CVE-2006-0992

Public exploit
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier.
Max CVSS
10.0
EPSS Score
35.09%
Published
2006-04-14
Updated
2018-10-18

CVE-2006-1255

Public exploit
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
Max CVSS
10.0
EPSS Score
89.53%
Published
2006-03-19
Updated
2017-07-20

CVE-2006-2630

Public exploit
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.
Max CVSS
10.0
EPSS Score
97.11%
Published
2006-05-27
Updated
2018-10-18

CVE-2006-3439

Public exploit
Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
Max CVSS
10.0
EPSS Score
96.55%
Published
2006-08-09
Updated
2018-10-12

CVE-2006-3838

Public exploit
Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code via long (1) DELTAINTERVAL, (2) LOGFOLDER, (3) DELETELOGS, (4) FWASERVER, (5) SYSLOGPUBLICIP, (6) GETFWAIMPORTLOG, (7) GETFWADELTA, (8) DELETERDEPDEVICE, (9) COMPRESSRAWLOGFILE, (10) GETSYSLOGFIREWALLS, (11) ADDPOLICY, and (12) EDITPOLICY commands to the Syslog daemon (syslogserver.exe); (13) GUIADDDEVICE, (14) ADDDEVICE, and (15) DELETEDEVICE commands to the Topology server (Topology.exe); the (15) LICMGR_ADDLICENSE command to the License Manager (EnterpriseSecurityAnalyzer.exe); the (16) TRACE and (17) QUERYMONITOR commands to the Monitoring agent (Monitoring.exe); and possibly other vectors related to the Syslog daemon (syslogserver.exe).
Max CVSS
10.0
EPSS Score
31.03%
Published
2006-07-27
Updated
2018-10-17

CVE-2006-4305

Public exploit
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.
Max CVSS
10.0
EPSS Score
96.65%
Published
2006-08-30
Updated
2018-10-17

CVE-2006-4691

Public exploit
Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.
Max CVSS
10.0
EPSS Score
96.35%
Published
2006-11-14
Updated
2018-10-17

CVE-2006-5156

Public exploit
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
Max CVSS
10.0
EPSS Score
97.34%
Published
2006-10-05
Updated
2017-07-20

CVE-2006-5815

Public exploit
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."
Max CVSS
10.0
EPSS Score
54.09%
Published
2006-11-08
Updated
2018-10-17

CVE-2006-6076

Public exploit
Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.
Max CVSS
10.0
EPSS Score
29.78%
Published
2006-11-24
Updated
2021-04-07

CVE-2006-6183

Public exploit
Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command.
Max CVSS
10.0
EPSS Score
79.10%
Published
2006-12-01
Updated
2018-10-17

CVE-2006-6184

Public exploit
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
Max CVSS
10.0
EPSS Score
59.68%
Published
2006-12-01
Updated
2018-10-17

CVE-2006-6423

Public exploit
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
Max CVSS
10.0
EPSS Score
84.88%
Published
2006-12-12
Updated
2018-10-17

CVE-2006-1359

Public exploit
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.
Max CVSS
9.3
EPSS Score
97.33%
Published
2006-03-23
Updated
2021-07-23

CVE-2006-3730

Public exploit
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
Max CVSS
9.3
EPSS Score
97.22%
Published
2006-07-21
Updated
2021-07-23

CVE-2006-4868

Public exploit
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
Max CVSS
9.3
EPSS Score
17.98%
Published
2006-09-19
Updated
2021-07-23

CVE-2006-1652

Public exploit
Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
Max CVSS
9.0
EPSS Score
95.27%
Published
2006-04-06
Updated
2018-10-18

CVE-2006-6424

Public exploit
Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.
Max CVSS
9.0
EPSS Score
89.57%
Published
2006-12-27
Updated
2018-10-17

CVE-2006-6425

Public exploit
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
Max CVSS
9.0
EPSS Score
16.33%
Published
2006-12-27
Updated
2018-10-17

CVE-2006-0900

Public exploit
nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite.
Max CVSS
7.8
EPSS Score
96.59%
Published
2006-02-27
Updated
2017-07-20

CVE-2006-0988

Public exploit
The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
Max CVSS
7.8
EPSS Score
1.48%
Published
2006-03-03
Updated
2018-10-18

CVE-2006-3942

Public exploit
The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. NOTE: the name "Mailslot DOS" was derived from incomplete initial research; the vulnerability is not associated with a mailslot.
Max CVSS
7.8
EPSS Score
97.00%
Published
2006-07-31
Updated
2018-10-17

CVE-2006-0476

Public exploit
Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
Max CVSS
7.6
EPSS Score
72.53%
Published
2006-01-31
Updated
2018-10-19

CVE-2006-3747

Public exploit
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
Max CVSS
7.6
EPSS Score
97.40%
Published
2006-07-28
Updated
2023-02-13

CVE-2006-4777

Public exploit
Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.
Max CVSS
7.6
EPSS Score
97.26%
Published
2006-09-14
Updated
2018-10-17
86 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!