NotCVE - vendor:"Debian" product:"Debian Linux" version:"3.1"

Page 11 of 156 results (0.010 seconds)

CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 0

CVE-2006-4482

https://notcve.org/view.php?id=CVE-2006-4482

31 Aug 2006 — Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990. Múltiples vulnerabilidades de desbordamiento de búfer en las funciones (1) str_repeat y (2) wordwrap en ext/standard/string.c en PHP anterior a 5.1.5, cuando se uso sobre sistemas de 64-bit, tiene un impacto desconocido y ataque a vectores, una vulnerabilidad ... • ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2006-4093

https://notcve.org/view.php?id=CVE-2006-4093

21 Aug 2006 — Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." El núcleo de Linux 2.x.6 anterior a 2.6.17.9 y 2.4.x anterior a 2.4.33.1 en sistemas PowerPC PPC970 permite a usuarios locales provocar una denegación de servicio (caída) relacionada con "activación de la atención a HID0 en PPC970 en tiempo de arranque". • http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1 •

CVSS: 7.6EPSS: 92%CPEs: 7EXPL: 5

CVE-2006-3747 – Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow

https://notcve.org/view.php?id=CVE-2006-3747

28 Jul 2006 — Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules. Error de superación de límite (off-by-one) en el esquema ldap manejado en el modulo Rewrite (mod_rewrite) en Apache 1.3 desde 1.3.28, 2.0.... • https://www.exploit-db.com/exploits/2237 • CWE-189: Numeric Errors •

CVSS: 6.1EPSS: 91%CPEs: 8EXPL: 5

CVE-2006-3918 – Apache 1.3.35/2.0.58/2.2.2 - Arbitrary HTTP Request Headers Security

https://notcve.org/view.php?id=CVE-2006-3918

28 Jul 2006 — http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file. http_protocol.c en (1) IBM HTTP Server 6.0 anterioa a 6.0.2.13 y 6... • https://www.exploit-db.com/exploits/28424 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2006-2935

https://notcve.org/view.php?id=CVE-2006-2935

05 Jul 2006 — The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. La función dvd_read_bca en el código de manejo de los DVD en el fichero drivers/cdrom/cdrom.c del kernel de Linux v2.2.16 y posteriores, asigna un valor incorrecto a la variable "length" (longitud), lo que permite a usuarios loca... • http://bugzilla.kernel.org/show_bug.cgi?id=2966 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 10%CPEs: 6EXPL: 1

CVE-2006-2661 – FreeType - '.TTF' File Remote Denial of Service

https://notcve.org/view.php?id=CVE-2006-2661

30 May 2006 — ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. • https://www.exploit-db.com/exploits/27993 • CWE-476: NULL Pointer Dereference •

CVSS: 6.1EPSS: 25%CPEs: 3EXPL: 13

CVE-2006-2016 – phpLDAPadmin 0.9.8 - 'copy_form.php' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2006-2016

25 Apr 2006 — Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template_engine.php, and (e) delete_form.php; (2) scope parameter in (f) search.php; and (3) Container DN, (4) Machine Name, and (5) UID Number fields in (g) template_engine.php. • https://www.exploit-db.com/exploits/27718 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

CVE-2006-1753

https://notcve.org/view.php?id=CVE-2006-1753

18 Apr 2006 — A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. • http://secunia.com/advisories/19675 •

CVSS: 9.8EPSS: 29%CPEs: 4EXPL: 0

CVE-2006-1530

https://notcve.org/view.php?id=CVE-2006-1530

14 Apr 2006 — Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •

CVSS: 9.8EPSS: 29%CPEs: 4EXPL: 0

CVE-2006-1531

https://notcve.org/view.php?id=CVE-2006-1531

1...9 10 11 12 13