Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0.
Max CVSS
10.0
EPSS Score
90.99%
Published
2006-12-31
Updated
2021-04-07
Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1.3 allows remote attackers to execute arbitrary code by operating an FTP server that sends directory listings with (1) long user names or (2) long group names.
Max CVSS
10.0
EPSS Score
3.79%
Published
2006-12-31
Updated
2016-10-18
Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
4.59%
Published
2006-12-31
Updated
2023-12-15
Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198.
Max CVSS
9.3
EPSS Score
30.17%
Published
2006-12-31
Updated
2018-10-17
Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers 3.4.1.1 corruption allows attackers to execute arbitrary code via a long name argument.
Max CVSS
7.5
EPSS Score
0.39%
Published
2006-12-31
Updated
2018-10-17
Buffer overflow in the validateospheader function in the Open Settlement Protocol (OSP) module in OpenSER 1.1.0 and earlier allows remote attackers to execute arbitrary code via a crafted OSP header.
Max CVSS
7.5
EPSS Score
3.79%
Published
2006-12-31
Updated
2018-10-17
Buffer overflow in the sendToMythTV function in MythControlServer.c in MythControl 1.0 and earlier allows remote attackers to execute arbitrary code via a crafted sendStr string to the Bluetooth interface. NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
15.74%
Published
2006-12-31
Updated
2018-10-17
The qcamvc_video_init function in qcamvc.c in De Marchi Daniele QuickCam VC Linux device driver (aka quickcam-vc) 1.0.9 and earlier does not properly check a boundary, triggering memory corruption, which might allow attackers to execute arbitrary code via a crafted QuickCam object.
Max CVSS
7.5
EPSS Score
0.53%
Published
2006-12-31
Updated
2018-10-17
Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002.
Max CVSS
10.0
EPSS Score
8.70%
Published
2006-12-31
Updated
2017-10-19
Multiple stack-based buffer overflows in the (1) LoadTree, (2) ReadHeader, and (3) LoadXBOXTree functions in the ISO (iso_wincmd) plugin 1.7.3.3 and earlier for Total Commander allow user-assisted remote attackers to execute arbitrary code via a long pathname in an ISO image.
Max CVSS
6.8
EPSS Score
9.65%
Published
2006-12-31
Updated
2018-10-17
The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability.
Max CVSS
7.5
EPSS Score
1.37%
Published
2006-12-28
Updated
2017-10-19
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.
Max CVSS
9.3
EPSS Score
12.73%
Published
2006-12-27
Updated
2018-08-13

CVE-2006-6761

Public exploit
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
Max CVSS
6.5
EPSS Score
16.56%
Published
2006-12-27
Updated
2011-03-08
Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allows remote attackers to execute arbitrary code via crafted LDAP requests.
Max CVSS
10.0
EPSS Score
6.61%
Published
2006-12-23
Updated
2011-03-08

CVE-2006-6707

Public exploit
Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long argument string to the TraceTarget method. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
81.13%
Published
2006-12-23
Updated
2008-09-05
Multiple buffer overflows in zabbix before 20061006 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via long strings to the (1) zabbix_log and (2) zabbix_syslog functions.
Max CVSS
7.5
EPSS Score
0.78%
Published
2006-12-21
Updated
2011-03-08
Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using (1) zabbix_log or (2) zabbix_syslog.
Max CVSS
7.5
EPSS Score
0.82%
Published
2006-12-21
Updated
2011-03-08
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.2
EPSS Score
0.04%
Published
2006-12-21
Updated
2010-07-16
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
1.25%
Published
2006-12-21
Updated
2019-11-13
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
8.50%
Published
2006-12-21
Updated
2018-10-17

CVE-2006-6665

Public exploit
Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.
Max CVSS
6.8
EPSS Score
92.07%
Published
2006-12-20
Updated
2017-10-19
Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the TopLevelLogger::logMessageV function in Misc/Logging.cpp. NOTE: some details were obtained from third party information.
Max CVSS
5.0
EPSS Score
5.24%
Published
2006-12-20
Updated
2011-03-08
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
Max CVSS
9.0
EPSS Score
2.29%
Published
2006-12-20
Updated
2018-10-17
Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information.
Max CVSS
6.8
EPSS Score
4.46%
Published
2006-12-20
Updated
2011-03-08
Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability."
Max CVSS
10.0
EPSS Score
15.23%
Published
2006-12-18
Updated
2018-10-17
821 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!