CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2006-3400 DoS Exec Code Overflow 2006-07-06 2017-10-18
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote attackers to cause a denial of service and possibly execute code by sending a long command from the server.
352 CVE-2006-3376 Exec Code Overflow 2006-07-06 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file.
353 CVE-2006-3357 DoS Exec Code Overflow 2006-07-06 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings.
354 CVE-2006-3355 Exec Code Overflow 2006-07-06 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in httpdget.c in mpg123 before 0.59s-rll allows remote attackers to execute arbitrary code via a long URL, which is not properly terminated before being used with the strncpy function. NOTE: This appears to be the result of an incomplete patch for CVE-2004-0982.
355 CVE-2006-3351 DoS Exec Code Overflow 2006-07-05 2018-10-18
5.4
None Remote High Not required None None Complete
Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers.
356 CVE-2006-3350 Exec Code Overflow 2006-07-27 2018-10-18
5.1
User Remote High Not required Partial Partial Partial
Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) ARJ, (2) RAR, or (3) ZIP archive.
357 CVE-2006-3334 DoS Exec Code Overflow 2006-06-30 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name".
358 CVE-2006-3311 Exec Code Overflow 2006-09-12 2018-10-18
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.
359 CVE-2006-3276 Exec Code Overflow 2006-06-28 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes".
360 CVE-2006-3252 Exec Code Overflow 2006-06-27 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN software up to 3.7 allows remote attackers to execute arbitrary code via a long GET request.
361 CVE-2006-3251 119 Exec Code Overflow 2006-06-27 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.
362 CVE-2006-3250 Exec Code Overflow 2006-06-27 2018-10-18
5.1
User Remote High Not required Partial Partial Partial
Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user.
363 CVE-2006-3242 DoS Exec Code Overflow 2006-06-27 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
364 CVE-2006-3228 Exec Code Overflow 2006-06-26 2017-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.
365 CVE-2006-3198 Exec Code Overflow 2006-06-23 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.
366 CVE-2006-3146 119 DoS Overflow 2006-06-22 2018-10-18
5.0
None Remote Low Not required None None Partial
The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23.
367 CVE-2006-3145 DoS Exec Code Overflow 2006-06-22 2017-07-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error.
368 CVE-2006-3134 Exec Code Overflow 2006-06-27 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string.
369 CVE-2006-3124 DoS Exec Code Overflow 2006-08-26 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
370 CVE-2006-3123 DoS Overflow 2006-08-07 2017-07-19
2.1
None Local Low Not required None None Partial
Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by appending data to a file that is larger than 2 Gb.
371 CVE-2006-3117 119 Exec Code Overflow 2006-06-30 2018-10-18
7.6
Admin Remote High Not required Complete Complete Complete
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
372 CVE-2006-3086 119 DoS Exec Code Overflow 2006-06-19 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059.
373 CVE-2006-3082 189 DoS Overflow 2006-06-19 2018-10-18
5.0
None Remote Low Not required None None Partial
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
374 CVE-2006-3074 119 DoS Overflow 2006-06-19 2018-10-18
5.0
None Remote Low Not required None None Partial
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
375 CVE-2006-3067 DoS Overflow 2006-06-19 2017-07-19
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.
376 CVE-2006-3066 DoS Overflow 2006-06-19 2018-10-18
5.0
None Remote Low Not required None None Partial
Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection.
377 CVE-2006-2971 DoS Overflow 2006-06-12 2018-10-18
5.0
None Remote Low Not required None None Partial
Integer overflow in the recv_packet function in 0verkill 0.16 allows remote attackers to cause a denial of service (daemon crash) via a UDP packet with fewer than 12 bytes, which results in a long length value to the crc32 function.
378 CVE-2006-2961 DoS Exec Code Overflow 2006-06-12 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
379 CVE-2006-2935 Exec Code Overflow 2006-07-05 2018-10-30
4.6
User Local Low Not required Partial Partial Partial
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.
