CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2006-3638 119 DoS Exec Code Overflow Mem. Corr. 2006-08-08 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability."
402 CVE-2006-3634 DoS 2006-08-04 2011-01-19
4.9
None Local Low Not required None None Complete
The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash).
403 CVE-2006-3632 119 DoS Exec Code Overflow 2006-07-21 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.
404 CVE-2006-3631 399 DoS 2006-07-21 2018-10-18
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
405 CVE-2006-3629 DoS 2006-07-21 2018-10-18
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
406 CVE-2006-3628 134 DoS Exec Code 2006-07-21 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
407 CVE-2006-3627 399 DoS 2006-07-21 2018-10-18
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (aka Ethereal) 0.10.11 to 0.99.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
408 CVE-2006-3606 DoS 2006-07-18 2018-10-30
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library.
409 CVE-2006-3605 DoS 2006-07-18 2017-07-19
5.0
None Remote Low Not required None None Partial
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Transition property on an uninitialized DXImageTransform.Microsoft.RevealTrans.1 ActiveX Object, which triggers a null dereference.
410 CVE-2006-3600 119 DoS Exec Code Overflow 2006-07-18 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate), (2) data, or (3) error strings.
411 CVE-2006-3596 DoS 2006-07-18 2018-10-30
5.0
None Remote Low Not required None None Partial
The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet.
412 CVE-2006-3591 DoS 2006-07-18 2017-07-19
5.0
None Remote Low Not required None None Partial
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the URL property of a TriEditDocument.TriEditDocument object before it has been initialized, which triggers a NULL pointer dereference.
413 CVE-2006-3588 DoS 2006-07-13 2018-10-12
2.6
None Remote High Not required None None Partial
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587.
414 CVE-2006-3575 DoS Overflow 2006-07-13 2018-10-18
2.1
None Local Low Not required None None Partial
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields.
415 CVE-2006-3547 DoS 2006-07-12 2018-10-18
2.6
None Remote High Not required None None Partial
** DISPUTED ** EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed.
416 CVE-2006-3546 DoS 2006-07-12 2018-10-18
5.0
None Remote Low Not required None None Partial
Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this might be the same issue as CVE-2004-2463.
417 CVE-2006-3545 DoS 2006-07-12 2018-10-18
5.0
None Remote Low Not required None None Partial
** DISPUTED ** Microsoft Internet Explorer 7.0 Beta allows remote attackers to cause a denial of service (application crash) via a web page with multiple empty APPLET start tags. NOTE: a third party has disputed this issue, stating that the crash does not occur with Microsoft Internet Explorer 7.0 Beta3.
418 CVE-2006-3540 DoS 2006-07-12 2018-10-18
4.9
None Local Low Not required None None Complete
Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service (system crash) via a certain combination of these function calls with an HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum argument.
419 CVE-2006-3529 DoS 2006-07-11 2017-07-19
5.0
None Remote Low Not required None None Partial
Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed.
420 CVE-2006-3523 DoS 2006-07-11 2017-07-19
5.0
None Remote Low Not required None None Partial
Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate.
421 CVE-2006-3513 DoS 2006-07-11 2017-07-19
5.0
None Remote Low Not required None None Partial
danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference.
422 CVE-2006-3512 DoS 2006-07-11 2017-07-19
5.0
None Remote Low Not required None None Partial
Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference.
423 CVE-2006-3511 DoS 2006-07-11 2017-07-19
5.0
None Remote Low Not required None None Partial
Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference.
424 CVE-2006-3510 DoS 2006-07-11 2017-07-19
2.6
None Remote High Not required None None Partial
The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read.
425 CVE-2006-3509 DoS Exec Code Overflow 2006-09-21 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service (crash) or execute arbitrary code in third-party wireless software that uses the API via crafted frames.
426 CVE-2006-3508 DoS Exec Code Overflow +Priv 2006-09-21 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.
427 CVE-2006-3505 DoS Exec Code 2006-08-02 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated.
428 CVE-2006-3503 DoS Exec Code Overflow 2006-08-02 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image.
429 CVE-2006-3502 DoS Exec Code 2006-08-02 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.
430 CVE-2006-3501 DoS Exec Code Overflow 2006-08-02 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Radiance image.
431 CVE-2006-3497 DoS Exec Code 2006-08-02 2011-04-07
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive.
432 CVE-2006-3496 DoS 2006-08-02 2017-07-19
5.0
None Remote Low Not required None None Partial
AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition.
433 CVE-2006-3493 DoS Exec Code Overflow 2006-07-10 2018-10-30
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type. NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees.
434 CVE-2006-3492 DoS 2006-07-10 2018-10-18
5.0
None Remote Low Not required None None Partial
The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO (Mico Is CORBA) 2.3.12 and earlier allows remote attackers to cause a denial of service (application crash) via a message with an incorrect "object key", which triggers an assert error.
435 CVE-2006-3486 189 DoS Overflow 2006-07-10 2017-07-19
2.1
None Local Low Not required None None Partial
** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
436 CVE-2006-3477 DoS 2006-07-10 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service (server crash) via unspecified vectors involving opening an empty inbox.
437 CVE-2006-3472 DoS 2006-07-10 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
438 CVE-2006-3471 DoS 2006-07-10 2017-07-19
5.0
None Remote Low Not required None None Partial
Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) via a table with a frameset as a child, which triggers a null dereference, as demonstrated using the appendChild method.
439 CVE-2006-3469 134 DoS 2006-07-21 2017-10-10
4.0
None Remote Low Single system None None Partial
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
440 CVE-2006-3468 DoS 2006-07-21 2018-10-30
7.8
None Remote Low Not required None None Complete
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.
441 CVE-2006-3467 189 DoS Exec Code Overflow 2006-07-21 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
442 CVE-2006-3465 DoS Exec Code 2006-08-02 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.
443 CVE-2006-3463 119 DoS Overflow 2006-08-02 2017-10-10
7.8
None Remote Low Not required None None Complete
The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.
444 CVE-2006-3460 119 DoS Exec Code Overflow 2006-08-02 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).
445 CVE-2006-3459 119 DoS Exec Code Overflow 2006-08-02 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
446 CVE-2006-3427 DoS 2006-07-06 2017-07-19
5.0
None Remote Low Not required None None Partial
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference.
447 CVE-2006-3408 DoS 2006-07-06 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote attackers to cause an unspecified denial of service via unknown vectors.
448 CVE-2006-3404 DoS Exec Code Overflow 2006-07-06 2018-10-18
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
449 CVE-2006-3403 DoS 2006-07-12 2018-10-18
5.0
None Remote Low Not required None None Partial
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.
450 CVE-2006-3401 119 DoS Exec Code Overflow 2006-07-06 2017-10-18
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values.
Total number of vulnerabilities : 893   Page : 1 2 3 4 5 6 7 8 9 (This Page)10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.