CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2951 CVE-2007-0895 2007-02-12 2018-10-30
2.6
None Local High Not required None Partial Partial
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.
2952 CVE-2007-0859 +Info 2007-02-15 2018-10-16
2.1
None Local Low Not required Partial None None
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
2953 CVE-2007-0805 +Info 2007-02-07 2018-10-16
2.1
None Local Low Not required Partial None None
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.
2954 CVE-2007-0751 DoS 2007-05-24 2017-07-28
2.1
None Local Low Not required None None Partial
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.
2955 CVE-2007-0710 399 DoS 2007-02-16 2008-09-05
2.1
None Local Low Not required None None Partial
The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614.
2956 CVE-2007-0685 DoS Overflow 2007-02-02 2017-07-28
2.6
None Remote High Not required None None Partial
Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and PocketPC allows attackers to cause a denial of service (application crash and device instability) via unspecified vectors, possibly related to a buffer overflow.
2957 CVE-2007-0636 2007-01-31 2008-11-15
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in inotify before 0.3.5 has unknown impact and attack vectors, related to "access rights to watched files."
2958 CVE-2007-0537 79 XSS Bypass 2007-01-29 2018-10-16
2.6
None Remote High Not required None Partial None
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478.
2959 CVE-2007-0524 20 DoS 2007-01-25 2018-10-16
2.9
None Local Network Medium Not required None None Partial
The LG Chocolate KG800 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push.
2960 CVE-2007-0296 2007-01-16 2017-07-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13, 8.47.11, and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE02.
2961 CVE-2007-0286 2007-01-16 2017-07-28
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Suite 10.1.2, has unknown impact and attack vectors related to Containers for J2EE, aka OC4J07.
2962 CVE-2007-0010 DoS 2007-01-24 2017-10-10
2.1
None Local Low Not required None None Partial
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
2963 CVE-2006-7254 19 DoS 2019-04-10 2019-04-10
2.1
None Local Low Not required None None Partial
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
2964 CVE-2006-7215 2007-07-03 2008-09-05
2.1
None Local Low Not required None None Partial
The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set the memory page Access (A) bit for a page in certain circumstances involving proximity of the code segment limit to the end of a code page, which has unknown impact and attack vectors on certain operating systems other than OpenBSD, aka AI90.
2965 CVE-2006-7204 2007-05-22 2008-09-05
2.1
None Local Low Not required Partial None None
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
2966 CVE-2006-7139 20 DoS 2007-03-07 2018-10-16
2.6
None Remote High Not required None None Partial
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to cause a denial of service (crash) via an HTML e-mail with certain table and frameset tags that trigger a segmentation fault, possibly involving invalid free or delete operations.
2967 CVE-2006-7129 Bypass 2007-03-05 2018-10-16
2.1
None Local Low Not required None Partial None
ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files.
2968 CVE-2006-6980 DoS 2007-02-08 2008-11-13
2.6
None Remote High Not required None None Partial
The magnatune.com album browser in Amarok allows attackers to cause a denial of service (application crash) via unspecified vectors.
2969 CVE-2006-6953 200 +Info 2007-01-29 2018-10-16
2.1
None Local Low Not required Partial None None
The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key as it is pressed, which allows local users to capture arbitrary keystrokes, such as for passwords, by shoulder surfing or grabbing periodic screenshots.
2970 CVE-2006-6921 DoS 2007-01-12 2017-10-10
2.1
None Local Low Not required None None Partial
Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died.
2971 CVE-2006-6895 2006-12-31 2018-10-17
2.9
None Local Network Medium Not required Partial None None
The Bluetooth stack in the Sony Ericsson T60 does not properly implement "Limited discoverable" mode, which allows remote attackers to obtain unauthorized inquiry responses.
2972 CVE-2006-6744 2006-12-26 2008-09-05
2.1
None Local Low Not required Partial None None
phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts.
2973 CVE-2006-6677 DoS 2006-12-20 2018-10-17
2.6
None Remote High Not required None None Partial
ESET NOD32 Antivirus before 1.1743 allows remote attackers to cause a denial of service (crash) via a crafted .CHM file that triggers a divide-by-zero error.
2974 CVE-2006-6674 310 +Info 2006-12-20 2011-08-25
2.1
None Local Low Not required Partial None None
Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and passwords in plaintext in the HKLM\Software\Ozeki\SMSServer\CurrentVersion\Plugins\httpsmsgate registry key, which allows local users to obtain sensitive information.
2975 CVE-2006-6657 2006-12-19 2008-09-05
2.1
None Local Low Not required Partial None None
The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors.
