Security Vulnerabilities, CVEs, Published In October 2006 (Memory corruption)
CVE-2006-5614
Public exploit
Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference.
Max CVSS
2.6
EPSS Score
97.07%
Published
2006-10-31
Updated
2017-10-19
The drmstor.dll ActiveX object in Microsoft Windows Digital Rights Management System (DRM) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long parameter to the StoreLicense function, which triggers "memory corruption" and possibly a buffer overflow.
Max CVSS
7.5
EPSS Score
5.16%
Published
2006-10-23
Updated
2018-10-17
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call.
Max CVSS
4.9
EPSS Score
0.04%
Published
2006-10-12
Updated
2017-07-20
Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows context-dependent attackers to cause a denial of service ("memory corruption" and crash) via a crafted PICT image that is not properly handled by a certain "unsupported QuickDraw operation."
Max CVSS
5.1
EPSS Score
1.86%
Published
2006-10-03
Updated
2017-07-20
Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "array boundary condition" (possibly an array index overflow), a different vulnerability than CVE-2006-3434, CVE-2006-3650, and CVE-2006-3868.
Max CVSS
9.3
EPSS Score
81.72%
Published
2006-10-10
Updated
2018-10-17
Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.
Max CVSS
9.3
EPSS Score
57.89%
Published
2006-10-10
Updated
2018-10-18
6 vulnerabilities found