CVE-2006-2424

PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManagerPath parameter to ezusermanagerpwdforgott.php, possibly due to an issue in ezusermanagercore.inc.php...

Stack overflow

Stack-based buffer overflow in the ServerNetworking::incomingclientdata function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a datafilerequest command with a long 1 type or 2 name...

Integer overflow

Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie .MOV...

Buffer overflow

Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file...

Remote file inclusion

DISPUTED PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under t...

CVE-2006-2315

PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web ro...

Remote file inclusion

PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter...

CVE-2006-2289

Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors...

Format string

Format string vulnerability in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via unspecified vectors that are not properly handled in a syslog function call...

Buffer overflow

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

Remote file inclusion

PHP remote file inclusion vulnerability in 1 about.php or 2 auth.php in TotalCalendar allows remote attackers to execute arbitrary PHP code via a URL in the incdir parameter...

CVE-2006-1529

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the...

CVE-2006-1531

Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the...

CVE-2006-0749

nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors involving a "particular sequence...

CVE-2006-1734

Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function...

CVE-2006-1767

Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the themepath parameter in 1 index.php, 2 becomeeditor.php, 3 add.php, 4 badlink.php, 5 browse.php, 6 detail.php, 7 fav.php, 8 getrated.php,...

CVE-2006-0003

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects ADO and distributed in Microsoft Data Access Components MDAC 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors...

CVE-2006-1188

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption...

Fedora Core 5 : sendmail-8.13.6-0.FC5.1 (2006-193)

Fixes CVE-2006-0058 : A flaw in the handling of asynchronous signals. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...

Integer overflow

Integer overflow in the cliscanpe function in the PE header parser libclamav/pe.c in Clam AntiVirus ClamAV before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code...