Preemptive Protection against OpenLDAP BIND Denial of Service Vulnerability

A denial of service vulnerability exists in OpenLDAP. OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol LDAP. The vulnerability could be exploited by remote attackers to crash the service or execute arbitrary code via a specially crafted LDAP request ...

CVE-2006-5972

Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter USB allows remote attackers to execute arbitrary code via a long 802.11 beacon request...

CVE-2006-5836

The fpathconf syscall function in bsd/kern/kerndescrip.c in the Darwin kernel XNU 8.8.1 in Apple Mac OS X allows local users to cause a denial of service kernel panic and possibly execute arbitrary code via a file descriptor with an unrecognized file type...

CVE-2006-5747

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function...

CVE-2006-5790

Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 an entry with an attachment whose name contains format string specifiers elsubmit function, and possibly other vectors in...

CVE-2006-4809

Stack-based buffer overflow in loaderpnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PNM image...

CVE-2006-5734

The CVE-2006-5734 entry describes multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2, exploitable via untrusted URLs passed to specific parameters (1) section in documentation/common/frame_toc.php and documentation/common/search.php; (2) req_lang in documentation/common/search.p...

CVE-2006-5647

Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk...

CVE-2006-5634

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 Beta allow remote attackers to execute arbitrary PHP code via a URL in the 1 reqpath parameter to a body.inc.php and b bodyblog.inc.php in users/include/; or the 2 usrinc parameter in users/include/uploadht.inc.php...

CVE-2006-5627

CVE-2006-5627 affects QnECMS up to version 2.5.6, where multiple PHP remote file inclusion vulnerabilities exist. An attacker can supply a URL via the adminfolderpath parameter to files under admin/include/ (headerscripts.php, footerhome.php, footermain.php) and templates/ (headerscripts.php, foo...

CVE-2006-5616

Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors...

CVE-2006-5587

Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier Mdweb132-postgres allow remote attackers to execute arbitrary PHP code via a URL in the cheminappli parameter in 1 admin/inc/organisations/formorg.inc.php and 2 admin/inc/organisations/countryinsert.php...

CVE-2006-5521

PHP remote file inclusion vulnerability in DNS/RR.php in NetDNS 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdnsbasedir parameter...

GLSA-200610-09 : libmusicbrainz: Multiple buffer overflows

The remote host is affected by the vulnerability described in GLSA-200610-09 libmusicbrainz: Multiple buffer overflows Luigi Auriemma reported a possible buffer overflow in the MBHttp::Download function of lib/http.cpp as well as several possible buffer overflows in lib/rdfparse.c. Impact : A...

CVE-2006-5385

PHP remote file inclusion vulnerability in admin/adminspam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-5392

OpenDock FullCore 4.4 and earlier are affected by multiple PHP remote file inclusion vulnerabilities. An attacker can cause arbitrary PHP code execution by supplying a URL in the doc_directory parameter across numerous scripts (sw/index_sw.php; sw/lib_cart/; sw/lib_comment/ ; sw/lib_find/find.php...

CVE-2006-4811

Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted pixmap image...

Microsoft Class Package Export Tool 5.0.2752 - 'Clspack.exe' Local Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/20561/info Microsoft Class Package Export Tool 'clspack.exe' is prone to a local buffer-overflow vulnerability because the application fails to properly size attacker-supplied data before copying it into an insuficiently sized memory buffer. Exploiting th...

Debian DSA-929-1 : petris - buffer overflow

Steve Kemp from the Debian Security Audit project discovered a buffer overflow in petris, a clone of the Tetris game, which may be exploited to execute arbitrary code with group games privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Debian DSA-878-1 : netpbm-free - buffer overflow

A buffer overflow has been identified in the pnmtopng component of the netpbm package, a set of graphics conversion tools. This vulnerability could allow an attacker to execute arbitrary code as a local user by providing a specially crafted PNM file. The old stable distribution woody it not...