CVE-2006-0027

Public exploit
Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.
Max CVSS
7.5
EPSS Score
97.31%
Published
2006-05-10
Updated
2020-04-09
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
Max CVSS
7.5
EPSS Score
92.24%
Published
2006-05-10
Updated
2019-04-30
Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE.
Max CVSS
4.7
EPSS Score
0.07%
Published
2006-05-19
Updated
2023-02-13
Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveData ICCP Server before 5.00.035 allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
Max CVSS
7.5
EPSS Score
23.98%
Published
2006-05-19
Updated
2017-07-20
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.
Max CVSS
7.5
EPSS Score
10.86%
Published
2006-05-09
Updated
2023-08-11
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key.
Max CVSS
7.2
EPSS Score
0.04%
Published
2006-05-10
Updated
2017-07-20
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
Max CVSS
5.0
EPSS Score
48.60%
Published
2006-05-23
Updated
2018-10-19
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.
Max CVSS
5.0
EPSS Score
2.10%
Published
2006-05-10
Updated
2018-10-18
Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.
Max CVSS
7.5
EPSS Score
93.55%
Published
2006-05-10
Updated
2018-10-18
The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.
Max CVSS
2.1
EPSS Score
0.06%
Published
2006-05-05
Updated
2018-10-30
Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1.0.0 allows remote attackers to execute arbitrary code via vectors related to the TDC Digital signature.
Max CVSS
5.0
EPSS Score
17.80%
Published
2006-05-09
Updated
2018-10-18
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
Max CVSS
3.7
EPSS Score
0.15%
Published
2006-05-28
Updated
2020-08-11
The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and write files in arbitrary locations by accessing the control from a web page.
Max CVSS
4.0
EPSS Score
0.39%
Published
2006-05-31
Updated
2017-07-20
Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.
Max CVSS
5.0
EPSS Score
14.38%
Published
2006-05-10
Updated
2019-04-30
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events.
Max CVSS
2.1
EPSS Score
0.26%
Published
2006-05-12
Updated
2017-07-20
BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links.
Max CVSS
2.1
EPSS Score
0.08%
Published
2006-05-12
Updated
2017-07-20
Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding.
Max CVSS
7.5
EPSS Score
6.94%
Published
2006-05-12
Updated
2017-07-20
The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle.
Max CVSS
7.5
EPSS Score
0.95%
Published
2006-05-12
Updated
2017-07-20
Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions.
Max CVSS
6.5
EPSS Score
0.51%
Published
2006-05-12
Updated
2017-07-20
CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services.
Max CVSS
2.1
EPSS Score
0.06%
Published
2006-05-12
Updated
2017-07-20
Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling."
Max CVSS
6.5
EPSS Score
1.33%
Published
2006-05-12
Updated
2017-07-20
Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked.
Max CVSS
5.0
EPSS Score
0.82%
Published
2006-05-12
Updated
2017-07-20
LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file.
Max CVSS
5.0
EPSS Score
1.09%
Published
2006-05-12
Updated
2017-07-20
Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme.
Max CVSS
6.5
EPSS Score
0.51%
Published
2006-05-12
Updated
2017-07-20
Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment.
Max CVSS
7.5
EPSS Score
6.94%
Published
2006-05-12
Updated
2017-07-20
583 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!