVE-2006-6276 XSS Bypass 2006-12-04 2017-07-28
6.8
None Remote Medium Not required Partial Partial Partial
HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.
619 CVE-2006-6275 362 DoS 2006-12-04 2018-10-30
4.7
None Local Medium Not required None None Complete
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
620 CVE-2006-6274 Exec Code Sql XSS 2006-12-04 2018-10-17
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in articles.asp in Expinion.net iNews (1) Publisher (iNP) 2.5 and earlier, and possibly (2) News Manager, allows remote attackers to execute arbitrary SQL commands via the ex parameter. NOTE: early reports of this issue reported it as XSS, but this was erroneous. The original report was for News Manager, but there is strong evidence that the correct product is Publisher.
621 CVE-2006-6273 +Info 2006-12-04 2018-10-17
7.5
None Remote Low Not required Partial Partial Partial
sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message.
622 CVE-2006-6272 XSS 2006-12-04 2018-10-17
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
623 CVE-2006-6271 XSS 2006-12-04 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL 0.96 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) index.php, (2) info.php; and (3) index.php, (4) votanti.php, (5) risultati_config.php, (6) modifica_band.php, (7) band_editor.php, and (8) config_editor.php in admin/.
624 CVE-2006-6270 Exec Code Sql 2006-12-04 2018-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple SQL injection vulnerabilities in ASPMForum allow remote attackers to execute arbitrary SQL commands via (1) the soruid parameter in forum2.asp, (2) the ak parameter in kullanicilistesi.asp, (3) the kelimeler parameter in aramayap.asp, and (4) the kullaniciadi parameter in giris.asp; and allow remote authenticated users to execute arbitrary SQL commands via (5) the mesajno parameter in mesajkutum.asp. NOTE: the harf parameter in kullanicilistesi.asp and the baslik parameter in forum.asp are already covered by CVE-2005-4141.
625 CVE-2006-6269 Exec Code Sql 2006-12-04 2018-10-17
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in rating.asp, (2) the mealid parameter in meal_rest.asp, and (3) the resid parameter in res_details.asp.
626 CVE-2006-6268 Exec Code Sql 2006-12-04 2018-10-17
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in system/core/profile/profile.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote authenticated users to execute arbitrary SQL commands via a url-encoded id parameter to users.php that begins with a valid filename, as demonstrated by "default.gif" followed by a double-encoded NULL and ' (apostrophe) (%2500%2527).
627 CVE-2006-6267 +Info 2006-12-04 2018-10-17
7.8
None Remote Low Not required Complete None None
PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive information via a non-numeric value of the stop parameter, which reveals the path in an error message.
628 CVE-2006-6266 2006-12-04 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests (aka ping tests) in response to packets from non-Teredo source addresses, which might allow remote attackers to induce Teredo clients to send packets to third parties.
629 CVE-2006-6265 2006-12-04 2018-10-17
5.8
None Local Network Low Not required Partial Partial Partial
Teredo clients, when located behind a restricted NAT, allow remote attackers to establish an inbound connection without the guessing required to find a port mapping for a traditional restricted NAT client, by (1) using the client port number contained in the Teredo address or (2) following the bubble-to-open procedure.
630 CVE-2006-6264 Bypass 2006-12-04 2018-10-17
7.5
None Remote Low Not required Partial Partial Partial
Teredo creates trusted peer entries for arbitrary incoming source Teredo addresses, even if the low 32 bits represent an intranet address, which might allow remote attackers to send IPv4 traffic to intranet hosts that use non-RFC1918 addresses, bypassing IPv4 ingress filtering.
631 CVE-2006-6263 Bypass 2006-12-04 2018-10-17
6.8
User Remote Medium Not required Partial Partial Partial
Teredo clients, when source routing is enabled, recognize a Routing header in an encapsulated IPv6 packet and send the packet to the next hop, which might allow remote attackers to bypass policies of certain Internet gateways that drop all source-routed packets.
632 CVE-2006-6262 Dir. Trav. 2006-12-04 2018-10-17
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in mboard.php in PHPJunkYard (aka Klemen Stirn) MBoard 1.22 and earlier allows remote attackers to create arbitrary empty files via a .. (dot dot) in the orig_id parameter.
633 CVE-2006-6261 DoS Exec Code Overflow 2006-12-04 2017-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.
634 CVE-2006-6260 Exec Code Sql 2006-12-04 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in login.asp in Redbinaria Sistema Integrado de Administracion de Portales (SIAP) allows remote attackers to execute arbitrary SQL commands via the username parameter.
635 CVE-2006-6259 Dir. Trav. 2006-12-04 2018-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the "create name" field and (2) read arbitrary files via a .. (dot dot) in the "web root" field when configuring a subdomain.
636 CVE-2006-6258 XSS 2006-12-04 2018-10-17
9.3
Admin Remote Medium Not required Complete Complete Complete
The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.
637 CVE-2006-6257 +Info 2006-12-04 2018-10-17
6.8
User Remote Medium Not required Partial Partial Partial
The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.
638 CVE-2006-6256 XSS 2006-12-04 2018-10-17
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name.
639 CVE-2006-6255 Exec Code 2006-12-04 2017-10-18
7.5
User Remote Low Not required Partial Partial Partial
Direct static code injection vulnerability in util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension in the filename parameter and code in the moreinfo parameter, which is saved to a filename under descriptions/, which is accessible via a direct request.
640 CVE-2006-6254 Dir. Trav. 2006-12-04 2018-10-17
4.3
None Remote Medium Not required Partial None None
administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
641 CVE-2006-6253 +Info 2006-12-04 2018-10-17
5.0
None Remote Low Not required Partial None None
Cahier de texte 2.0 stores sensitive information under the web root, possibly with insufficient access control, which might allow remote attackers to obtain all users' passwords via a direct request for administration/dump.sql.
642 CVE-2006-6252 DoS 2006-12-04 2018-10-17
4.3
None Remote Medium Not required None None Partial
Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of ":D" sequences, which are interpreted as emoticons.
643 CVE-2006-6251 Exec Code Overflow 2006-12-04 2017-10-18
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
644 CVE-2006-6250 DoS 2006-12-04 2017-10-18
7.8
None Remote Low Not required None None Complete
Format string vulnerability in Songbird Media Player 0.2 and earlier allows remote attackers to cause a denial of service (crash) via an M3U Playlist file containing extended ASCII, which causes the Unicode converter to be invoked.
645 CVE-2006-6249 XSS 2006-12-04 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in Chama Cargo 4.36 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
646 CVE-2006-6248 +Info 2006-12-04 2018-10-17
7.8
None Remote Low Not required Complete None None
index.php in GPhotos 1.5 allows remote attackers to obtain sensitive information via an invalid rep parameter, which reveals the full path in an error message.
647 CVE-2006-6247 Exec Code Sql 2006-12-04 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp.
648 CVE-2006-6246 2006-12-04 2017-07-28
7.5
User Remote Low Not required Partial Partial Partial
Photo Organizer 2.32b and earlier does not properly check the ownership of certain objects, which allows remote attackers to gain unauthorized access via vectors related to (1) camera del, (2) camera edit, (3) folder/album deletion, (4) photo.move, (5) content.indexer, (6) folder.content, and possibly other operations.
649 CVE-2006-6245 Exec Code Sql 2006-12-04 2017-07-28
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Photo Organizer (PO) 2.32b and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
650 CVE-2006-6244 Exec Code 2006-12-04 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).
Total number of vulnerabilities : 738   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 (This Page)14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.