Filtered by vendor
Subscriptions
Total
2704 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-6297 | 1 Kde | 1 Kdegraphics | 2024-11-21 | N/A |
Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion. | ||||
CVE-2006-6296 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-11-21 | N/A |
The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644. | ||||
CVE-2006-5966 | 1 Panda | 1 Activescan | 2024-11-21 | N/A |
Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control. | ||||
CVE-2006-5857 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2024-11-21 | N/A |
Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. | ||||
CVE-2006-5789 | 1 Jgaa | 1 Warftpd | 2024-11-21 | N/A |
War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" format strings in (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, and possibly other commands. NOTE: it is possible that vector 1 is an off-by-one variant or incomplete fix of CVE-2005-0312. | ||||
CVE-2006-5757 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures. | ||||
CVE-2006-5728 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2024-11-21 | N/A |
XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags. | ||||
CVE-2006-5656 | 1 Vilistextum | 1 Vilistextum | 2024-11-21 | N/A |
Memory leak in the push_align function in src/util.c in Vilistextum before 2.6.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the tmp_align variable. NOTE: it is not clear whether this is a vulnerability, due to the functionality of the product. | ||||
CVE-2006-5645 | 1 Sophos | 2 Anti-virus, Endpoint Security | 2024-11-21 | N/A |
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero. | ||||
CVE-2006-5619 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. | ||||
CVE-2006-5568 | 1 Datawizard | 1 Ftpxq | 2024-11-21 | N/A |
FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command. | ||||
CVE-2006-5467 | 2 Redhat, Yukihiro Matsumoto | 2 Enterprise Linux, Ruby | 2024-11-21 | N/A |
The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID. | ||||
CVE-2006-5424 | 1 Justsystem | 1 Ichitaro | 2024-11-21 | N/A |
Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326. | ||||
CVE-2006-4924 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-11-21 | N/A |
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. | ||||
CVE-2006-4855 | 1 Symantec | 7 Client Security, Host Ids, Norton Antivirus and 4 more | 2024-11-21 | N/A |
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. | ||||
CVE-2006-4814 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. | ||||
CVE-2006-4775 | 1 Cisco | 2 Catos, Ios | 2024-11-21 | N/A |
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. | ||||
CVE-2006-4774 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | ||||
CVE-2006-4535 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch. | ||||
CVE-2006-4517 | 1 Novell | 1 Imanager | 2024-11-21 | N/A |
Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference. |