Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | | ** DISPUTED ** EMC VMware Player allows user-complicit attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed. | | 1.6 | CVE-2006-3547 BUGTRAQ BUGTRAQ BUGTRAQ
| Adobe -- Acrobat
| Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers to execute arbitrary code via unknown vectors in a document that triggers the overflow when it is distilled to PDF. | | 3.7 | CVE-2006-3453 OTHER-REF FRSIRT SECTRACK SECUNIA XF
| ATutor -- ATutor
| Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) show_courses or (2) current_cat parameters to (a) admin/create_course.php, show_courses parameter to (b) users/create_course.php, (3) p parameter to (c) documentation/admin/, (4) forgot parameter to (d) password_reminder.php, (5) cat parameter to (e) users/browse.php, or the (6) submit parameter to admin/fix_content.php. | | 2.3 | CVE-2006-3484 OTHER-REF BID FRSIRT SECUNIA
| BT -- Voyager 2091 Wireless ADSL Router
| BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via (1) /btvoyager_getconfig.sh, PPP crendentials via (2) btvoyager_getpppcreds.sh, and decode configuration credentials via (3) btvoyager_decoder.c. NOTE: other refined sources have reported that "psiBackupInfo" and "connect.html" files are involved, but these vectors are not evident from the original disclosure. | | 2.3 | CVE-2006-3561 OTHER-REF FRSIRT SECUNIA
| Clearswift -- MIMEsweeper for Web
| Cross-site scripting (XSS) vulnerability in Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in an error message when trying to access a blocked web site. | | 2.3 | CVE-2006-3522 FULLDISC FULLDISC FULLDISC OTHER-REF FRSIRT SECUNIA
| Clearswift -- MIMEsweeper for Web
| Clearswift MIMEsweeper for Web before 5.1.15 Hotfix allows remote attackers to cause a denial of service (crash) via an encrypted archived .RAR file, which triggers a scan error and causes the Web Policy Engine service to terminate. | | 2.3 | CVE-2006-3523 OTHER-REF FRSIRT SECUNIA
| DKScript -- Dragon's Kingdom Script
| Multiple cross-site scripting (XSS) vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the (1) Subject and (2) Message fields in a do=write (aka Send Mail Message) action in gamemail.php; the (3) Gender, (4) Country/Location, (5) MSN Messenger, (6) AOL Instant Messenger, (7) Yahoo Instant Messenger, and (8) ICQ fields in a do=onlinechar (aka Edit your Profile) action in index.php; a javascript URI in the SRC attribute of an IMG element in the (9) Title and (10) Message fields in a do=new (aka Create Thread) action in general.php; and a javascript URI in the SRC attribute of an IMG element in unspecified fields in (11) other Forum posts and (12) Forum replies. | | 2.3 | CVE-2006-3539 BUGTRAQ OTHER-REF OTHER-REF OTHER-REF OTHER-REF OTHER-REF OTHER-REF OTHER-REF FRSIRT SECUNIA
| Drupal -- Drupal
| Cross-site scripting (XSS) vulnerability in the webform module in Drupal 4.6 before July 8, 2006 and 4.7 before July 8, 2006 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 2.3 | CVE-2006-3570 OTHER-REF FRSIRT SECUNIA
| F-Secure -- Internet Security F-Secure -- Anti-Virus F-Secure -- Anti-Virus Client Security F-Secure -- Service Platform for Service Providers
| F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. | | 2.3 | CVE-2006-3489 OTHER-REF FRSIRT SECTRACK SECTRACK
| F-Secure -- Internet Security F-Secure -- Anti-Virus F-Secure -- Anti-Virus Client Security F-Secure -- Service Platform for Service Providers
| F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls. | | 2.3 | CVE-2006-3490 OTHER-REF FRSIRT SECTRACK SECTRACK OSVDB
| F5 -- FirePass 4100
| Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks FirePass 4100 5.x allow remote attackers to inject arbitrary web script or HTML via unspecified "writable form fields and hidden fields," including "authentication frontends." | | 3.7 | CVE-2006-3550 BUGTRAQ OTHER-REF BID FRSIRT SECTRACK
| HiveMail -- HiveMail
| Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the email, (2) cond, or (3) name parameters to (a) addressbook.view.php, (4) the daysprune parameter to (b) index.php, (5) the data[to] parameter to (c) compose.email.php, and (6) the markas parameter to (d) read.markas.php. | | 2.3 | CVE-2006-3564 OTHER-REF SECUNIA
| HiveMail -- HiveMail
| search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters. | | 2.3 | CVE-2006-3566 BLOGSPOT
| Horde -- Horde
| Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https, or (4) ftp URI in the url parameter in services/go.php (aka the dereferrer), (5) a javascript URI in the module parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen). | | 2.3 | CVE-2006-3548 BUGTRAQ OTHER-REF OTHER-REF OTHER-REF BID FRSIRT SECTRACK
| Horde -- Horde Application Framework
| services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server. | | 2.3 | CVE-2006-3549 BUGTRAQ OTHER-REF OTHER-REF OTHER-REF BID FRSIRT SECTRACK
| ImgSvr -- ImgSvr
| Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this might be the same issue as CVE-2004-2463. | | 2.3 | CVE-2006-3546 BUGTRAQ BID
| Juniper -- JUNOS
| Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed. | | 2.3 | CVE-2006-3529 OTHER-REF CERT-VN
| Juniper Networks -- DX
| Cross-site scripting (XSS) vulnerability in the web administration interface logging feature in Juniper Networks (Redline) DX 5.1.x, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the username login field. | | 2.3 | CVE-2006-3567 BUGTRAQ BID FRSIRT SECTRACK SECUNIA XF
| Linux -- Linux kernel
| The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the driver can handle, which causes the data to be queued. | | 2.3 | CVE-2006-2936 OTHER-REF OTHER-REF
| McAfee -- VirusScan
| Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields. | | 1.6 | CVE-2006-3575 BUGTRAQ SECTRACK
| MICO -- MICO
| The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO (Mico Is CORBA) 2.3.12 and earlier allows remote attackers to cause a denial of service (application crash) via a message with an incorrect "object key", which triggers an assert error. | | 2.3 | CVE-2006-3492 BUGTRAQ FRSIRT SECUNIA
| Microsoft -- Office
| Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-complicit attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed. | | 3.7 | CVE-2006-0033 MS BID CERT-VN FRSIRT SECUNIA
| Microsoft -- .NET Framework
| Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to bypass access restrictions via unspecified "URL paths" that can access Application Folder objects "explicitly by name." | | 2.3 | CVE-2006-1300 MS BID FRSIRT SECTRACK SECUNIA XF
| Microsoft -- Server Service
| The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability." | | 2.3 | CVE-2006-1315 MS BID XF
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) via a table with a frameset as a child, which triggers a null dereference, as demonstrated using the appendChild method. | | 2.3 | CVE-2006-3471 OTHER-REF BID FRSIRT OSVDB
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | | 2.3 | CVE-2006-3472 BID
| Microsoft -- Internet Explorer
| The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read. | | 1.9 | CVE-2006-3510 OTHER-REF BID FRSIRT OSVDB XF
| Microsoft -- Internet Explorer
| Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference. | | 2.3 | CVE-2006-3511 OTHER-REF BID
| Microsoft -- Internet Explorer
| Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference. | | 2.3 | CVE-2006-3512 BID FRSIRT XF
| Microsoft -- Internet Explorer
| danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it being initialized, which triggers a NULL pointer dereference. | | 2.3 | CVE-2006-3513 OTHER-REF BID FRSIRT
| Microsoft -- Internet Explorer
| ** DISPUTED ** Microsoft Internet Explorer 7.0 Beta allows remote attackers to cause a denial of service (application crash) via a web page with multiple empty APPLET start tags. NOTE: a third party has disputed this issue, stating that the crash does not occur with Microsoft Internet Explorer 7.0 Beta3. | | 2.3 | CVE-2006-3545 BUGTRAQ BUGTRAQ
