Filtered by vendor
Subscriptions
Total
2704 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-1993 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim. | ||||
CVE-2006-1992 | 1 Microsoft | 1 Internet Explorer | 2024-11-21 | N/A |
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable. | ||||
CVE-2006-1991 | 1 Php | 1 Php | 2024-11-21 | N/A |
The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument. | ||||
CVE-2006-1790 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2024-11-21 | N/A |
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption. | ||||
CVE-2006-1593 | 2 X-doom, Zdaemon | 2 X-doom, Zdaemon | 2024-11-21 | N/A |
The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for (a) Zdaemon 1.08.01 and (b) X-Doom allows remote attackers to cause a denial of service (crash) via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array index. | ||||
CVE-2006-1549 | 1 Php | 1 Php | 2024-11-21 | N/A |
PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected. | ||||
CVE-2006-1525 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference. | ||||
CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | ||||
CVE-2006-1338 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2024-11-21 | N/A |
Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors involving "incorrectly encoded quoted-printable emails". | ||||
CVE-2006-1305 | 1 Microsoft | 2 Office, Outlook | 2024-11-21 | N/A |
Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers. | ||||
CVE-2006-1275 | 1 Ggz Gaming Zone | 1 Ggz Gaming Zone | 2024-11-21 | N/A |
GGZ Gaming Zone 0.0.12 allows remote attackers to cause a denial of service (client disconnect) via inputs that produce malformed XML, including (1) trailing ' (apostrophe) character on the ID attribute in a PLAYER XML tag, (2) joining with a long ID attribute or non-trailing ' characters, which causes a <none> name to be assigned, and then disconnecting, or (3) a long CDATA message attribute, which prevents closing tags from being added to the string. | ||||
CVE-2006-1173 | 2 Redhat, Sendmail | 2 Enterprise Linux, Sendmail | 2024-11-21 | N/A |
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files. | ||||
CVE-2006-0967 | 1 Ncp Network Communications | 1 Secure Client | 2024-11-21 | N/A |
NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (memory usage and cpu utilization) via a flood of arbitrary UDP datagrams to ports 0 to 65000. NOTE: this issue was reported as a buffer overflow, but that term usually does not apply in flooding attacks. | ||||
CVE-2006-0966 | 1 Ncp Network Communications | 1 Secure Client | 2024-11-21 | N/A |
NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a large number of arguments to ncprwsnt.exe, possibly due to a buffer overflow. | ||||
CVE-2006-0911 | 1 Ipswitch | 1 Whatsup | 2024-11-21 | N/A |
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear. | ||||
CVE-2006-0883 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2024-11-21 | N/A |
OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. | ||||
CVE-2006-0749 | 2 Mozilla, Redhat | 5 Firefox, Mozilla Suite, Seamonkey and 2 more | 2024-11-21 | N/A |
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption. | ||||
CVE-2006-0748 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-11-21 | N/A |
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index. | ||||
CVE-2006-0622 | 1 Qnx | 1 Rtos | 2024-11-21 | N/A |
QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break *0xb032d59f" command to gdb. | ||||
CVE-2006-0454 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value. |