380 CVE-2006-2926 DoS Exec Code Overflow 2006-06-09 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.
381 CVE-2006-2923 119 Exec Code Overflow 2006-06-09 2018-10-18
6.4
None Remote Low Not required Partial Partial None
The iax_net_read function in the iaxclient open source library, as used in multiple products including (a) LoudHush 1.3.6, (b) IDE FISK 1.35 and earlier, (c) Kiax 0.8.5 and earlier, (d) DIAX, (e) Ziaxphone, (f) IAX Phone, (g) X-lite, (h) MediaX, (i) Extreme Networks ePhone, and (j) iaxComm before 1.2.0, allows remote attackers to execute arbitrary code via crafted IAX 2 (IAX2) packets with truncated (1) full frames or (2) mini-frames, which are detected in a length check but still processed, leading to buffer overflows related to negative length values.
382 CVE-2006-2910 Exec Code Overflow 2006-07-05 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.
383 CVE-2006-2909 Exec Code Overflow 2006-06-16 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the info tip shell extension (zipinfo.dll) in PicoZip 4.01 allows remote attackers to execute arbitrary code via a long filename in an (1) ACE, (2) RAR, or (3) ZIP archive, which is triggered when the user moves the mouse over the archive.
384 CVE-2006-2898 119 DoS Exec Code Overflow Bypass 2006-06-07 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2 (IAX2) video frames, which bypasses a length check and leads to a buffer overflow involving negative length check. NOTE: the vendor advisory claims that only a DoS is possible, but the original researcher is reliable.
385 CVE-2006-2875 Exec Code Overflow 2006-06-06 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion.
386 CVE-2006-2838 DoS Exec Code Overflow 2006-06-06 2017-07-19
7.6
Admin Remote High Not required Complete Complete Complete
Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host.
387 CVE-2006-2830 DoS Exec Code Overflow 2006-06-05 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface.
388 CVE-2006-2829 Exec Code Overflow 2006-06-05 2017-07-19
6.8
Admin Local Low Single system Complete Complete Complete
Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4.6.1 and TIBCO Runtime Agent (TRA) before 5.4 allows authenticated users to execute arbitrary code via the configuration for tibhawkhma.
389 CVE-2006-2814 Exec Code Overflow 2006-06-05 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact via a large amount of posted data.
390 CVE-2006-2802 DoS Overflow 2006-06-03 2018-10-03
5.0
None Remote Low Not required None None Partial
Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.
391 CVE-2006-2788 119 DoS Exec Code Overflow 2006-06-02 2018-10-03
7.5
User Remote Low Not required Partial Partial Partial
Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.
392 CVE-2006-2781 119 DoS Exec Code Overflow 2006-06-02 2018-10-18
6.4
None Remote Low Not required None Partial Partial
Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.
393 CVE-2006-2780 94 DoS Exec Code Overflow Mem. Corr. 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.
394 CVE-2006-2778 Exec Code Overflow 2006-06-02 2018-10-18
5.0
None Remote Low Not required None Partial None
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
395 CVE-2006-2766 DoS Overflow 2006-06-02 2018-10-18
2.6
None Remote High Not required None None Partial
Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file.
396 CVE-2006-2754 Exec Code Overflow 2006-06-01 2018-10-18
5.0
None Remote Low Not required None Partial None
Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname.
397 CVE-2006-2708 Overflow 2006-05-31 2017-07-19
5.0
None Remote Low Not required Partial None None
Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER messages, which leads to a buffer overflow (probably an over-read).
398 CVE-2006-2656 119 Exec Code Overflow 2006-05-30 2018-10-03
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.
399 CVE-2006-2646 Exec Code Overflow 2006-05-30 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument that begins with a '"' (double quote).
400 CVE-2006-2630 Exec Code Overflow 2006-05-27 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.
Total number of vulnerabilities : 663   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.