265401
|
- |
|
apple
|
mac_os_x
|
The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly clean the environment when executing commands, which allows local users to gain privileges via unsp…
|
NVD-CWE-Other
|
CVE-2006-4411
|
2011-03-8 11:40 |
2006-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265402
|
- |
|
apple
|
remote_desktop
|
Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allows local users on an Apple Remote Desktop administration system to modify the packages and gain root…
|
NVD-CWE-Other
|
CVE-2006-4413
|
2011-03-8 11:40 |
2006-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265403
|
- |
|
doctor_web_ltd
|
dr.web
|
Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header tha…
|
NVD-CWE-Other
|
CVE-2006-4438
|
2011-03-8 11:40 |
2006-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265404
|
- |
|
ay_system_solutions
|
ay_system_solutions_cms
|
Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter t…
|
NVD-CWE-Other
|
CVE-2006-4441
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265405
|
- |
|
clemens_wacha
|
php_iaddressbook
|
Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to inject arbitrary web script or HTML via the cat_name parameter, related to adding a category. (cate…
|
NVD-CWE-Other
|
CVE-2006-4442
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265406
|
- |
|
x.org
|
emu-linux-x87-xlibs x11r6 x11r7 xdm xf86dga xinit xload xorg-server xterm
|
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow…
|
NVD-CWE-Other
|
CVE-2006-4447
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265407
|
- |
|
cj_design
|
cj_tag_board
|
Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the (1) User-Agent HTTP header in tag.php, which is executed by all.php, and (…
|
NVD-CWE-Other
|
CVE-2006-4451
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265408
|
- |
|
phpecard
|
phpecard
|
PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. NOTE: the provenance…
|
NVD-CWE-Other
|
CVE-2006-4457
|
2011-03-8 11:40 |
2006-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265409
|
- |
|
sybase
|
financial_fusion_consumer_banking_solution
|
Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors.
|
NVD-CWE-Other
|
CVE-2006-3667
|
2011-03-8 11:39 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265410
|
- |
|
hyper_estraier
|
hyper_estraier
|
Cross-site request forgery (CSRF) vulnerability in the communicate function in estmaster.c for Hyper Estraier before 1.3.3 allows remote attackers to perform unauthorized actions as other users via u…
|
NVD-CWE-Other
|
CVE-2006-3671
|
2011-03-8 11:39 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|