| MT Orumcek -- Toplist
| MT Orumcek Toplist 2.2 stores DB/orumcektoplist.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request. | | 2.3 | CVE-2006-3557 BUGTRAQ
| MySQL -- MySQL
| Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. | | 1.6 | CVE-2006-3486 OTHER-REF OTHER-REF OTHER-REF FRSIRT
| NCP Network Communications -- Secure Client
| NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent attackers to send inbound UDP traffic with source port 67 and destination port 68, and outbound UDP traffic with source port 68 and destination port 67. | | 1.3 | CVE-2006-3551 FULLDISC XF
| Nuked-Klan -- Nuked-Klan
| Cross-site request forgery (CSRF) vulnerability in the del_block function in modules/Admin/block.php in Nuked-Klan 1.7.5 and earlier and 1.7 SP4.2 allows remote attackers to delete arbitrary "blocks" via a link with a modified bid parameter in a del_block op on the block page in index.php. | | 2.3 | CVE-2006-3479 BUGTRAQ FRSIRT SECUNIA XF
| Nullsoft -- SHOUTcast Server
| Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.6 filters directory traversal sequences before decoding, which allows remote attackers to read arbitrary files via encoded dot dot (%2E%2E) sequences in an HTTP GET request for a file path containing "/content". | | 3.3 | CVE-2006-3534 GENTOO OTHER-REF SHOUTCAST GENTOO SECUNIA
| NullSoft -- Shoutcast DSP
| Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.7 allows remote attackers to read arbitrary files via unspecifed vectors, which are a "slight variation" of CVE-2006-????. | | 2.3 | CVE-2006-3535 OTHER-REF OTHER-REF OTHER-REF GENTOO SECUNIA
| Papoo -- Papoo
| Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) parameters. | | 2.3 | CVE-2006-3571 BUGTRAQ OTHER-REF BID FRSIRT SECTRACK SECUNIA XF
| PHP-Blogger -- PHP-Blogger
| Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.php in PHP-Blogger 2.2.5, and possibly earlier versions, allow remote attackers to execute arbitrary web script or HTML via the (1) name, (2) title, (3) news, (4) description, and (5) sitename parameters. | | 2.3 | CVE-2006-3514 BUGTRAQ FRSIRT
| PHPMailList -- PHPMailList
| PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to (1) list.dat or (2) ml_config.dat. | | 2.3 | CVE-2006-3483 OTHER-REF SECTRACK
| PhpWebGallery -- PhpWebGallery
| Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | | 2.3 | CVE-2006-3476 BUGTRAQ BID FRSIRT SECUNIA
| Qbik -- WinGate
| Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands. | | 2.8 | CVE-2006-2917 OTHER-REF SECUNIA OTHER-REF BID FRSIRT
| Samba -- Samba
| The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. | | 2.3 | CVE-2006-3403 OTHER-REF MANDRIVA BID FRSIRT SECUNIA SECUNIA
| Stalker -- Communigate
| Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service (server crash) via unspecified vectors involving opening an empty inbox. | | 2.3 | CVE-2006-3477 OTHER-REF BID FRSIRT SECUNIA XF
| VirtuaStore -- VirtuaStore
| VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuastore.mdb. | | 2.3 | CVE-2006-3487 SECTRACK
| VirtuaStore -- VirtuaStore
| Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim. | | 2.3 | CVE-2006-3488 SECTRACK
| Winged Gallery -- Winged Gallery
| Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | | 2.3 | CVE-2006-3563 BUGTRAQ BID XF
| Zone Labs -- ZoneAlarm Internet Security Suite
| Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service (system crash) via a certain combination of these function calls with an HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum argument. | | 1.6 | CVE-2006-3540 BUGTRAQ OTHER-REF BID
| Zope -- Zope
| Unspecified vulnerability in Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) allows local users to obtain sensitive information via unknown attack vectors related to the docutils module and "restructured text". | | 1.6 | CVE-2006-3458 OTHER-REF SECUNIA
|