2976 CVE-2006-6656 +Info 2006-12-19 2008-09-05
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak.
2977 CVE-2006-6607 2006-12-17 2017-07-28
2.7
None Local Network Low Single system Partial None None
The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods.
2978 CVE-2006-6483 XSS 2006-12-12 2018-10-17
2.6
None Remote High Not required None Partial None
Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as demonstrated using "%00script" in a tag.
2979 CVE-2006-6477 2006-12-19 2018-10-17
2.4
None Local High Single system None Partial Partial
FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle (MITM) attack.
2980 CVE-2006-6476 DoS 2006-12-19 2018-10-17
2.4
None Local High Single system Partial None Partial
FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 (all interfaces), opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a denial of service (loss of daemon operation).
2981 CVE-2006-6182 2006-11-30 2008-09-05
2.1
None Local Low Not required Partial None None
The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file.
2982 CVE-2006-6146 DoS Overflow 2006-11-28 2008-09-05
2.6
None Remote High Not required None None Partial
Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle.
2983 CVE-2006-6145 2006-11-28 2017-07-28
2.1
None Local Low Not required Partial None None
CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
2984 CVE-2006-6128 DoS Mem. Corr. 2006-11-26 2017-07-28
2.1
None Local Low Not required None None Partial
The ReiserFS functionality in Linux kernel 2.6.18, and possibly other versions, allows local users to cause a denial of service via a malformed ReiserFS file system that triggers memory corruption when a sync is performed.
2985 CVE-2006-6127 DoS 2006-11-26 2017-07-28
2.1
None Local Low Not required None None Partial
Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.
2986 CVE-2006-6126 DoS Mem. Corr. 2006-11-26 2017-07-28
2.1
None Local Low Not required None None Partial
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
2987 CVE-2006-6123 XSS Bypass 2006-11-26 2017-07-28
2.6
None Remote High Not required None Partial None
Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote attackers to bypass XSS protection and set arbitrary variables via a query string that causes the variable to be defined in global space, with separate _GET, _REQUEST, or other critical parameters, which are unset by the protection scheme and prevent the original variable from being detected.
2988 CVE-2006-6068 Dir. Trav. 2006-11-21 2018-10-17
2.6
None Remote High Not required Partial None None
Directory traversal vulnerability in the cached_album function in functions.php for mAlbum 0.3 and earlier allows remote attackers to list filenames of arbitrary images via a .. (dot dot) in the gal parameter to index.php.
2989 CVE-2006-6013 Overflow 2006-11-21 2018-10-17
2.1
None Local Low Not required Partial None None
Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf->len in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error.
2990 CVE-2006-5956 +Info 2006-11-16 2008-09-05
2.1
None Local Low Not required Partial None None
XLineSoft PHPRunner 3.1 stores the (1) database server name, (2) database names, (3) usernames, and (4) passwords in plaintext in %WINDIR%\PHPRunner.ini, which allows local users to obtain sensitive information by reading the file.
2991 CVE-2006-5851 59 2006-11-09 2017-10-18
2.1
None Local Low Not required None Partial None
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.
2992 CVE-2006-5842 +Info 2006-11-09 2017-07-19
2.1
None Local Low Not required Partial None None
The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information.
2993 CVE-2006-5817 2006-11-08 2008-09-05
2.1
None Local Low Not required None Partial None
prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configuration.
2994 CVE-2006-5806 2006-11-08 2017-07-19
2.1
None Local Low Not required Partial None None
SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving files outside of the vault, which is not cleared after the VPN connection terminates and allows local users to read unencrypted data.
2995 CVE-2006-5800 XSS 2006-11-08 2017-07-19
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in default.asp in xenis.creator CMS allows remote attackers to inject arbitrary web script or HTML via the nav parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
2996 CVE-2006-5793 20 DoS 2006-11-17 2018-10-17
2.6
None Remote High Not required None None Partial
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read.
2997 CVE-2006-5791 XSS 2006-11-07 2017-07-19
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the filename for downloading, which is not quoted in an error message by the send_file_direct function, and (2) the Type or Category values in a New entry, which is not properly handled in an error message by the submit_elog function.
2998 CVE-2006-5738 Exec Code Sql 2006-11-06 2008-09-05
2.1
None Remote High Single system None Partial None
Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
2999 CVE-2006-5724 DoS Overflow 2006-11-03 2017-07-19
2.1
None Local Low Not required None None Partial
Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key.
3000 CVE-2006-5681 +Info 2006-12-19 2008-09-05
2.6
None Remote High Not required Partial None None
QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.
Total number of vulnerabilities : 4508   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 (This Page)61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.