270241
|
- |
|
suse
|
suse_linux
|
ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other use…
|
NVD-CWE-Other
|
CVE-2006-0646
|
2008-09-6 05:59 |
2006-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270242
|
- |
|
pwsphp
|
pwsphp
|
SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in message.php in the espace_membre module. NOTE: th…
|
NVD-CWE-Other
|
CVE-2006-0668
|
2008-09-6 05:59 |
2006-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270243
|
- |
|
gentoo
|
app-crypt_pinentry linux
|
The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
|
NVD-CWE-Other
|
CVE-2006-0071
|
2008-09-6 05:58 |
2006-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270244
|
- |
|
sco
|
openserver
|
Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-200…
|
NVD-CWE-Other
|
CVE-2006-0072
|
2008-09-6 05:58 |
2006-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270245
|
- |
|
discusware
|
discus_freeware discus_professional
|
Cross-site scripting (XSS) vulnerability in DiscusWare Discus Freeware 3.10.5 and Professional 3.10.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a URL, …
|
NVD-CWE-Other
|
CVE-2006-0073
|
2008-09-6 05:58 |
2006-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270246
|
- |
|
openbsd
|
openbsd
|
The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/.
|
NVD-CWE-Other
|
CVE-2006-0098
|
2008-09-6 05:58 |
2006-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270247
|
- |
|
enhanced_simple_php_gallery
|
enhanced_simple_php_gallery
|
Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the full path of the application via a direct request to sp_helper_functions.php, which leaks the pathname in an error message.
|
NVD-CWE-Other
|
CVE-2006-0113
|
2008-09-6 05:58 |
2006-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270248
|
- |
|
rockliffe
|
mailsite
|
Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier allows remote attackers to attempt authentication with an unlimited number of user account names …
|
NVD-CWE-Other
|
CVE-2006-0130
|
2008-09-6 05:58 |
2006-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270249
|
- |
|
amsn
|
amsn
|
aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the defaul…
|
NVD-CWE-Other
|
CVE-2006-0138
|
2008-09-6 05:58 |
2006-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270250
|
- |
|
simpbook
|
simpbook
|
Cross-site scripting (XSS) vulnerability in SimpBook 1.0, with html_enable on (the default), allows remote attackers to inject arbitrary web script or HTML via the message field.
|
NVD-CWE-Other
|
CVE-2006-0149
|
2008-09-6 05:58 |
2006-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|